Laurence Casey: Created page with ''''The Global Industry Committee was created during the OWASP EU Summit in Portugal. The primary purpose of the Global Industry Committee is to work with industry executives to g…'

2009-07-13T17:23:32Z

Created page with ''''The Global Industry Committee was created during the OWASP EU Summit in Portugal. The primary purpose of the Global Industry Committee is to work with industry executives to g…'

New page

'''The Global Industry Committee was created during the OWASP EU Summit in Portugal. The primary purpose of the Global Industry Committee is to work with industry executives to gather requirements from industry, work with Membership, Projects and others.'''

==Mission Statement==

''To expand awareness of and promote the inclusion of software security best practices in Industry, Government, Academia and regulatory agencies and be a voice for industry. We will accomplish this through outreach; including presentations, development of position papers and collaborative efforts with other entities.'' [https://www.owasp.org/index.php/Global_Industry_Committee#General_Presentations_and_Reports Powerpoint of Accomplishments]

==Committee Plan==

DRAFT PLAN

Step 1:
[[Industry:Organizations_for_Outreach|Identify specific organizations]] worth working with to spread the OWASP gospel

Step 2:
Prioritize the proposed liasons based on potential impact, and also realistic likelihood of the organization actively working with us

Step 3:
Execute, leveraging global OWASP resources as much as possible to maximize impact

Step 4:
Evaluate progress & repeat Step 1-3

==Committee Members==

Board Member Rep: [mailto:tomb@owasp.org Tom Brennan]

Committee Members:

* [mailto:rex.booth@gt.com Rex Booth] (U.S.)
* David Campbell: dcampbell 'at' owasp dot org (U.S.)
* [mailto:georg.hess@artofdefence.com Georg Hess] (Germany)
* [mailto:eoin.keary@owasp.org Eoin Keary] (Ireland)
* [mailto:colin.watson@owasp.org Colin Watson] (UK)

OWASP Employees:
* Alison
* Kate Hartman

==Getting Involved==

=== Mailing List ===

[http://lists.owasp.org/mailman/listinfo/global_industry_committee Join our mailing list]

=== Meetings ===

The next Global Industry Committee meeting will be:

* TBC (Conference Bridge: 1-866-534-4754)

Host Code: check calendar invite

Guest Code: 192341

Previous meeting minutes are:

* [[Industry:Minutes 2009-01-23|23 Jan 2009]]

=== Membership ===

[[Membership]] explains how to become an OWASP organization supporter or individual member.

You don't have to be an OWASP Member or Committee Member to contribute - the current committee members joined for a 12 month term - see [[How to Join a Committee]] and [[Global Committee Pages]].

==Current Activity==

=== Work in Progress ===

The current activities being undertaken:

{| class="prettytable"
! Task
! Deadline
! Type
! Status
! Description
! Who
|-
| [[Industry:SAFECode Secure Development Practices (update to Oct 2008 version)|SAFECode Secure Development Practices (update to Oct 2008 version)]]
| 31 Jul 2009
| Standards
| In Progress
| Response to [http://www.safecode.org/ SAFECode] "Fundamental Practices for Secure Software Development: A Guide to the Most Effective Secure Development Practices in Use Today."
| CW
|-
| [[:Category:OWASP CSA Project|OWASP CSA Project]]
| 8 Jul 2009
| Standards
| In Progress
| Response to RFC Security Guidance for Critical Areas of Focus in Cloud Computing, April 2009, Cloud Security Alliance ([http://www.cloudsecurityalliance.org CSA]) in conjunction with Projects Committee - see project page
| TB
|-
|}

=== Completed Items ===

{| class="prettytable"
! Task
! Completed
! Type
! Status
! Description
! Who
|-
| [[Scotland]]
| 25 Jun 2009
| Outreach
| Closed
| Presentation about the Global Industry Committee, its role and recent activities (presentation slides [[Image:Owasp-scotland-industry-committee-june-2009.ppt]] and written notes [[Image:Owasp-scotland-industry-committee-june-2009-notes.pdf]])
| CW
|-
| OWASP Presentation at [http://cfp2009.org/ CFP Con 2009]
| 1 June 2009
| Outreach
| Closed
| Deliver presentation on web threats and countermeasures. See [http://www.cfp2009.org/wiki/index.php/Tutorials/Workshops CFP tutorial page] grep OWASP for more info.
| DC
|-
| ENISA [http://www.enisa.europa.eu/pages/02_03_news_2009_02_19_who_is_who.html Who-Is-Who Directory]
| -
| Outreach
| Closed
| Contact ENISA regarding OWASP inclusion in directory (in progress). Encourage European chapter leaders to contact their ENISA liaison officers (completed). Contact UK liaison officer on behalf of London, Leeds and Scotland chapters.
| CW
|-
| IIL [http://www.iilondon.co.uk/ Insurance Institute of London]
| 2 Jun 2009
| Outreach
| Closed
| Contact IIL regarding future input to their publication [http://www.iilondon.co.uk/XtraCart/store/comersus_viewItem.asp?idProduct=187 Insurance Aspects of E-Commerce]
| CW
|-
| [[Industry:Draft NIST SP 800-118|Draft NIST SP 800-118]]
| 29 May 2009
| Standards
| Closed
| Provide response to "Draft NIST Special Publication 800-118 Guide to Enterprise Password Management"
| CW/EK/RB/DC
|-
| [http://docs.google.com/Present?docid=ddkr62qv_171cd7gh5fb&skipauth=true Outreach Presentation to Frontier Airlines]
| 7 May 2009
| Outreach
| Closed
| Provide outreach presentation covering fundamentals of AppSec and Intro to OWASP
| DC
|-
| [[Industry:DPC BS 10012|DPC BS 10012]]
| 31 Mar 2009
| Standards
| Closed
| Provide response to "BS 10012 Specification for the management of personal information in compliance with the Data Protection Act 1998" Draft for Public Comment (DPC)
| CW
|-
| [[Industry:Draft NIST SP 800-53 Revision 3|Draft NIST SP 800-53 Revision 3]]
| 27 Mar 2009
| Standards
| Closed
| Provide response to "Draft NIST Special Publication 800-53 (Revision 3) Recommended Security Controls for Federal Information Systems and Organizations"
| RB
|-
| [[Industry:Draft NIST SP 800-122|Draft NIST SP 800-122]]
| 13 Mar 2009
| Standards
| Closed
| Provide response to "Draft NIST Special Publication 800-122 Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)"
| CW
|-
| [[London]]
| 12 Mar 2009
| Outreach
| Closed
| Presentation about the Global Industry Committee, its role and recent activities (presentation slides [[Image:Owasp-london-industry-committee-march-2009.ppt]] and written notes [[Image:Owasp-london-industry-committee-march-2009-notes.pdf]])
| CW
|-
| [[Industry:Digital Britain Interim Report|Digital Britain Interim Report]]
| 11 Mar 2009
| Legislation
| Closed
| Provide response to UK Government's "Digital Britain Interim Report Jan 2009"
| CW
|-
| [[Industry:DPC BS 8878:2009|DPC BS 8878:2009]]
| 31 Jan 2009
| Standards
| Closed
| Provide response to "BS 8878:2009 Web accessibility. Building accessible experiences for disabled people" Draft for Public Comment (DPC)
| Puneet/CW
|-
| AppSec Presentation Delivered to Infragard, Dec 2008
| Dec 2008
| Outreach
| Closed
| [http://www.infragard.net/ Infragard] is a collaboration between the US FBI and maintainers of critical infrastructure. [http://docs.google.com/Present?docid=ddkr62qv_0cn7km4c3&skipauth=true Presentation here]. Email DC for full PPT with speaker notes
| DC
|-
|}

=== General Presentations and Reports ===

Summaries (for inclusion into other full OWASP presentations):
* May 2009 [[Image:Owasp-industry-committee-summary-may-2009.ppt]]
* April 2009 [[Image:Owasp-industry-committee-summary-april-2009.ppt]]
* March 2009 [[Image:Owasp-industry-committee-summary-march-2009.ppt]]

Other [http://www.owasp.org/index.php/Global_Committee_Pages Global Committees]

Category:Global Industry Committee - Revision history

Laurence Casey: Created page with ''''The Global Industry Committee was created during the OWASP EU Summit in Portugal. The primary purpose of the Global Industry Committee is to work with industry executives to g…'