[Owasp-board] Board meeting tomorrow -Industry outreach - can we put this on the agenda?

Eoin eoin.keary at owasp.org
Mon Nov 30 13:21:29 UTC 2009


A few ideas in relation to the industry outreach idea:
Is the board meeting a place to talk about such things?

Objective: For OWASP to listen to industry, government, national enterprise
state bodies and other standards organisations  in relation to "what are the
real problems facing you?" & "How can OWASP help?", "How do we mature web
application security" To define a roadmap consisting of both short term and
long term goals. Short term goals must support the longer term objectives.

Limit the activities defined to a very short list that is achieveable and
measureable within one calendar year.

1.Invite-only event + limited OWASP leaders (cant  overwhelm event with
OWASP delegates!)

2.Identifying a cross-section from many verticals. (Gov, FS, Energy,
Transport, Telecoms, Dev, Retail, etc)
Might have a break-out session for each of the industry verticals.: Closed
session where delegates can discuss openly issues facing them and
challenges. Limited to 2 hours. Each group session nominates a delegate to
present findings to the whole group (all delegates)

3.NDA/Code of conduct doc to be signed by ALL delegates. Organisations wont
send delegates or speak openly unless there is some from of information
control.

4.Wider meeting & presentations (from majority industry delegates and some
OWASP) to all attendees on what issues they have, in order of priority. - we
listen to industry

5.OWASP Board Panel discussion

6.OWASP industry panel meeting discussion

7. Agree and define a road map for OWASP & Industry supporting each other.

8 This may/should increase corporate sponsorship if delegates get something
out of it and make OWASP more relevant to industry.

"Currently Security conferences are presented by security people security
people. The Industry outreach programme is an attempt to change this model."


thoughts,
suggestions,


Eoin


7.One per year in Europe and One in the US to start, not forgetting AisaPac.




-- 
Eoin Keary
OWASP Global Board Member
OWASP Code Review Guide Lead Author
OWASP Ireland Chapter Lead
OWASP Global Committee Member (Industry)

http://asg.ie/
https://twitter.com/EoinKeary
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20091130/cb8d8a44/attachment-0002.html>


More information about the Owasp-board mailing list