[Owasp-leaders] Government outreach

Mauro Flores mauro.flores at owasp.org
Thu Jan 26 11:56:28 UTC 2012

The Inter-American Committee against Terrorism (CICTE in Spanish) of the
Organization of American States (OEA -
http://www.cicte.oas.org/rev/en/events/cybersecurity.asp) has a Cyber
Security area that promote and coordinates the CSIRTs in Latin America.
They are building a security guideline for application security
development and testing for OEA members. I have a contact there and
propose to include reference to OWASP documents as part of that
guideline. They were receptive to this, so now I'm trying to establish
direct contact with this group to push forward this idea and see how
OWASP can help on this initiative (and others they nay have).
If we manage to include OWASP reference on this document, the OWASP will
gain a lot of visibility inside Latin American governments and will be
much easier to promote OWASP inside local governments. 

regards, Mauro Flores

El mié, 25-01-2012 a las 12:35 -0200, Lucas Ferreira escribió:

> Hello Wojciech,
> In Brazil, we have been taking a grassroots approach, after trying to
> reach the "big guys". We realized that reaching the top layers of the
> government is difficult and time consuming. These people are usually
> very busy and have lots of people trying to "evangelize" them on
> several different issues.
> For the top layers, we have written a manifesto:
> https://www.owasp.org/index.php/OWASP_Brasil_Manifesto/en 
> The current approach is to reach out the technical guys and first
> level managers. We are currently talking to the people that define the
> IT standards for the Brazilian Federal government. We hope this
> conversation could lead to more tangible results than the earlier
> approach. We have been showing them OWASP stuff such as the
> Developer's guide, SAMM, etc. We also have put them in contact with
> people from government agencies which are using OWASP materials as the
> basis for their own methodologies.
> We are also seeing increasing interest from governmental bodies in
> OWASP documents and tools, and this is, IMHO, the result of several
> awareness and outreach initiatives, both local and global.
> Best regards,
> Lucas
> On Mon, Jan 23, 2012 at 21:49, Wojciech Dworakowski
> <wojciech.dworakowski at owasp.org> wrote:
>         Last weekend polish gov sites faced mass attacks as a response
>         to ACTA
>         (kind of european SOPA) legislation. First it was DoS signed
>         by
>         Anonymous
>         (http://www.thenews.pl/1/9/Artykul/83910,Anonymous-shuts-down-Polish-PMs-web-site),
>         next - defacement of Prime Minister's site by some local group
>         (http://www.thenews.pl/1/12/Artykul/83924,PM-Tusks-web-site-hacked-in-antiACTA-protest).
>         Probably this is great oportunity for OWASP to raise awareness
>         of
>         webapps security issues in polish government circles. Could
>         you share
>         your experience and success stories regarding government
>         outreach in
>         your countries? I know that there are some resources on OWASP
>         wiki -
>         such as OWASP Green Book, but I need some guidance where to
>         start.
>         Any suggestions will be greatly appreciated.
>         Best Regards,
>         --
>         Wojtek Dworakowski
>         OWASP Poland Chapter Leader
>         _______________________________________________
>         OWASP-Leaders mailing list
>         OWASP-Leaders at lists.owasp.org
>         https://lists.owasp.org/mailman/listinfo/owasp-leaders
> -- 
> Homo sapiens non urinat in ventum.
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20120126/7ef76dbf/attachment.html>

More information about the OWASP-Leaders mailing list