[Owasp-board] Update on 2016 AppSec Conference & 'Call to Host'

Jim Manico jim.manico at owasp.org
Thu Feb 26 22:47:42 UTC 2015


+1

--
Jim Manico
@Manicode
(808) 652-3805

On Feb 26, 2015, at 11:19 PM, Noreen Whysel <noreen.whysel at owasp.org> wrote:

Josh,

At my old job,the IA Institute relied on a tiered combination of global and
local sponsors. It is a model that works best for regional events, but for
international level events, gives local companies potential exposure to a
global market if they have the interest and means to expand globally. We
tended to see global sponsors signing on for exhibitor tables, donating
software, and writing big checks to cover operational expenses, while local
sponsors who know the lay of the land would play host by doing networking
events or speaker dinners at local taverns and restaurants, or cover food
(local caterers) and venue (if held at a corporate office).

Noreen Whysel
Community Manager
OWASP Foundation

On Feb 26, 2015, at 3:57 PM, Josh Sokol <josh.sokol at owasp.org> wrote:

Having been the Chair of AppSecUSA 2012, I can say that hosting an AppSec
Conference is a lot for a local team of volunteers to handle.  We did it
with minimal assistance from the Foundation for everything from
Sponsorships (had to find our own) to Sessions (had to solicit our own
speakers).  There was no Laura (or equivalent) at the time and Sarah's
feedback was about all we had in terms of guidance from the Foundation.
I'm pretty sure we've come a long ways since then, but I believe that we
still have a very heavy focus on the local boots on the ground doing the
majority of the work.  It's extremely tiresome and I literally told people
afterward that I would never do it again.  This situation was actually a
large part of my rationale for the Foundation to stop trying to take money
from the chapters who decide to put on conferences.  Every dollar taken
away from them is one less reason for them to want to host one of these.
We should be trying to incentivize as many chapters as possible to attempt
local conferences because it gives leaders the skills necessary to tackle
the big show.

My suggestion here, based on my experience, is to find a chapter with
strong project planning skills and a solid location.  When we move the
event year after year we lose every bit of experience with the venue and
processes and have to renegotiate everything from scratch.  Conference
planning is easiest when it's a formula, like LASCON.  Same location, very
few unknowns, solid performance YOY.  When you know what to expect, you can
focus more time and energy on improving the formula, rather than
re-inventing it.  If NYC or San Francisco fits that bill, and the local
planning team is willing to take it on, then I say we go all in and commit
to it.  Simultaneously, we need to commit to the local chapter leaders that
they will be rewarded handsomely for their efforts.  OWASP Austin got
exactly $0 from AppSecUSA 2012.  I believe that the profit sharing policy
was changed the next year though so that may already be addressed.
Regardless, if you are asking these leaders to spend a year of their lives
to make the conference a success, then they should be rewarded with a year
of chapter funding.  I also think that we need to significantly bump up the
level of support from the Foundation.  Perhaps it's changed since we ran
it, but conference planners should handle venue, schedule, speaker
selection, volunteers, etc.  They should not be responsible for finding
sponsors.  That should be handled entirely by the Foundation as it takes a
huge weight off their shoulders.  I'm sure there's more that's not coming
to mind right now, but hopefully that's helpful for this conversation.

~josh

On Thu, Feb 26, 2015 at 2:32 PM, Michael Coates <michael.coates at owasp.org>
wrote:

> One other note: I do think the path forward is likely a hybrid model. But
> to be far, the announcement for 2016 went out on Dec 26 and I haven't seen
> another email since. I wouldn't be surprised if everyone missed it. That
> said, we'd still likely only get 1 or 2 submissions and it's unknown if
> we'd want to go to that location.
>
>
> --
> Michael Coates | @_mwc <https://twitter.com/intent/user?screen_name=_mwc>
> OWASP Global Board
> Join me at AppSecUSA <http://AppSecUSA.org> 2015 in San Francisco!
>
>
>
>
> On Thu, Feb 26, 2015 at 12:30 PM, Jim Manico <jim.manico at owasp.org> wrote:
>
>> Michael,
>>
>> I'm a fan of that as well. A stable location has a better potential for
>> growth. These events are so crucial to our fiscal health I like the idea of
>> additional professional support to run a stable event. We sure do run these
>> major events with minimal staff...
>>
>> NYC seems to have huge potential. Perhaps SF too, lets see how we do this
>> year.
>>
>> Details aside, I agree with your general vision here.
>>
>> Cheers,
>> --
>> Jim Manico
>> @Manicode
>> (808) 652-3805
>>
>> On Feb 26, 2015, at 9:25 PM, Michael Coates <michael.coates at owasp.org>
>> wrote:
>>
>> I'm not surprised and was prepared that this day would come. It is a tall
>> order to host and lots of risk for our org to nearly start from scratch
>> each event.
>>
>> I'd like to discuss a hybrid model that is led by foundation in preset
>> locations where we can leverage known resources for repeatability and
>> scale. We can still rotate to some degree but it's between known locations.
>> This combined with a community effort for some aspects and dedicated new
>> staff resources would work well. We gain stability and still leverage
>> community for some aspects while driving from the foundation.
>>
>>
>>
>>
>>
>> On Feb 26, 2015, at 12:13 PM, Paul Ritchie <paul.ritchie at owasp.org>
>> wrote:
>>
>> Hello OWASP Board members:
>>
>> Issue: During our OWASP staff meeting today we discussed that we have not
>> received any proposals to host an AppSec Conference in 2016.
>> Laura put out the call for proposals back in late December, and it was
>> followed up in our Connector newsletter. The Deadline for submissions was
>> February 27. Although several people looked seriously at the prospect of
>> hosting, none have submitted a formal proposal to host the 2016 AppSec.
>>
>> Next Steps: I plan to extend the 'Call for Proposals' period another 3
>> weeks to see if we can stimulate some additional interest for our AppSec
>> conferences in Europe & US. To accomplish that, I have streamlined Laura's
>> original email and plan to resend no later than Monday, March 2 to our
>> Leaders & Community email group lists.
>>
>> During our Staff meeting today we discussed several good options in case
>> we don't receive a proposal, but first, lets give the Community another
>> opportunity to 'step up' and 'take the lead' for our 2016 events.
>>
>> Just FYI for now since several of you were asking about progress in this
>> area.
>> Paul
>>
>> ========== TEXT OF APPSEC2016 CALL FOR PROPOSALS =============
>>
>> Hello All,
>>
>> Is your Chapter or Region interested in hosting our 2016 AppSec
>> Conference for Europe or USA?  OWASP is actively seeking proposals and we
>> encourage any community member interested in hosting a​n *OWASP**​ ​**Global
>> **Conference* to submit a proposal.
>>
>>
>>
>> Hosting a conference requires commitment, responsibility and a lot of
>> time, energy and effort to properly plan and implement a conference. For
>> more information see the How to Host a Conference page.
>> https://www.owasp.org/index.php/How_to_Host_a_Conference
>>
>>
>>
>> The dates of each OWASP Global AppSec conference vary somewhat each year
>> but ideally the conference is held:
>>
>> ·        Europe ​- Q2​ 2016
>>
>> ·        North America​ - Q3​ 2016
>>
>> To bid for a 201​6 OWASP Global AppSec please complete the OCMS form
>> http://www.tfaforms.com/301382 with the following information *by March
>> 2**​**0th, 201**​**5**.**   Please include the following information.*
>>
>>
>>
>> 1. The proposed city and host chapter.
>>
>>
>>
>> 2. The name of the intended local organizer and his/her team committed to
>> the task for 201​6​
>>
>> along with a brief explanation on why the conference committee wants to
>> organize an OWASP Global AppSec.  Include anticipated help from volunteers
>> before and at the conference.
>>
>>
>>
>> 3. Previous conferences or local/regional events experience of the
>> conference committee.
>>
>>
>>
>> 4. The intended dates for the conference. (Typically includes 2 days of
>> pre-conference training, followed by 2 days of conference talks).
>>
>>
>>
>> 5. Venue recommendations. If possible, assurance that the following will
>> be available:
>>
>> - A large auditorium with multiple training / lecture rooms near the main
>> auditorium.
>>
>> - Projection & internet facilities in all rooms up to modern standards.
>>
>> - A suitable networking space near the rooms for registration, breaks and
>> other activities.
>>
>> - A hall near the rooms for sponsor exhibitions.
>>
>> - Green room, storage room, breakout room, capture the flag area, etc.
>>
>>  6. Budget. Please use the form on google docs
>> https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AhOGWXgQrDnddE9nZnh1UEZzUHJ2cl85R2hVd2IxRGc&usp=drive_web#gid=0 (Since
>> many of the categories of expenses are optional, consider this a check
>> list. You can add as many items as you want and you do not need to fill in
>> every box if you do not want it to be included in your event.)
>>
>>
>>
>> 7. Possible "big name" speakers in AppSec who might be plenary speakers
>> with low travel costs.
>>
>>
>>
>> 8. Realistic prospects for obtaining sponsorship from outside bodies,
>> e.g., companies, universities, scientific institutes, media, government,
>> etc.
>>
>>
>>
>> By submitting an application, you are already demonstrating your
>> commitment to OWASP. We really appreciate every proposal we receive,
>> however not every proposal will be approved. The selection process that
>> will be made by the OWASP operations team with input from previous AppSec
>> organizing teams.
>>
>> · Preference will be given to the community that demonstrates more
>> engagement.
>>
>> · Preference will be given to the team that has successful experience
>> organizing local/regional events.
>>
>> · Preference will be given to a location that has not recently hosted a
>> Global AppSec conference.
>>
>> · Geographic coverage will be considered when selecting conference sites.
>>
>>
>>
>> *The deadline for applications is March 20th. *
>>
>>
>>
>> Should you have any questions concerning the proposal process or need
>> assistance with your application, please do not hesitate to contact me.  We
>> are looking forward to your proposals!
>>
>>
>>
>> Paul Ritchie, OWASP Executive Director
>>
>> paul.ritchie at owasp.org
>>
>>  _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>> _______________________________________________
>> Owasp-board mailing list
>> Owasp-board at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-board
>>
>>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
_______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-board

_______________________________________________
Owasp-board mailing list
Owasp-board at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-board
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150226/305ed680/attachment-0001.html>


More information about the Owasp-board mailing list