[Global_industry_committee] CISO survey: identification of interview candidates and volunteers

Rex Booth rex.booth at owasp.org
Wed Nov 9 21:38:43 EST 2011


All,

As you may know, one of the current endeavors of the GIC is the OWASP 
CISO survey.  The intent is to interview and survey senior information 
security leaders (CISOs or their equivalent) across industries and 
countries to better understand their approach, status and challenges 
regarding application security.  The results of this survey will help 
OWASP better focus its efforts on what is needed by industry leaders.

Two of the initial steps in this process is the identification of people 
to interview and the call for volunteers to conduct these interviews.  
Accordingly:

*1) If you are interested in participating in this effort as an 
interviewer, please let me know.*

and

*2) Please examine your personal network and identify people who you 
think would be good candidates for an interview / survey, complete the 
below table, and send it to me. *

Remember, we're looking for CISO or CISO-like people.  At this point I'm 
simply gathering a list of potential interview candidates to determine 
our visibility across industries and geography.  Nobody will be 
contacted yet, so I'm just asking for a subset of the information we'll 
eventually need.  I've inserted an example:

*Title*

	

Employer

	

Industry

	

Country

	

OWASP POC

*CISO*

	

US DOJ

	

Gov

	

USA

	

Rex Booth

**

	

	

	

	


A couple predicted questions and answers:

    *Q.* Will the results be anonymous?
    *A.* Absolutely.  Only aggregate and anonymous data will be revealed
    in our report and analysis.  Only the interviewer and the survey
    consolidator will be able to correlate responses to individuals. 
    That correlation will not be shared with anybody, including myself.

    *Q.* Will these interviews and results be used for business development?
    *A.* No.  This survey will be executed in accordance with OWASP
    culture and will forbid the use of any aspect for sales.  If this
    helps OWASP or you build or strengthen a relationship, that's fine,
    but any explicit or implied business development within the context
    of this survey is verboten.

    *Q.* Why aren't you sending this email to the leaders list?
    *A.* I will eventually, but I want to start with a smaller group
    before unleashing this to the lion's den.

  Thanks in advance for your assistance.  If you have any questions, 
please let me know.

Rex
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_industry_committee/attachments/20111109/df3022ea/attachment.html 


More information about the Global_industry_committee mailing list