[Owasp-leaders] Government outreach

Wojciech Dworakowski wojciech.dworakowski at owasp.org
Thu Jan 26 23:27:45 UTC 2012


Thx all for help.
We will try to approach "special task force for the protection of
government portals", which is just created in polish Ministry of
Administration.

Regards,
Wojtek

On Thu, Jan 26, 2012 at 12:56 PM, Mauro Flores <mauro.flores at owasp.org> wrote:
> The Inter-American Committee against Terrorism (CICTE in Spanish) of the
> Organization of American States (OEA -
> http://www.cicte.oas.org/rev/en/events/cybersecurity.asp) has a Cyber
> Security area that promote and coordinates the CSIRTs in Latin America. They
> are building a security guideline for application security development and
> testing for OEA members. I have a contact there and propose to include
> reference to OWASP documents as part of that guideline. They were receptive
> to this, so now I'm trying to establish direct contact with this group to
> push forward this idea and see how OWASP can help on this initiative (and
> others they nay have).
> If we manage to include OWASP reference on this document, the OWASP will
> gain a lot of visibility inside Latin American governments and will be much
> easier to promote OWASP inside local governments.
>
> regards, Mauro Flores
>
> El mié, 25-01-2012 a las 12:35 -0200, Lucas Ferreira escribió:
>
> Hello Wojciech,
>
>
>
> In Brazil, we have been taking a grassroots approach, after trying to reach
> the "big guys". We realized that reaching the top layers of the government
> is difficult and time consuming. These people are usually very busy and have
> lots of people trying to "evangelize" them on several different issues.
>
>
>
> For the top layers, we have written a manifesto:
> https://www.owasp.org/index.php/OWASP_Brasil_Manifesto/en
>
>
>
> The current approach is to reach out the technical guys and first level
> managers. We are currently talking to the people that define the IT
> standards for the Brazilian Federal government. We hope this conversation
> could lead to more tangible results than the earlier approach. We have been
> showing them OWASP stuff such as the Developer's guide, SAMM, etc. We also
> have put them in contact with people from government agencies which are
> using OWASP materials as the basis for their own methodologies.
>
>
>
> We are also seeing increasing interest from governmental bodies in OWASP
> documents and tools, and this is, IMHO, the result of several awareness and
> outreach initiatives, both local and global.
>
>
>
> Best regards,
>
>
>
> Lucas
>
> On Mon, Jan 23, 2012 at 21:49, Wojciech Dworakowski
> <wojciech.dworakowski at owasp.org> wrote:
>
> Last weekend polish gov sites faced mass attacks as a response to ACTA
> (kind of european SOPA) legislation. First it was DoS signed by
> Anonymous
> (http://www.thenews.pl/1/9/Artykul/83910,Anonymous-shuts-down-Polish-PMs-web-site),
> next - defacement of Prime Minister's site by some local group
> (http://www.thenews.pl/1/12/Artykul/83924,PM-Tusks-web-site-hacked-in-antiACTA-protest).
>
> Probably this is great oportunity for OWASP to raise awareness of
> webapps security issues in polish government circles. Could you share
> your experience and success stories regarding government outreach in
> your countries? I know that there are some resources on OWASP wiki -
> such as OWASP Green Book, but I need some guidance where to start.
> Any suggestions will be greatly appreciated.
>
> Best Regards,
> --
> Wojtek Dworakowski
> OWASP Poland Chapter Leader
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>
>
>
>
> --
> Homo sapiens non urinat in ventum.
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>


More information about the OWASP-Leaders mailing list