[Owasp-board] Update on 2016 AppSec Conference & 'Call to Host'

Andrew van der Stock vanderaj at owasp.org
Mon Mar 2 06:32:19 UTC 2015


The LatAm tour concept might be a good choice for the AsiaPac region -
smaller events in each capital city, possibly abutting another infosec
conference in the area, like HiTB or KiwiCon.

In 2011, we had problems where if we couldn't provide a local AUD invoice
with credit card facilities, .gov.au and .edu.au folks could not attend.
Having smaller events with a few key cities such as Hong Kong, Tokyo, KL,
Singapore, Jakarta, Sydney and Auckland would be great. With the exception
of Auckland, all of these cities have > 4m populace, plus easy flight
routes and accommodation choices for attendees.

thanks
Andrew


On Mon, Mar 2, 2015 at 8:10 AM, Bil Corry <bil.corry at owasp.org> wrote:

> For Europe, I read that Luxembourg offers an incentive for hosting
> conferences in the country.  "For example, a conference with over 100
> registered participants and 100 hotel bookings can receive up to 18,000
> euros in support, providing at least half of the attendees have travelled
> to Luxembourg from abroad."
>
>
>
>
> http://www.wort.lu/en/business/mice-state-subsidies-more-support-for-luxembourg-business-tourism-54e4a9d70c88b46a8ce53c4b
>
>
>
> I don't know anything more about it than what that article says, but it
> might be worth considering.
>
>
>
> - Bil
>
>
>
>
>
> *From:* owasp-board-bounces at lists.owasp.org [mailto:
> owasp-board-bounces at lists.owasp.org] *On Behalf Of *Jim Manico
> *Sent:* Thursday, February 26, 2015 11:49 PM
> *To:* Michael Coates
> *Cc:* OWASP Foundation Board List
> *Subject:* Re: [Owasp-board] Update on 2016 AppSec Conference & 'Call to
> Host'
>
>
>
> And how about instead of giving one chapter a huge chunk of $ for a big
> national conference, spread it around - especially to new chapters who are
> low on funding.
>
> --
>
> Jim Manico
>
> @Manicode
>
> (808) 652-3805
>
>
> On Feb 26, 2015, at 11:24 PM, Michael Coates <michael.coates at owasp.org>
> wrote:
>
> Seems like there is lots of support for hybrid that puts much stronger
> foundation role for global events and leaves all regional and local events
> to local teams to lead (as they currently are).
>
>
>
> For global events (at least AppSecUSA) I'd float they idea of alternating
> NYC and San Francisco. Two huge markets where we'll have established
> location and partners. But I'd push back on our planning for local support
> - I think we should map out all the activities for an established location
> and see how many could be accomplished by foundation (with necessary
> staffing) and how many would need feet on the ground in the location. I bet
> we could find a model that worked pretty well. Plus, combine that with a
> task force of previous AppSecUSA advisors (i.e. previous planners) and
> you've got a great mix of skills.
>
>
>
> --
> Michael Coates | @_mwc <https://twitter.com/intent/user?screen_name=_mwc>
>
> OWASP Global Board
>
> Join me at AppSecUSA <http://AppSecUSA.org> 2015 in San Francisco!
>
>
>
>
>
>
>
> On Thu, Feb 26, 2015 at 2:18 PM, Noreen Whysel <noreen.whysel at owasp.org>
> wrote:
>
> Josh,
>
>
>
> At my old job,the IA Institute relied on a tiered combination of global
> and local sponsors. It is a model that works best for regional events, but
> for international level events, gives local companies potential exposure to
> a global market if they have the interest and means to expand globally. We
> tended to see global sponsors signing on for exhibitor tables, donating
> software, and writing big checks to cover operational expenses, while local
> sponsors who know the lay of the land would play host by doing networking
> events or speaker dinners at local taverns and restaurants, or cover food
> (local caterers) and venue (if held at a corporate office).
>
> Noreen Whysel
> Community Manager
>
> OWASP Foundation
>
>
> On Feb 26, 2015, at 3:57 PM, Josh Sokol <josh.sokol at owasp.org> wrote:
>
> Having been the Chair of AppSecUSA 2012, I can say that hosting an AppSec
> Conference is a lot for a local team of volunteers to handle.  We did it
> with minimal assistance from the Foundation for everything from
> Sponsorships (had to find our own) to Sessions (had to solicit our own
> speakers).  There was no Laura (or equivalent) at the time and Sarah's
> feedback was about all we had in terms of guidance from the Foundation.
> I'm pretty sure we've come a long ways since then, but I believe that we
> still have a very heavy focus on the local boots on the ground doing the
> majority of the work.  It's extremely tiresome and I literally told people
> afterward that I would never do it again.  This situation was actually a
> large part of my rationale for the Foundation to stop trying to take money
> from the chapters who decide to put on conferences.  Every dollar taken
> away from them is one less reason for them to want to host one of these.
> We should be trying to incentivize as many chapters as possible to attempt
> local conferences because it gives leaders the skills necessary to tackle
> the big show.
>
> My suggestion here, based on my experience, is to find a chapter with
> strong project planning skills and a solid location.  When we move the
> event year after year we lose every bit of experience with the venue and
> processes and have to renegotiate everything from scratch.  Conference
> planning is easiest when it's a formula, like LASCON.  Same location, very
> few unknowns, solid performance YOY.  When you know what to expect, you can
> focus more time and energy on improving the formula, rather than
> re-inventing it.  If NYC or San Francisco fits that bill, and the local
> planning team is willing to take it on, then I say we go all in and commit
> to it.  Simultaneously, we need to commit to the local chapter leaders that
> they will be rewarded handsomely for their efforts.  OWASP Austin got
> exactly $0 from AppSecUSA 2012.  I believe that the profit sharing policy
> was changed the next year though so that may already be addressed.
> Regardless, if you are asking these leaders to spend a year of their lives
> to make the conference a success, then they should be rewarded with a year
> of chapter funding.  I also think that we need to significantly bump up the
> level of support from the Foundation.  Perhaps it's changed since we ran
> it, but conference planners should handle venue, schedule, speaker
> selection, volunteers, etc.  They should not be responsible for finding
> sponsors.  That should be handled entirely by the Foundation as it takes a
> huge weight off their shoulders.  I'm sure there's more that's not coming
> to mind right now, but hopefully that's helpful for this conversation.
>
> ~josh
>
>
>
> On Thu, Feb 26, 2015 at 2:32 PM, Michael Coates <michael.coates at owasp.org>
> wrote:
>
> One other note: I do think the path forward is likely a hybrid model. But
> to be far, the announcement for 2016 went out on Dec 26 and I haven't seen
> another email since. I wouldn't be surprised if everyone missed it. That
> said, we'd still likely only get 1 or 2 submissions and it's unknown if
> we'd want to go to that location.
>
>
>
> --
> Michael Coates | @_mwc <https://twitter.com/intent/user?screen_name=_mwc>
>
> OWASP Global Board
>
> Join me at AppSecUSA <http://AppSecUSA.org> 2015 in San Francisco!
>
>
>
>
>
>
>
> On Thu, Feb 26, 2015 at 12:30 PM, Jim Manico <jim.manico at owasp.org> wrote:
>
> Michael,
>
>
>
> I'm a fan of that as well. A stable location has a better potential for
> growth. These events are so crucial to our fiscal health I like the idea of
> additional professional support to run a stable event. We sure do run these
> major events with minimal staff...
>
>
>
> NYC seems to have huge potential. Perhaps SF too, lets see how we do this
> year.
>
>
>
> Details aside, I agree with your general vision here.
>
>
>
> Cheers,
>
> --
>
> Jim Manico
>
> @Manicode
>
> (808) 652-3805
>
>
> On Feb 26, 2015, at 9:25 PM, Michael Coates <michael.coates at owasp.org>
> wrote:
>
> I'm not surprised and was prepared that this day would come. It is a tall
> order to host and lots of risk for our org to nearly start from scratch
> each event.
>
>
>
> I'd like to discuss a hybrid model that is led by foundation in preset
> locations where we can leverage known resources for repeatability and
> scale. We can still rotate to some degree but it's between known locations.
> This combined with a community effort for some aspects and dedicated new
> staff resources would work well. We gain stability and still leverage
> community for some aspects while driving from the foundation.
>
>
>
>
>
>
> On Feb 26, 2015, at 12:13 PM, Paul Ritchie <paul.ritchie at owasp.org> wrote:
>
> Hello OWASP Board members:
>
>
>
> Issue: During our OWASP staff meeting today we discussed that we have not
> received any proposals to host an AppSec Conference in 2016.
>
> Laura put out the call for proposals back in late December, and it was
> followed up in our Connector newsletter. The Deadline for submissions was
> February 27. Although several people looked seriously at the prospect of
> hosting, none have submitted a formal proposal to host the 2016 AppSec.
>
>
>
> Next Steps: I plan to extend the 'Call for Proposals' period another 3
> weeks to see if we can stimulate some additional interest for our AppSec
> conferences in Europe & US. To accomplish that, I have streamlined Laura's
> original email and plan to resend no later than Monday, March 2 to our
> Leaders & Community email group lists.
>
>
>
> During our Staff meeting today we discussed several good options in case
> we don't receive a proposal, but first, lets give the Community another
> opportunity to 'step up' and 'take the lead' for our 2016 events.
>
>
>
> Just FYI for now since several of you were asking about progress in this
> area.
>
> Paul
>
>
>
> ========== TEXT OF APPSEC2016 CALL FOR PROPOSALS =============
>
> Hello All,
>
> Is your Chapter or Region interested in hosting our 2016 AppSec Conference
> for Europe or USA?  OWASP is actively seeking proposals and we encourage
> any community member interested in hosting a​n *OWASP​ ​Global Conference*
> to submit a proposal.
>
>
>
> Hosting a conference requires commitment, responsibility and a lot of
> time, energy and effort to properly plan and implement a conference. For
> more information see the How to Host a Conference page.
> https://www.owasp.org/index.php/How_to_Host_a_Conference
>
>
>
> The dates of each OWASP Global AppSec conference vary somewhat each year
> but ideally the conference is held:
>
> ·        Europe ​- Q2​ 2016
>
> ·        North America​ - Q3​ 2016
>
> To bid for a 201​6 OWASP Global AppSec please complete the OCMS form
> http://www.tfaforms.com/301382 with the following information *by March
> 2​0th, 201​5.   Please include the following information.*
>
>
>
> 1. The proposed city and host chapter.
>
>
>
> 2. The name of the intended local organizer and his/her team committed to
> the task for 201​6​
>
> along with a brief explanation on why the conference committee wants to
> organize an OWASP Global AppSec.  Include anticipated help from volunteers
> before and at the conference.
>
>
>
> 3. Previous conferences or local/regional events experience of the
> conference committee.
>
>
>
> 4. The intended dates for the conference. (Typically includes 2 days of
> pre-conference training, followed by 2 days of conference talks).
>
>
>
> 5. Venue recommendations. If possible, assurance that the following will
> be available:
>
> - A large auditorium with multiple training / lecture rooms near the main
> auditorium.
>
> - Projection & internet facilities in all rooms up to modern standards.
>
> - A suitable networking space near the rooms for registration, breaks and
> other activities.
>
> - A hall near the rooms for sponsor exhibitions.
>
> - Green room, storage room, breakout room, capture the flag area, etc.
>
> 6. Budget. Please use the form on google docs
> https://docs.google.com/a/owasp.org/spreadsheet/ccc?key=0AhOGWXgQrDnddE9nZnh1UEZzUHJ2cl85R2hVd2IxRGc&usp=drive_web#gid=0 (Since
> many of the categories of expenses are optional, consider this a check
> list. You can add as many items as you want and you do not need to fill in
> every box if you do not want it to be included in your event.)
>
>
>
> 7. Possible "big name" speakers in AppSec who might be plenary speakers
> with low travel costs.
>
>
>
> 8. Realistic prospects for obtaining sponsorship from outside bodies,
> e.g., companies, universities, scientific institutes, media, government,
> etc.
>
>
>
> By submitting an application, you are already demonstrating your
> commitment to OWASP. We really appreciate every proposal we receive,
> however not every proposal will be approved. The selection process that
> will be made by the OWASP operations team with input from previous AppSec
> organizing teams.
>
> · Preference will be given to the community that demonstrates more
> engagement.
>
> · Preference will be given to the team that has successful experience
> organizing local/regional events.
>
> · Preference will be given to a location that has not recently hosted a
> Global AppSec conference.
>
> · Geographic coverage will be considered when selecting conference sites.
>
>
>
> *The deadline for applications is March 20th. *
>
>
>
> Should you have any questions concerning the proposal process or need
> assistance with your application, please do not hesitate to contact me.  We
> are looking forward to your proposals!
>
>
>
> Paul Ritchie, OWASP Executive Director
>
> paul.ritchie at owasp.org
>
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
> _______________________________________________
> Owasp-board mailing list
> Owasp-board at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-board
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20150302/5e771fb1/attachment-0001.html>


More information about the Owasp-board mailing list