[Owasp-leaders] Speakers at Appsec conferences

Tobias tobias.gondrom at owasp.org
Thu Sep 11 23:05:11 UTC 2014


Hi Jerry,

thanks Michael. Yes, that is the docu we have.


As to Jerry's question about board member travel, as to my knowledge 
that is less documented - my experience was that this was in the past 
handled by Sarah as our ED at her recommendation or discretion with not 
so much communication or documentation.
Overall, AFAIK we used very little funding for board member travel in 
2014. Probably many other OWASP board members follow the same approach 
like me to not ask for any reimbursement and save money for the OWASP 
foundation by using their own company funds or personal funds before 
asking for reimbursement from OWASP.

Tobias


Ps.: in principle, I agree we could improve the documentation of rules 
for travel expenses.


On 11/09/14 23:42, Michael Coates wrote:
> For everyone's reference:
>
> https://www.owasp.org/index.php/Funding
>
> https://www.owasp.org/index.php/Funding#Community_Engagement_Funding_Rules 
>
>
>
>
> --
> Michael Coates
> Chairman, OWASP Board
> @_mwc
>
>
> On Thu, Sep 11, 2014 at 3:10 PM, Jerry Hoff <jerry at owasp.org 
> <mailto:jerry at owasp.org>> wrote:
>
>     Hi Tobias,
>
>     Thanks for the reply.  So what is the rule for paying for travel
>     expenses?  It seems a bit murky / arbitrary right now.  Also, is
>     there a rule for board member's travel?
>
>     Thanks!
>     Jerry
>
>     --
>     Jerry Hoff
>     @jerryhoff
>     jerry at owasp.org <mailto:jerry at owasp.org>
>
>
>
>     On Sep 11, 2014, at 2:58 PM, Tobias <tobias.gondrom at owasp.org
>     <mailto:tobias.gondrom at owasp.org>> wrote:
>
>>     Hi Jerry,
>>
>>     hm. I can see some good reasons where I would like to pay for
>>     some speaker's travel expenses.
>>
>>     (before starting: up to this date, I was in the fortunate
>>     position that I never needed to ask for money from OWASP for
>>     travel in my function as board member or speaker. And I think if
>>     other funding is available to a person, that should be used first
>>     and leave more money for the foundation's work.)
>>
>>     Having said that, I very much think that this situation can be
>>     very different for other speakers and paying for a regional
>>     flight or hotel can be a massive burden on a speaker's holiday
>>     budget. And many speakers don't have company expense budgets and
>>     could not afford to do this basically using their year holiday
>>     budgets to speak at an OWASP conference - even though OWASP is
>>     great fun, the spouses may not agree that this justifies spending
>>     all their holiday money on OWASP without them.
>>
>>     Some examples where I think it is very good that OWASP can pay
>>     speaker travel (flight and/or hotel):
>>     - chapters inviting specific speakers to present at their chapter
>>     event about topics that are exciting for their community
>>     - AppSec conferences: frankly quite a few of external keynote
>>     speakers will require travel expenses to be paid. Otherwise they
>>     would have to pay out of their private pocket and not come.
>>     - OWASP tours where we help bring speakers from within a region
>>     to different chapters to present OWASP topics there and exchange
>>     ideas
>>     - allow chapter leaders and project leaders to attend chapter and
>>     project workshops (e.g. at AppSec conferences) to help further
>>     improve their chapters and projects.
>>
>>     IMHO, these are good reasons to support travel for speakers if
>>     necessary and if it can be afforded by the hosting chapter.
>>
>>     Just my 2cents.
>>
>>     Best wishes, Tobias
>>
>>
>>
>>     On 11/09/14 22:22, Jerry Hoff wrote:
>>>     I agree completely - I'm very much against OWASP paying for
>>>     anyone's travel - speaker, board members, guests (obviously
>>>     excluding staff) ....
>>>
>>>     Absolutely everyone should pay their own travel IMO. The benefit
>>>     is the opportunity is to speak in front of the OWASP audience.
>>>
>>>     Can anyone give a good reason why OWASP pays for some member's
>>>     travel expenses?
>>>
>>>     -- 
>>>     Jerry Hoff
>>>     jerry at owasp.com <mailto:jerry at owasp.com>
>>>     @jerryhoff
>>>
>>>     On Sep 11, 2014, at 14:11, johanna curiel curiel
>>>     <johanna.curiel at owasp.org <mailto:johanna.curiel at owasp.org>> wrote:
>>>
>>>>     Defcon has a very different approach
>>>>
>>>>     Entree USD 220,-
>>>>     Speakers pay their own cost I think
>>>>
>>>>     But why are they so darn good? Better than BH with all due
>>>>     respect. BH entree is between 1800-2500 for the briefings of 2 days
>>>>     and Defcon is 4 days!
>>>>
>>>>     Defcon is very cool...(and cost 10x less but you get 10x fun)
>>>>
>>>>
>>>>     On Thu, Sep 11, 2014 at 5:00 PM, Eoin Keary
>>>>     <eoin.keary at owasp.org <mailto:eoin.keary at owasp.org>> wrote:
>>>>
>>>>         Given the foundation has 300k in the bank I don't see why
>>>>         we can't cast the net wider to include more speakers. It
>>>>         helps the foundations mission to spread the word and have
>>>>         high quality speakers at our events.
>>>>
>>>>
>>>>         Eoin Keary
>>>>         Owasp Global Board
>>>>         +353 87 977 2988 <tel:%2B353%2087%20977%202988>
>>>>
>>>>
>>>>         On 11 Sep 2014, at 21:54, Michael Coates
>>>>         <michael.coates at owasp.org
>>>>         <mailto:michael.coates at owasp.org>> wrote:
>>>>
>>>>>         Steven,
>>>>>
>>>>>         Hope all is well and it will be great to catch up in Denver.
>>>>>
>>>>>         I always enjoy new ideas and discussion. I have a few
>>>>>         questions about your idea.
>>>>>
>>>>>
>>>>>         1. Do we have any indication that quality speakers aren't
>>>>>         applying because travel / hotel is not covered?
>>>>>
>>>>>         2. Do you think the quality of speakers would increase if
>>>>>         travel costs were covered?
>>>>>
>>>>>         3. How many of the speakers do you think are paying for
>>>>>         their travel out of pocket versus having it covered as a
>>>>>         business expense?
>>>>>
>>>>>         4. Would you support an increase in ticket prices to cover
>>>>>         the costs of speakers? If not, where would you suggest the
>>>>>         costs be covered?
>>>>>
>>>>>         A bit of cost planning:
>>>>>         AppSecUSA has 79 people listed on the speakers tab.  Let's
>>>>>         assume travel as $900 per person ($500 airfare + 2 nights
>>>>>         hotel at $200 night). That comes out to $71,000.
>>>>>
>>>>>         Cost increase per attendee:
>>>>>         500 attendees +$142 per ticket
>>>>>         1000 attendees +$71 per ticket
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>         --
>>>>>         Michael Coates
>>>>>         Chairman, OWASP Board
>>>>>         @_mwc
>>>>>
>>>>>
>>>>>         On Thu, Sep 11, 2014 at 1:11 PM, Steven van der Baan
>>>>>         <steven.van.der.baan at owasp.org
>>>>>         <mailto:steven.van.der.baan at owasp.org>> wrote:
>>>>>
>>>>>             hi Leaders,
>>>>>
>>>>>             I've got a question for you all and it is regarding
>>>>>             speakers at Appsec
>>>>>             conferences.
>>>>>
>>>>>             I am of the opinion that we should cover expenses for
>>>>>             speakers that are
>>>>>             presenting at Appsec conferences. At the moment this
>>>>>             is not the case and
>>>>>             I truly believe that this is wrong. I think that if
>>>>>             OWASP wants the
>>>>>             AppSec conferences to grow in size, we should also
>>>>>             give the speakers
>>>>>             more than just an entrance ticket. I would like to see
>>>>>             that also some of
>>>>>             the expenses are covered. This is currently only done
>>>>>             for the keynote
>>>>>             speakers. I agree that the keynote speakers should be
>>>>>             handled more
>>>>>             special, but they are only the 'cherry on the cake'.
>>>>>             It's the speakers
>>>>>             that 'make the cake' and without good speakers you
>>>>>             will have a lousy cake.
>>>>>
>>>>>             I know that conferences like HitB and BlackHat/Defcon
>>>>>             provide hotel
>>>>>             expenses next to the entrance fee (with BH and Defcon
>>>>>             you can choose
>>>>>             between more badges or money). And they do get a large
>>>>>             number of
>>>>>             attendees, especially due to the numbers and quality
>>>>>             of their speakers.
>>>>>             This is what I would like to see with the OWASP Appsec
>>>>>             conferences as
>>>>>             well. Being known for outstanding speakers and at the
>>>>>             same time
>>>>>             attracting more attendees. Reflecting back at taking
>>>>>             part in organising
>>>>>             Appsec EU 2014, the attendee numbers where really low
>>>>>             for a long time
>>>>>             (below 100 up to two weeks before the conference).
>>>>>             Thought it did pick
>>>>>             up in the last two weeks, i firmly believe that these
>>>>>             numbers could
>>>>>             easily have been doubled if we take more care of our
>>>>>             speakers.
>>>>>
>>>>>             I know that I have a personal stake in this as I'm one
>>>>>             of the speakers
>>>>>             at Appsec USA. But it should not only be an honour to
>>>>>             speak at an OWASP
>>>>>             conference, we as OWASP should actively support this
>>>>>             knowledge sharing
>>>>>             by stimulating speakers and meet them with their
>>>>>             expenses and take care
>>>>>             of the hotel for them. I am aware that in the current
>>>>>             model the Appsec
>>>>>             conferences are used to generate revenue for the
>>>>>             foundation, but I am a
>>>>>             firm believer that you first have to spend money to
>>>>>             make money: to
>>>>>             invest into the speakers, which in turn will attract
>>>>>             more attendees and
>>>>>             therefore generate more income.
>>>>>
>>>>>             Below are two tweets that I quickly found searching
>>>>>             online about this.
>>>>>             These tweets are from non OWASP members
>>>>>             https://twitter.com/MatiasKatz/status/323490014136791041
>>>>>             https://twitter.com/notsosecure/status/478912487182827520
>>>>>
>>>>>
>>>>>             I'd love to see this change happen.
>>>>>
>>>>>             Steven.
>>>>>             _______________________________________________
>>>>>             OWASP-Leaders mailing list
>>>>>             OWASP-Leaders at lists.owasp.org
>>>>>             <mailto:OWASP-Leaders at lists.owasp.org>
>>>>>             https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>
>>>>>
>>>>>         _______________________________________________
>>>>>         OWASP-Leaders mailing list
>>>>>         OWASP-Leaders at lists.owasp.org
>>>>>         <mailto:OWASP-Leaders at lists.owasp.org>
>>>>>         https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>
>>>>         _______________________________________________
>>>>         OWASP-Leaders mailing list
>>>>         OWASP-Leaders at lists.owasp.org
>>>>         <mailto:OWASP-Leaders at lists.owasp.org>
>>>>         https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>
>>>>
>>>>     _______________________________________________
>>>>     OWASP-Leaders mailing list
>>>>     OWASP-Leaders at lists.owasp.org
>>>>     <mailto:OWASP-Leaders at lists.owasp.org>
>>>>     https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>>     _______________________________________________
>>>     OWASP-Leaders mailing list
>>>     OWASP-Leaders at lists.owasp.org  <mailto:OWASP-Leaders at lists.owasp.org>
>>>     https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>
>
>
>     _______________________________________________
>     OWASP-Leaders mailing list
>     OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
>     https://lists.owasp.org/mailman/listinfo/owasp-leaders
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140912/55829e33/attachment-0001.html>


More information about the OWASP-Leaders mailing list