Industry:Minutes 2011-03-18

Minutes of the Global Industry Committee meeting held by conference call on 18 March 2011 at 17:00 GMT.

Roll Call
Present:


 * Joe Bernik (Chair)
 * Sarah Baso (Operations)
 * Lorna Alamri
 * Sheriff Koussa
 * David Campbell
 * Kate Hartmann


 * Note – There was confusion due to Daylight Savings Time change on 13 March in the US. Colin Watson and Jerry Hoff called in but at a different time so were not able to participate in the conference call.

Absent:
 * Mauro Flores
 * Tony UcedaVelez
 * Alexander Fry
 * Rex Booth
 * Mateo Martinez
 * Nishi Kumar
 * Eoin Keary
 * George Hess
 * Michael Scovetta

Budget
Current GIC Budget for 2011
 * Recap from Committee Chairs meeting on 14 March (attended by DC and SB): The budget needs to be broken down by priority and initiative so that it can be approved in chunks by the Board as money becomes available. So, in addition to preparing the overall budget, the GIC needs to be prepared to tell the Board what amount of money we will need immediate initiatives (such as SurveyMonkey and AppSecEU).
 * JB to reach out to Global Conferences Committee, Fabio, and Eoin – work with them re: who attend or participate for GIC outreach initiatives.
 * JB to follow up with Fabio and Eoin re: availability and cost of rooms for GIC outreach session at AppSec USA.
 * DC to reach out to Robb Mann (Google) re: attending AppSec EU.
 * JB work on budget and prepare it for submission to Kate Hartmann by 28 March (and review for Board Meeting on 4 April).

Industry Surveys

 * EK has put a lot of work into his survey and need to make sure that it gets going as soon as possible
 * Fees for Survey Monkey to be FIRST PRIORITY on GIC Budget for approval. We need $64.99/month for the platinum plan, which will allow us to put forth a professional product that is personalized for our intended audience.
 * The number of months we will need to keep the survey up is undecided. Maybe 2-4 months.
 * RB should put together a proposal of what he wants to do for the "metrics" survey, talk to EK in regards to differentiating the two, and then report back to the GIC.
 * SB to email Eoin’s survey out to rest of GIC.

OWASP Points Program
http://www.owasp.org/index.php/OWASP_Points
 * Each committee needs to provide Mark Bristow with a list of what points should be given to people related to that committee’s tasks/roles.
 * SB to email GIC list to see if anyone will take on this project

Industry PowerPoint Presentation

 * This needs to be tasked out to someone in the committee. Possibly NK since she has put together something like this previously for her personal use.
 * SB to follow up with NK and see if she will put this together.

Mateo Martinez’s email request

 * What can we do to help?

Dear all,

I´m writing to you because Anurag is planning a visit to TCS in order to get their involvement with OWASP and to provide some trainings.

TCS is deploying software security in the SDLC around the world so I think that could be a great case study for OWASP so we should provide all the support to Anurag to make the presentation.

Please your comments and suggestions will be more than welcome.

Best regards, Mateo


 * SB to forward request to rest of GIC, suggest Jerry Hoff’s training videos and PowerPoint (to be prepared by NK)

GIC --New mission

 * New mission statement discussed at last committee chairs meeting, still seems to be confusion on roles between GIC and Connections Committee. All global committees to reflect on current duties and possibly revise mission statement to reflect.
 * KH – there doesn’t seem to be overlap in the actual initiatives taken on by Industry and Connections Committees, even though the mission statements may seem similar.
 * KH – if GIC wants to take on “outreach” that is fine, but they need to make sure to follow through on what they commit to. Also, need to differentiate between outreach and advertising.  GIC should not (and does not plan to) include advertising or press releases.

Other items

 * LA – we need to talk more about GIC initiatives with AppSec EU. Thinks we are putting an unfair burden  back to appsec EU.
 * JB to discuss GIC initiatives at AppSec EU with EK.
 * Need to establish goals we want to accomplish at appsec EU. How many people, what sectors? DC and JB to heads together and hit list on invites.

Next Meeting
TBD
 * +1 877 534 8500 or International +1 513 534 8500
 * Passcode 410105 #

Post-Meeting Deliverables for SB

 * SB to email Eoin’s survey out to rest of GIC.
 * SB to email GIC list to see if anyone will put together relevant points for Mark Bristow’s OWASP Points Program.
 * SB to follow up with NK and see if she will put together and GIC Outreach PowerPoint.
 * SB to forward MM’s email request to GIC, suggest Jerry Hoff’s training videos and PowerPoint (to be prepared by NK)

Deliverables for others

 * JB to reach out to Global Conferences Committee, Fabio, and Eoin – work with them re: who attend or participate in GIC outreach initiatives at AppSec EU.
 * JB to follow up with Fabio and Eoin re: availability and cost of rooms for GIC outreach session at AppSec EU.
 * DC to reach out to Robb Mann (Google) re: attending AppSec EU.
 * JB work on budget and prepare it for submission to Kate Hartmann by 28 March (and review for Board Meeting on 4 April).
 * RB should put together a proposal of what he wants to do for the "metrics" survey, talk to EK in regards to differentiating the two, and then report back to the GIC.
 * Need to establish goals we want to accomplish at AppSec EU. How many people, what sectors? DC and JB to heads together and hit list on invites.

Return to Global Industry Committee or Global Committee Pages.