<div dir="ltr"><div>I am all for the idea of OWASP having more conferences.  And with respect to the Hawaii chapter being defunct, this may be the kind of event that springboards into more participation in a local chapter so that's a positive.  That said, my impression has always been that Hawaii is a tourist destination.  If we can prove out that flights are cheap and hotel is reasonable, then I'd say let's do it.  If not, then there's no harm in keeping it a more regional event.  Even LASCON which is a regional event by design will draw the occasional participant from California, Tennessee, and beyond.  All it takes is a great list of speakers and people will want to come.  Dibs on your couch.<br><br></div>~josh<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Aug 10, 2015 at 5:08 PM, Jim Manico <span dir="ltr"><<a href="mailto:jim.manico@owasp.org" target="_blank">jim.manico@owasp.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div bgcolor="#FFFFFF" text="#000000">
    Paul,<br>
    <br>
    This is very helpful, I'll drop the APAC (and other regional)
    chapters a line and gauge interest. Hawaii gets about 2 million
    visitors from Japan alone every year. I do not want to drown out the
    AppSec with "Hawaii" talk, but Hawaii is a big draw because - um -
    it's paradise, you know? :)<br>
    <br>
    People frequently ask me some form of the question, "Is Hawaii
    perfect like we see in the movies and all that?" the answer is : <u><b>yes</b></u>.
    All that AND awesome AppSec speakers and training.<br>
    <br>
    I also reached out to ShakaCon to talk about coordinating conference
    times next year. On that note...<br>
    <br>
    Do you all like the idea of a March 2016 ish conference? This is off
    season and a bit more affordable. Another option is to time this
    with Shakacon and do it in late June or July. This is "peak season"
    and will be more expensive, but will let folks use this conference
    as a springboard to vacation with kids who should be out of school.<br>
    <br>
    I'm sorry to spam the board list with all this - I'll move to a
    conference specific list or the Hawaii list shortly.<br>
    <br>
    Aloha,<br>
    Jim<div><div class="h5"><br>
    <br>
    <br>
    <br>
    <br>
    <br>
    <br>
    <br>
    <br>
    <br>
    <br>
    <br>
    <div>On 8/10/15 11:03 AM, Paul Ritchie
      wrote:<br>
    </div>
    <blockquote type="cite">
      <div dir="ltr">Jim - All:
        <div><br>
        </div>
        <div>One experience I recall from past conferences held in
          Hawaii, occasionally we found that travel arrangements to
          Hawaii from Japan allowed more participation from Japan and
          other APAC countries.  While it still 'looks' like a resort
          destination, the cost was significantly less than travel to US
          or EU.</div>
        <div><br>
        </div>
        <div>I'm not sure if recent economic conditions still work out
          that way, but perhaps a survey to some of our chapters in APAC
          will give a sense of potential participation levels.</div>
        <div><br>
        </div>
        <div>Also, I like the concept of 'co-locating' or overlapping 2
          events since there is often a good synergy of participation
          (i.e. the shakacon event).</div>
        <div><br>
        </div>
        <div>Cheers, Paul</div>
      </div>
      <div class="gmail_extra"><br clear="all">
        <div>
          <div>
            <div dir="ltr">
              <div>
                <div dir="ltr">
                  <div>Best Regards, Paul Ritchie</div>
                  <div>OWASP Executive Director</div>
                  <div><a href="mailto:paul.ritchie@owasp.org" target="_blank">paul.ritchie@owasp.org</a></div>
                  <div><br>
                  </div>
                </div>
              </div>
            </div>
          </div>
        </div>
        <br>
        <div class="gmail_quote">On Mon, Aug 10, 2015 at 1:31 PM, Jim
          Manico <span dir="ltr"><<a href="mailto:jim.manico@owasp.org" target="_blank">jim.manico@owasp.org</a>></span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
            <div bgcolor="#FFFFFF" text="#000000"> Yup, I'm with you.
              There is a whole process for submitting conference
              proposals and getting them accepted which I commit to
              following.<br>
              <br>
              Aloha,<br>
              Jim
              <div>
                <div><br>
                  <br>
                  <br>
                  <div>On 8/10/15 10:27 AM, Michael Coates wrote:<br>
                  </div>
                  <blockquote type="cite">
                    <div>Awesome, glad it's helpful!</div>
                    <div><br>
                    </div>
                    <div>One thing to also consider. I *think* we have a
                      blackout period on regional conferences within 1
                      or 2 months of the national conf. The idea is to
                      not compete with ourself.</div>
                    <div><br>
                    </div>
                    <div>This would be a good item to double check with
                      Paul and Laura so you know when the national event
                      is targeted for 2016. </div>
                    <div><br>
                    </div>
                    <div>Aside from that, sounds awesome!<br>
                      <br>
                      <br>
                    </div>
                    <div><br>
                      On Aug 10, 2015, at 1:22 PM, Jim Manico <<a href="mailto:jim.manico@owasp.org" target="_blank"></a><a href="mailto:jim.manico@owasp.org" target="_blank">jim.manico@owasp.org</a>>
                      wrote:<br>
                      <br>
                    </div>
                    <blockquote type="cite">
                      <div>
                        <div>This is just the advice I was looking for.
                          Thanks Michael.</div>
                        <div><br>
                        </div>
                        <div>I'm going to propose a regional for early
                          2016. My wife has agreed to help. We are
                          calling hotels in the area, getting pricing
                          info, and will then make a formal proposal
                          with the numbers.<br>
                          <br>
                          Thanks again, Michael.</div>
                        <div><br>
                          Aloha!<br>
                          <div>--</div>
                          <div>Jim Manico</div>
                          <div>
                            <div>
                              <div style="word-wrap:break-word">
                                <div><span style="background-color:rgba(255,255,255,0)">Global
                                    Board Member</span></div>
                                <span style="background-color:rgba(255,255,255,0)">OWASP
                                  Foundation</span>
                                <div><a href="https://www.owasp.org/" style="background-color:rgba(255,255,255,0)" target="_blank"><font color="#000000">https://www.owasp.org</font></a></div>
                              </div>
                            </div>
                            <div><span style="background-color:rgba(255,255,255,0)">Join
                                me at <a href="http://appsecusa.org/" target="_blank">AppSecUSA</a> 2015!</span></div>
                          </div>
                        </div>
                        <div><br>
                          On Aug 10, 2015, at 10:12 AM, Michael Coates
                          <<a href="mailto:michael.coates@owasp.org" target="_blank">michael.coates@owasp.org</a>>

                          wrote:<br>
                          <br>
                        </div>
                        <blockquote type="cite">
                          <div>
                            <div dir="ltr">Jim,
                              <div><br>
                              </div>
                              <div>Here's one potential way to start
                                digging into the opportunity. You of
                                course know most of this already from
                                your board work, just providing some
                                perspective.</div>
                              <div><br>
                              </div>
                              <div>1. Consider if you want to try for a
                                national conference or a regional
                                conference. The tradeoffs here are
                                largely around size and risk. A regional
                                conference is typically smaller (which
                                by no means less awesome). Think of the
                                Southern California conference which is
                                intimate at around 200 people and
                                absolutely amazing! As you've seen,
                                these events still draw amazing
                                speakers.</div>
                              <div><br>
                              </div>
                              <div>A national conference on the other
                                hand is going to have more structure
                                around profit goals since it's a major
                                fundraiser for the organization. Most
                                likely this would necessitate a bigger
                                event 1000+ attendees.</div>
                              <div><br>
                              </div>
                              <div>2. Run the numbers on attendees -
                                Based on location you would have the
                                best chance with West Coast from North
                                America, some midwesterners and perhaps
                                Australia and asia. You can work with
                                Laura to understand the attendee
                                demographics for conferences, but in
                                general about 50% of attendees are from
                                the regional area.</div>
                              <div><br>
                              </div>
                              <div>3. Run the numbers on cost for
                                attendees - What is the typical airfare
                                for an attendee to get to Hawaii? What
                                is the lodging? It could be the same
                                costs as a mainland flight to NYC or SF,
                                if so, that's a really good point to
                                make if it costs the same.</div>
                              <div><br>
                              </div>
                              <div>4. Other cons - have other security
                                conferences been held on Hawaii? How
                                many people showed up? Perhaps they are
                                bigger or smaller organizations and this
                                can give you an idea of how it went for
                                them.</div>
                              <div><br>
                              </div>
                              <div>Hope this helps. My opinion (without
                                knowing the above information) is that
                                you could go a regional conference route
                                and create an amazing experience for a
                                few hundred people.</div>
                            </div>
                            <div class="gmail_extra"><br clear="all">
                              <div>
                                <div>
                                  <div dir="ltr">
                                    <div>
                                      <div dir="ltr">
                                        <div>
                                          <div dir="ltr">
                                            <div>
                                              <div dir="ltr"><br>
                                                --<br>
                                                Michael Coates | <a href="https://twitter.com/intent/user?screen_name=_mwc" target="_blank">@_mwc</a><br>
                                              </div>
                                              <div>OWASP Global Board<br>
                                              </div>
                                              <div dir="ltr">
                                                <div>Join me at <a href="http://AppSecUSA.org" target="_blank">AppSecUSA</a> 2015 in San
                                                  Francisco!</div>
                                                <div><br>
                                                </div>
                                                <div><br>
                                                  <br>
                                                </div>
                                              </div>
                                            </div>
                                          </div>
                                        </div>
                                      </div>
                                    </div>
                                  </div>
                                </div>
                              </div>
                              <br>
                              <div class="gmail_quote">On Sun, Aug 9,
                                2015 at 2:42 PM, Jim Manico <span dir="ltr"><<a href="mailto:jim.manico@owasp.org" target="_blank"></a><a href="mailto:jim.manico@owasp.org" target="_blank">jim.manico@owasp.org</a>></span>
                                wrote:<br>
                                <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                                  <div bgcolor="#FFFFFF" text="#000000">
                                    So again Michael et al...<br>
                                    <br>
                                    * Hawaii has a very small tech
                                    community scattered across several
                                    islands<br>
                                    * Regional Hawaii tech conference
                                    are tough since our tech community
                                    is so small<br>
                                    * The OWASP Chapter is defunct in
                                    Hawaii<br>
                                    <br>
                                    I still want to do something.
                                    Perhaps just focus on a small
                                    conference on Kauai next year? Or
                                    propose something bigger?<br>
                                    <br>
                                    I am extremely flexible here. I have
                                    been asked about a Hawaii OWASP
                                    conference on many occasions and I
                                    have time to put in serious effort
                                    to make it happen.<br>
                                    <br>
                                    I think it will be easy to get good
                                    speakers, frankly. Shakacon has
                                    attracted a large number of amazing
                                    speakers - it's one of the more
                                    competitive conferences on the
                                    security circuit. <br>
                                    <br>
                                    What is the best path for the first
                                    run? 1-day no training? 2-day? 2-day
                                    + 1-day of training? I'd be grateful
                                    for more suggestions....<br>
                                    <br>
                                    Another possibility is to tag onto
                                    the end of Shakacon <a href="http://shakacon.org/" target="_blank"></a><a href="http://shakacon.org/" target="_blank">http://shakacon.org/</a>.
                                    We would do our own thing of course
                                    - but just time a OWASP conference
                                    to happen right before or after
                                    Shakacon to leverage the community
                                    that will already be in town.<br>
                                    <br>
                                    Just thinking out loud. I'm eager
                                    for suggestions.<br>
                                    <br>
                                    Anyhow - I'll reactive the Hawaii
                                    chapter list and move a more serious
                                    conversation there, soon.<span><br>
                                      <br>
                                      Aloha,<br>
                                      <pre cols="72">-- 
Jim Manico
Global Board Member
OWASP Foundation
<a href="https://www.owasp.org" target="_blank">https://www.owasp.org</a>
Join me at AppSecUSA 2015!</pre>
                                      <br>
                                      <br>
                                      <br>
                                      <br>
                                      <br>
                                    </span><span>
                                      <div>On 8/7/15 1:32 PM, Michael
                                        Coates wrote:<br>
                                      </div>
                                    </span>
                                    <div>
                                      <div>
                                        <blockquote type="cite">
                                          <div dir="ltr">Proposing as a
                                            regional conference via the
                                            local chapter? If so, that
                                            is all in your court and
                                            more power to you.
                                            <div><br>
                                            </div>
                                            <div>Get great speakers and
                                              people will follow.
                                              Provide a professional
                                              site and handout and
                                              people will realize it's
                                              the real deal and hawaii
                                              is a benefit but not the
                                              primary reason for people
                                              attending.</div>
                                          </div>
                                          <div class="gmail_extra"><br clear="all">
                                            <div>
                                              <div>
                                                <div dir="ltr">
                                                  <div>
                                                    <div dir="ltr">
                                                      <div>
                                                        <div dir="ltr">
                                                          <div>
                                                          <div dir="ltr"><br>
                                                          --<br>
                                                          Michael Coates
                                                          | <a href="https://twitter.com/intent/user?screen_name=_mwc" target="_blank">@_mwc</a><br>
                                                          </div>
                                                          <div>OWASP
                                                          Global Board<br>
                                                          </div>
                                                          <div dir="ltr">
                                                          <div>Join me
                                                          at <a href="http://AppSecUSA.org" target="_blank">AppSecUSA</a> 2015 in San
                                                          Francisco!</div>
                                                          <div><br>
                                                          </div>
                                                          <div><br>
                                                          <br>
                                                          </div>
                                                          </div>
                                                          </div>
                                                        </div>
                                                      </div>
                                                    </div>
                                                  </div>
                                                </div>
                                              </div>
                                            </div>
                                            <br>
                                            <div class="gmail_quote">On
                                              Fri, Aug 7, 2015 at 3:44
                                              PM, Tom Brennan <span dir="ltr"><<a href="mailto:tomb@proactiverisk.com" target="_blank"></a><a href="mailto:tomb@proactiverisk.com" target="_blank">tomb@proactiverisk.com</a>></span>
                                              wrote:<br>
                                              <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">+1<br>
                                                <div>
                                                  <div><br>
                                                    <br>
                                                    <br>
                                                    > On Aug 7, 2015,
                                                    at 3:05 PM, Jim
                                                    Manico <<a href="mailto:jim.manico@owasp.org" target="_blank"></a><a href="mailto:jim.manico@owasp.org" target="_blank">jim.manico@owasp.org</a>>


                                                    wrote:<br>
                                                    ><br>
                                                    > Board,<br>
                                                    ><br>
                                                    > I have been
                                                    considering my plans
                                                    for 2016/2017 and I
                                                    would be happy to
                                                    spend a few months
                                                    at home helping set
                                                    up a OWASP Hawaii
                                                    conference if the
                                                    desire was there for
                                                    the community. I
                                                    live on Kauai and
                                                    there are several
                                                    conference centers
                                                    on this island. For
                                                    easier travel, I can
                                                    also help set up a
                                                    conference in
                                                    Honolulu near
                                                    Waikiki - that main
                                                    tourist center of
                                                    the state of Hawaii.<br>
                                                    ><br>
                                                    > This would be
                                                    an expensive
                                                    conference for many
                                                    and the travel is
                                                    tough on everyone
                                                    since Hawaii is in
                                                    the middle of no
                                                    where.<br>
                                                    ><br>
                                                    > But I have been
                                                    asked to drive this
                                                    several times and I
                                                    would be happy to
                                                    get the effort
                                                    started if the
                                                    community wanted.<br>
                                                    ><br>
                                                    > I am really
                                                    flexible on what
                                                    this looks like. But
                                                    I am willing to be
                                                    boots on the ground
                                                    and put the work in
                                                    to make it happen.<br>
                                                    ><br>
                                                    > What do you
                                                    think?<br>
                                                    ><br>
                                                    > Aloha,<br>
                                                    ><br>
                                                    > --<br>
                                                    > Jim Manico<br>
                                                    > Global Board
                                                    Member<br>
                                                    > OWASP
                                                    Foundation<br>
                                                    > <a href="https://www.owasp.org" rel="noreferrer" target="_blank"></a><a href="https://www.owasp.org" target="_blank">https://www.owasp.org</a><br>
                                                    > Join me at
                                                    AppSecUSA 2015!<br>
                                                    ><br>
                                                    >
                                                    _______________________________________________<br>
                                                    > Owasp-board
                                                    mailing list<br>
                                                    > <a href="mailto:Owasp-board@lists.owasp.org" target="_blank"></a><a href="mailto:Owasp-board@lists.owasp.org" target="_blank">Owasp-board@lists.owasp.org</a><br>
                                                    > <a href="https://lists.owasp.org/mailman/listinfo/owasp-board" rel="noreferrer" target="_blank"></a><a href="https://lists.owasp.org/mailman/listinfo/owasp-board" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-board</a><br>
                                                    <br>
                                                  </div>
                                                </div>
                                                <span><font color="#888888">--<br>
                                                    WARNING: E-mail
                                                    transmission cannot
                                                    be guaranteed to be
                                                    secure or<br>
                                                    error-free as
                                                    information could be
                                                    intercepted,
                                                    corrupted, lost,
                                                    destroyed,<br>
                                                    arrive late or
                                                    incomplete, or
                                                    contain viruses. The
                                                    sender therefore
                                                    does<br>
                                                    not accept liability
                                                    for any errors or
                                                    omissions in the
                                                    contents of this<br>
                                                    message, which arise
                                                    as a result of
                                                    e-mail transmission.
                                                    No employee or<br>
                                                    agent is authorized
                                                    to conclude any
                                                    binding agreement on
                                                    behalf of<br>
                                                    ProactiveRISK with
                                                    another party by
                                                    email.<br>
                                                  </font></span>
                                                <div>
                                                  <div><br>
_______________________________________________<br>
                                                    Owasp-board mailing
                                                    list<br>
                                                    <a href="mailto:Owasp-board@lists.owasp.org" target="_blank"></a><a href="mailto:Owasp-board@lists.owasp.org" target="_blank">Owasp-board@lists.owasp.org</a><br>
                                                    <a href="https://lists.owasp.org/mailman/listinfo/owasp-board" rel="noreferrer" target="_blank"></a><a href="https://lists.owasp.org/mailman/listinfo/owasp-board" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-board</a><br>
                                                  </div>
                                                </div>
                                              </blockquote>
                                            </div>
                                            <br>
                                          </div>
                                        </blockquote>
                                        <br>
                                      </div>
                                    </div>
                                  </div>
                                </blockquote>
                              </div>
                              <br>
                            </div>
                          </div>
                        </blockquote>
                      </div>
                    </blockquote>
                  </blockquote>
                  <br>
                  <pre cols="72">-- 
Jim Manico
Global Board Member
OWASP Foundation
<a href="https://www.owasp.org" target="_blank">https://www.owasp.org</a>
Join me at AppSecUSA 2015!</pre>
                </div>
              </div>
            </div>
            <br>
            _______________________________________________<br>
            Owasp-board mailing list<br>
            <a href="mailto:Owasp-board@lists.owasp.org" target="_blank">Owasp-board@lists.owasp.org</a><br>
            <a href="https://lists.owasp.org/mailman/listinfo/owasp-board" rel="noreferrer" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-board</a><br>
            <br>
          </blockquote>
        </div>
        <br>
      </div>
    </blockquote>
    <br>
    <pre cols="72">-- 
Jim Manico
Global Board Member
OWASP Foundation
<a href="https://www.owasp.org" target="_blank">https://www.owasp.org</a>
Join me at AppSecUSA 2015!</pre>
  </div></div></div>

<br>_______________________________________________<br>
Owasp-board mailing list<br>
<a href="mailto:Owasp-board@lists.owasp.org">Owasp-board@lists.owasp.org</a><br>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-board" rel="noreferrer" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-board</a><br>
<br></blockquote></div><br></div>