<div dir="ltr"><div>It's OWASP practice not to pay speaker hotel/travel?  I don't think I've ever seen that written anywhere.  In fact, we offer pots of money like OWASP on the Move funds to do the opposite.  And I'm pretty sure that speaker travel is something that is explicitly allowed in the Chapter Leader Handbook.  In the case of AppSecUSA, nobody ever told us it was somebody else's decision so we just assumed it was ours to make just like all of the other decisions.  As long as the budget is set up to accommodate it, I can't really see the Foundation caring about it.  But if someone needs an explicit "Yes, conference organizers can pay speaker expenses if it makes sense to do so", then I'm all for it as long as they figure out how to account for it financially.<br><br></div>~josh<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Sep 11, 2014 at 4:38 PM, Tobias <span dir="ltr"><<a href="mailto:tobias.gondrom@owasp.org" target="_blank">tobias.gondrom@owasp.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
  
    
  
  <div bgcolor="#FFFFFF" text="#000000">
    <div>Josh, <br>
      <br>
      in my experience, to some degree this has in the past not been up
      to the team planning the conference. <br>
      We have referred back to general OWASP practice to in general not
      pay speaker hotel/travel (except for keynote speakers). So one
      outcome of this discussion could be to explicitly make this the
      choice of the conference organising chapter team. <br><span class="HOEnZb"><font color="#888888">
      <br>
      Tobias</font></span><div><div class="h5"><br>
      <br>
      <br>
      On 11/09/14 22:20, Josh Sokol wrote:<br>
    </div></div></div><div><div class="h5">
    <blockquote type="cite">
      <div dir="ltr">
        <div>Historically, this has been a decision that has been left
          up to the team planning the conference.  I know with AppSecUSA
          2012, there were a few speakers that we really wanted to get
          to the conference and they couldn't pay their way so we helped
          them with expenses.  We do the same for LASCON if we really
          want someone and circumstances merit it.  But, like Michael
          alluded to, this is an expense that should become part of the
          conference planning budget and we need to figure out how to
          offset it.  Personally, I would hesitate to compare any of
          OWASP's relatively small conferences to BlackHat (5,000
          attendees) or Defcon (15,000 attendees).  Not even in the same
          ballpark.  And when you factor in that a ticket to BlackHat
          averages out somewhere around $2000 per person, well, we're
          not even in the same city where revenue is concerned.  My gut
          says to leave these decisions up to the local planning teams,
          but not make a habit out of it.<br>
          <br>
        </div>
        ~josh<br>
      </div>
      <div class="gmail_extra"><br>
        <div class="gmail_quote">On Thu, Sep 11, 2014 at 4:08 PM,
          Azeddine Islam Mennouchi <span dir="ltr"><<a href="mailto:azeddine.mennouchi@owasp.org" target="_blank">azeddine.mennouchi@owasp.org</a>></span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
            <div dir="ltr">
              <div>
                <div>
                  <div>
                    <div>Hello,<br>
                      sure :D you were great in Math Michael :D<br>
                    </div>
                    I think Stev. has a point almost all the confs. pay
                    a part of the expenses (if not full expenses)<br>
                  </div>
                  Not all companies have the same policy not all people
                  get sponsored by there companies<br>
                  <br>
                </div>
                Sponsoring some people would be great I think<br>
                <br>
              </div>
              Regards Islam,<br>
            </div>
            <div class="gmail_extra">
              <div>
                <div><br>
                  <div class="gmail_quote">On Thu, Sep 11, 2014 at 10:54
                    PM, Michael Coates <span dir="ltr"><<a href="mailto:michael.coates@owasp.org" target="_blank">michael.coates@owasp.org</a>></span>
                    wrote:<br>
                    <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
                      <div dir="ltr">Steven,
                        <div><br>
                        </div>
                        <div>Hope all is well and it will be great to
                          catch up in Denver.<br>
                          <div><br>
                          </div>
                          <div>I always enjoy new ideas and discussion.
                            I have a few questions about your idea. </div>
                          <div><br>
                          </div>
                          <div><br>
                          </div>
                          <div>1. Do we have any indication that quality
                            speakers aren't applying because travel /
                            hotel is not covered?  </div>
                          <div><br>
                          </div>
                          <div>2. Do you think the quality of speakers
                            would increase if travel costs were covered?</div>
                          <div><br>
                          </div>
                          <div>3. How many of the speakers do you think
                            are paying for their travel out of pocket
                            versus having it covered as a business
                            expense?<br>
                          </div>
                          <div><br>
                          </div>
                          <div>4. Would you support an increase in
                            ticket prices to cover the costs of
                            speakers? If not, where would you suggest
                            the costs be covered?</div>
                          <div><br>
                          </div>
                          <div>A bit of cost planning:</div>
                          <div>AppSecUSA has 79 people listed on the
                            speakers tab.  Let's assume travel as $900
                            per person ($500 airfare + 2 nights hotel at
                            $200 night). That comes out to $71,000.</div>
                          <div><br>
                          </div>
                          <div>Cost increase per attendee:</div>
                          <div>500 attendees +$142 per ticket</div>
                          <div>1000 attendees +$71 per ticket</div>
                          <div><br>
                          </div>
                          <div><br>
                          </div>
                          <div><br>
                          </div>
                        </div>
                        <div class="gmail_extra"><br clear="all">
                          <div>
                            <div dir="ltr"><br>
                              --<br>
                              Michael Coates
                              <div>Chairman, OWASP Board<br>
                                @_mwc<br>
                                <br>
                              </div>
                            </div>
                          </div>
                          <br>
                          <div class="gmail_quote">On Thu, Sep 11, 2014
                            at 1:11 PM, Steven van der Baan <span dir="ltr"><<a href="mailto:steven.van.der.baan@owasp.org" target="_blank">steven.van.der.baan@owasp.org</a>></span>
                            wrote:<br>
                            <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">hi Leaders,<br>
                              <br>
                              I've got a question for you all and it is
                              regarding speakers at Appsec<br>
                              conferences.<br>
                              <br>
                              I am of the opinion that we should cover
                              expenses for speakers that are<br>
                              presenting at Appsec conferences. At the
                              moment this is not the case and<br>
                              I truly believe that this is wrong. I
                              think that if OWASP wants the<br>
                              AppSec conferences to grow in size, we
                              should also give the speakers<br>
                              more than just an entrance ticket. I would
                              like to see that also some of<br>
                              the expenses are covered. This is
                              currently only done for the keynote<br>
                              speakers. I agree that the keynote
                              speakers should be handled more<br>
                              special, but they are only the 'cherry on
                              the cake'. It's the speakers<br>
                              that 'make the cake' and without good
                              speakers you will have a lousy cake.<br>
                              <br>
                              I know that conferences like HitB and
                              BlackHat/Defcon provide hotel<br>
                              expenses next to the entrance fee (with BH
                              and Defcon you can choose<br>
                              between more badges or money). And they do
                              get a large number of<br>
                              attendees, especially due to the numbers
                              and quality of their speakers.<br>
                              This is what I would like to see with the
                              OWASP Appsec conferences as<br>
                              well. Being known for outstanding speakers
                              and at the same time<br>
                              attracting more attendees. Reflecting back
                              at taking part in organising<br>
                              Appsec EU 2014, the attendee numbers where
                              really low for a long time<br>
                              (below 100 up to two weeks before the
                              conference). Thought it did pick<br>
                              up in the last two weeks, i firmly believe
                              that these numbers could<br>
                              easily have been doubled if we take more
                              care of our speakers.<br>
                              <br>
                              I know that I have a personal stake in
                              this as I'm one of the speakers<br>
                              at Appsec USA. But it should not only be
                              an honour to speak at an OWASP<br>
                              conference, we as OWASP should actively
                              support this knowledge sharing<br>
                              by stimulating speakers and meet them with
                              their expenses and take care<br>
                              of the hotel for them. I am aware that in
                              the current model the Appsec<br>
                              conferences are used to generate revenue
                              for the foundation, but I am a<br>
                              firm believer that you first have to spend
                              money to make money: to<br>
                              invest into the speakers, which in turn
                              will attract more attendees and<br>
                              therefore generate more income.<br>
                              <br>
                              Below are two tweets that I quickly found
                              searching online about this.<br>
                              These tweets are from non OWASP members<br>
                              <a href="https://twitter.com/MatiasKatz/status/323490014136791041" target="_blank">https://twitter.com/MatiasKatz/status/323490014136791041</a><br>
                              <a href="https://twitter.com/notsosecure/status/478912487182827520" target="_blank">https://twitter.com/notsosecure/status/478912487182827520</a><br>
                              <br>
                              <br>
                              I'd love to see this change happen.<br>
                              <br>
                              Steven.<br>
_______________________________________________<br>
                              OWASP-Leaders mailing list<br>
                              <a href="mailto:OWASP-Leaders@lists.owasp.org" target="_blank">OWASP-Leaders@lists.owasp.org</a><br>
                              <a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br>
                            </blockquote>
                          </div>
                          <br>
                        </div>
                      </div>
                      <br>
                      _______________________________________________<br>
                      OWASP-Leaders mailing list<br>
                      <a href="mailto:OWASP-Leaders@lists.owasp.org" target="_blank">OWASP-Leaders@lists.owasp.org</a><br>
                      <a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br>
                      <br>
                    </blockquote>
                  </div>
                  <br>
                  <br clear="all">
                  <br>
                </div>
              </div>
              <span><font color="#888888">-- <br>
                  <div dir="ltr">
                    <div>Islam Azeddine Mennouchi</div>
                    <div>Consultant at ITS</div>
                    <div><a href="http://www.infotoolssolutions.dz/" target="_blank">http://www.infotoolssolutions.dz/</a><br>
                      OWASP ALGERIA Chapter Leader<br>
                      phone n°: <a href="tel:%2B213658227651" value="+213658227651" target="_blank">+213658227651</a></div>
                  </div>
                </font></span></div>
            <br>
            _______________________________________________<br>
            OWASP-Leaders mailing list<br>
            <a href="mailto:OWASP-Leaders@lists.owasp.org" target="_blank">OWASP-Leaders@lists.owasp.org</a><br>
            <a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br>
            <br>
          </blockquote>
        </div>
        <br>
      </div>
      <br>
      <fieldset></fieldset>
      <br>
      <pre>_______________________________________________
OWASP-Leaders mailing list
<a href="mailto:OWASP-Leaders@lists.owasp.org" target="_blank">OWASP-Leaders@lists.owasp.org</a>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a>
</pre>
    </blockquote>
    <br>
  </div></div></div>

</blockquote></div><br></div>