[Owasp-leaders] Speakers at Appsec conferences

Dirk Wetter dirk at owasp.org
Tue Sep 16 14:59:31 UTC 2014


sorry that I answer that delayed.

I like Josh's approach and not having a general rule -- at least not for expenses like international travel.

Accomodation could be worth to consider but I would be careful as hotels e.g. in the US are not
a bargain -- from a European perspective. Before doing this I would recommend looking what it would
mean for the revenue. OTOH we need to ask ourselves how raising the ticket prices would affect to
get our message of software security across.

What we could do e.g. changing the CfPs to indicate that if somebody asks for accomodation (or even travel)
assistance there's a chance it's being discussed -- and if the organizers thinks it's worth it he'll get this
from the conference budget.

I also would like to repeat what I told others before. To get high quality talks it's very important not only
to release the CfP, sit there and wait for the submissions dripping in. It is vital to build a good international
program committee with a good network, people committed to sue their network, spend a few cycles, talking to
potential speakers and actively doing speaker acquisition. And a PC chair swinging the whip ;-)
Also I wish that there would be more continuity. To me it looks like the default currently at OWASP is that every
program committee starts from scratch. So e.g. the loose ends from last years <keynote,invited,whatsoever>
speaker which declined because of a conflict in schedule are not picked up.  Little bit like the movie
"Groundhog Day"  ;-)

We also need to keep in mind that OWASP doesn't own or is the only organization doing software security
conferences.  We need to improve otherwise at a certain time we loose fun and revenue.



German OWASP Board, (Chair AppSec Research 2013)
Send me encrypted mails (Key ID 0xB818C039)

Am 09/11/2014 11:20 PM, schrieb Josh Sokol:
> Historically, this has been a decision that has been left up to the team planning the conference.  I know with AppSecUSA 2012, there were a few speakers that we really wanted to get to the conference and they couldn't pay their way so we helped them with expenses.  We do the same for LASCON if we really want someone and circumstances merit it.  But, like Michael alluded to, this is an expense that should become part of the conference planning budget and we need to figure out how to offset it.  Personally, I would hesitate to compare any of OWASP's relatively small conferences to BlackHat (5,000 attendees) or Defcon (15,000 attendees).  Not even in the same ballpark.  And when you factor in that a ticket to BlackHat averages out somewhere around $2000 per person, well, we're not even in the same city where revenue is concerned.  My gut says to leave these decisions up to the local planning teams, but not make a habit out of it.
> ~josh
> On Thu, Sep 11, 2014 at 4:08 PM, Azeddine Islam Mennouchi <azeddine.mennouchi at owasp.org <mailto:azeddine.mennouchi at owasp.org>> wrote:
>     Hello,
>     sure :D you were great in Math Michael :D
>     I think Stev. has a point almost all the confs. pay a part of the expenses (if not full expenses)
>     Not all companies have the same policy not all people get sponsored by there companies
>     Sponsoring some people would be great I think
>     Regards Islam,
>     On Thu, Sep 11, 2014 at 10:54 PM, Michael Coates <michael.coates at owasp.org <mailto:michael.coates at owasp.org>> wrote:
>         Steven,
>         Hope all is well and it will be great to catch up in Denver.
>         I always enjoy new ideas and discussion. I have a few questions about your idea. 
>         1. Do we have any indication that quality speakers aren't applying because travel / hotel is not covered?  
>         2. Do you think the quality of speakers would increase if travel costs were covered?
>         3. How many of the speakers do you think are paying for their travel out of pocket versus having it covered as a business expense?
>         4. Would you support an increase in ticket prices to cover the costs of speakers? If not, where would you suggest the costs be covered?
>         A bit of cost planning:
>         AppSecUSA has 79 people listed on the speakers tab.  Let's assume travel as $900 per person ($500 airfare + 2 nights hotel at $200 night). That comes out to $71,000.
>         Cost increase per attendee:
>         500 attendees +$142 per ticket
>         1000 attendees +$71 per ticket
>         --
>         Michael Coates
>         Chairman, OWASP Board
>         @_mwc
>         On Thu, Sep 11, 2014 at 1:11 PM, Steven van der Baan <steven.van.der.baan at owasp.org <mailto:steven.van.der.baan at owasp.org>> wrote:
>             hi Leaders,
>             I've got a question for you all and it is regarding speakers at Appsec
>             conferences.
>             I am of the opinion that we should cover expenses for speakers that are
>             presenting at Appsec conferences. At the moment this is not the case and
>             I truly believe that this is wrong. I think that if OWASP wants the
>             AppSec conferences to grow in size, we should also give the speakers
>             more than just an entrance ticket. I would like to see that also some of
>             the expenses are covered. This is currently only done for the keynote
>             speakers. I agree that the keynote speakers should be handled more
>             special, but they are only the 'cherry on the cake'. It's the speakers
>             that 'make the cake' and without good speakers you will have a lousy cake.
>             I know that conferences like HitB and BlackHat/Defcon provide hotel
>             expenses next to the entrance fee (with BH and Defcon you can choose
>             between more badges or money). And they do get a large number of
>             attendees, especially due to the numbers and quality of their speakers.
>             This is what I would like to see with the OWASP Appsec conferences as
>             well. Being known for outstanding speakers and at the same time
>             attracting more attendees. Reflecting back at taking part in organising
>             Appsec EU 2014, the attendee numbers where really low for a long time
>             (below 100 up to two weeks before the conference). Thought it did pick
>             up in the last two weeks, i firmly believe that these numbers could
>             easily have been doubled if we take more care of our speakers.
>             I know that I have a personal stake in this as I'm one of the speakers
>             at Appsec USA. But it should not only be an honour to speak at an OWASP
>             conference, we as OWASP should actively support this knowledge sharing
>             by stimulating speakers and meet them with their expenses and take care
>             of the hotel for them. I am aware that in the current model the Appsec
>             conferences are used to generate revenue for the foundation, but I am a
>             firm believer that you first have to spend money to make money: to
>             invest into the speakers, which in turn will attract more attendees and
>             therefore generate more income.
>             Below are two tweets that I quickly found searching online about this.
>             These tweets are from non OWASP members
>             https://twitter.com/MatiasKatz/status/323490014136791041
>             https://twitter.com/notsosecure/status/478912487182827520
>             I'd love to see this change happen.
>             Steven.
>             _______________________________________________
>             OWASP-Leaders mailing list
>             OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
>             https://lists.owasp.org/mailman/listinfo/owasp-leaders
>         _______________________________________________
>         OWASP-Leaders mailing list
>         OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
>         https://lists.owasp.org/mailman/listinfo/owasp-leaders
>     -- 
>     Islam Azeddine Mennouchi
>     Consultant at ITS
>     http://www.infotoolssolutions.dz/
>     OWASP ALGERIA Chapter Leader
>     phone n°: +213658227651 <tel:%2B213658227651>
>     _______________________________________________
>     OWASP-Leaders mailing list
>     OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
>     https://lists.owasp.org/mailman/listinfo/owasp-leaders
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140916/ecdfa77d/attachment-0001.html>

More information about the OWASP-Leaders mailing list