Industry:Minutes 2012-06-13

Purpose

The Global Industry Committee was created during the OWASP EU Summit in Portugal 2008. The OWASP Global Industry Committee (GIC) shall expand awareness of and promote the inclusion of software security best practices in Industry, Government, Academia and regulatory agencies and be a voice for industry. This will be accomplished through outreach; including presentations, development of position papers and collaborative efforts with other entities.

Roll Call

Global Industry Committee Call: June 13, 2012

Present:

• Rex
• Marco
• Colin Watson
• Kate Hartmann
• Tobias Gondrom
• ...

Open GIC Action Items

CISO Guide project

• Marco plans to start further 3 chapters in September 2012 and have the draft finished in good working order for November of 2012
• there is approved funding for socialising the CISO Guide in the range of USD5000 for presenting etc from the "project reboot"
• Tobias will assist in writing some chapters based on the CISO training workshops he gives at the AppSecs

CISO Survey

• there is still some uncertainty around the execution of the CISO Survey.
  • how do we get a sufficient number and quality of feedback submissions of CISO/CISO-like people
  • how to analyse the data + build a report
  • some ideas is to collect answers at AppSec meetings and integrate the results into the CISO Guide
• what questions did we use before (Rex will send round the previous survey questions and question categories)

Plans for AppSec EU and other AppSecs

• there was some good experience with an "industry table" at the AppSec APAC 2012 in Sydney (by Tobias).
• we should consider repeating this initiative at other AppSec conferences
• AppSec EU: Colin will organise the industry (e.g. "Industry Leader") table / dinner / evening for AppSec EU

Next Meeting

in around 4 weeks time