[Global_industry_committee] CISO survey 2013 - status update - ready to go

Colin Watson colin.watson at owasp.org
Fri Nov 16 12:45:11 UTC 2012


Tobias

Well done for progressing this.

Colin


On 15 November 2012 17:15, Eoin <eoin.keary at owasp.org> wrote:
> Sure I will, I'll put it in google docs for review. It think it is important
> to clarify that value a person gives by completing the survey. It helps with
> the owasp roadmap, helps cisos see what others are doing. We see what's
> important by individual verticals, how they see app sec. Etc etc
>
>
>
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
>
>
> On 15 Nov 2012, at 17:11, Tobias <tobias.gondrom at owasp.org> wrote:
>
> On 16/11/12 01:07, Eoin wrote:
>
> Finally the CISO survey is going live. (1.5 years after initial draft) :)
>
> I shall contact the industry ciso people I know. Do we have a template email
> which is consistent so we can all use?
>
>
> Not yet.
> Do you want to prepare one?
> (Am a little busy this week and should be able to make some time end of next
> week to write an email template etc., but you might be faster.)
>
> Tobias
>
>
>
> Great job!!
>
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
>
>
> On 15 Nov 2012, at 16:46, marco.m.morana at gmail.com wrote:
>
> Tobias, thanks for the effort, will coordinate with Jasmine @ NYC chapter
> and Tony @ Atlanta chapter to publicize the link with the survey as well as
> distribute a printed copy i created so we can start gathering responses from
> people attending the NYC meeting today and the CISO round table breakfast in
> Atlanta tomorrow.
>
> Regards
> Marco
>
> Sent from my iPad
>
> On 15 Nov 2012, at 11:06, Tobias <tobias.gondrom at owasp.org> wrote:
>
> Hello dear GIC fellows,
>
> a little status update on the CISO survey:
>
> thank you all so much for your feedback and input!
> I just finished to include all your feedback into the CISO survey
> questionnaire. Unfortunately it took a little longer, but I hope a total
> time of 4 weeks that we have been working on this should still be
> acceptable. Unfortunately this delay may make it difficult for Marco to push
> out the survey right away with his CISO guide presentation tonight in NYC.
> (my apologies).
>
> https://www.owasp.org/index.php/Industry:GIC_CISO_Survey_2013
>
> Next steps are:
> 1. Kate was so kind to agree to put the questions into Surveymonkey
>
> 2. Sending out Survey:
> 2.1. I have latent agreements (which I still have to work on to finalise and
> coordinate with you and our board) with EC-Council and ISC2 to send this to
> their CCISO (EC-Council) lists and to the list of Info Sec Managers at ISC2
> members. When we have the survey in surveymonkey I will follow up with both
> organisations and they can send out the link to the survey to their user
> database.)
>
> 2.2. Beyond that I propose that each one of us will also send the link to
> our contacts directly.
>
> 3. Treat participant email addresses confidential:
> Please note that there is an optional email field in the survey for people
> who want to later receive the finished report via email. This list of CISO
> emails, we should treat as confidential and need-to-know only and remove
> from the normal survey data before evaluating the data by the whole team and
> only use the addresses to send the finished report to the people afterwards.
> I could imagine that some organizations or companies might seek this kind of
> information quite a lot, so we should be handling it with due care and
> protecting it against disclosure or abuse.
>
> Just MHO.
>
> Best regards, Tobias
>
>
>
>


More information about the Global_industry_committee mailing list