This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Industry:Minutes 2011-06-16"
m |
Sarah Baso (talk | contribs) |
||
(One intermediate revision by the same user not shown) | |||
Line 6: | Line 6: | ||
Present: | Present: | ||
− | + | *Lorna Alamri | |
+ | *Sherif Koussa | ||
+ | *Jerry Hoff | ||
+ | *Kelly SantaLucia | ||
+ | *Kate Hartman | ||
+ | *Sarah Baso | ||
Absent: | Absent: | ||
− | + | *Joe Bernik (Chair) | |
+ | * Rex Booth | ||
+ | *David Campbell | ||
+ | *Colin Watson | ||
+ | *Mauro Flores | ||
+ | *Mateo Martinez | ||
+ | *Alexander Fry | ||
+ | *Nishi Kumar | ||
Line 16: | Line 28: | ||
===Follow up on GIC Working Sessions at AppSec EU=== | ===Follow up on GIC Working Sessions at AppSec EU=== | ||
− | + | 3 sessions on Friday, June 10 2011 (second day of the conference) | |
− | + | *1st session:GIC Outreach Presentation 10:15-11:00 am | |
− | + | **Lorna Alamri replaced Nishi Kumar, who had a last minute work conflict and had to cancel her trip. | |
− | **3rd session: Industry Roundtable discussion 3:00-3:45 pm, presented by Sarah Baso with remote participation by Joe Bernik | + | **Nishi provided the slide show and Lorna presented to about 5 people who were in attendance |
+ | **Lorna Alamri - will follow up with email to attendees regarding industry outreach | ||
+ | *2nd session: Gathering Information - Industry CISO Survey 12:05-12:50 pm, presented by Rex Booth | ||
+ | **3 people in attendance (in addition to committee members - Lorna Alamri and Colin Watson) | ||
+ | **Report/session notes from Rex Booth pending | ||
+ | *3rd session: Industry Roundtable discussion 3:00-3:45 pm, presented by Sarah Baso with remote participation by Joe Bernik | ||
+ | **Unattended | ||
===Plans for AppSec USA=== | ===Plans for AppSec USA=== | ||
− | + | Are we going to have Industry outreach session(s)/track? | |
+ | *Jerry Hoff is attending AppSec USA and is happy to assist with Industry Outreach, Sherif Koussa does not know yet if he will attend | ||
+ | *If GIC wants to have outreach session(s) here similar to appsec EU, more planning and marketing needs to occur around the sessions to ensure their success | ||
===SANS workshop in Washington DC=== | ===SANS workshop in Washington DC=== | ||
+ | *If interested, reply to [mailto:[email protected] Rex Booth] ([https://lists.owasp.org/pipermail/global_industry_committee/2011-June/000738.html email thread]) who is coordinating this initiative | ||
Line 35: | Line 56: | ||
*https://lists.owasp.org/pipermail/global_industry_committee/2011-May/000710.html | *https://lists.owasp.org/pipermail/global_industry_committee/2011-May/000710.html | ||
+ | |||
+ | *Any interest in comment on the NIST cloud computing guide? Sarah Baso to send out email reminder to GIC list to see if anyone is interested in taking this on. | ||
+ | |||
Line 42: | Line 66: | ||
− | ===Are we doing anything with PCI Security Standards=== | + | ===Are we doing anything with PCI Security Standards?=== |
*https://lists.owasp.org/pipermail/global_industry_committee/2011-May/000711.html | *https://lists.owasp.org/pipermail/global_industry_committee/2011-May/000711.html | ||
*https://www.pcisecuritystandards.org/communitymeeting/2011/ | *https://www.pcisecuritystandards.org/communitymeeting/2011/ | ||
+ | *No current comments/interest in this initiative. | ||
===GIC Governance Policies=== | ===GIC Governance Policies=== | ||
Currently listed here: https://www.owasp.org/index.php/Global_Industry_Committee_Governance | Currently listed here: https://www.owasp.org/index.php/Global_Industry_Committee_Governance | ||
− | + | *Will be implemented based on no response from committee members, policies may be superceded by policies applying to all | |
==Next Meeting== | ==Next Meeting== | ||
− | + | 2 weeks | |
+ | * 30 June, 2011 16:00 UTC/GMT | ||
+ | *Dial in: +1-866-534-4754, code: 69277 | ||
+ | *Industry Outreach activities for AppSec USA will be priority discussion (considering lessons learned from AppSec EU). |
Latest revision as of 16:45, 16 June 2011
Purpose
The Global Industry Committee was created during the OWASP EU Summit in Portugal 2008. The OWASP Global Industry Committee (GIC) shall expand awareness of and promote the inclusion of software security best practices in Industry, Government, Academia and regulatory agencies and be a voice for industry. This will be accomplished through outreach; including presentations, development of position papers and collaborative efforts with other entities.
Roll Call
Global Industry Committee Call: June 16, 2011 at 16:00 UTC/GMT
Present:
- Lorna Alamri
- Sherif Koussa
- Jerry Hoff
- Kelly SantaLucia
- Kate Hartman
- Sarah Baso
Absent:
- Joe Bernik (Chair)
- Rex Booth
- David Campbell
- Colin Watson
- Mauro Flores
- Mateo Martinez
- Alexander Fry
- Nishi Kumar
Open GIC Action Items
Follow up on GIC Working Sessions at AppSec EU
3 sessions on Friday, June 10 2011 (second day of the conference)
- 1st session:GIC Outreach Presentation 10:15-11:00 am
- Lorna Alamri replaced Nishi Kumar, who had a last minute work conflict and had to cancel her trip.
- Nishi provided the slide show and Lorna presented to about 5 people who were in attendance
- Lorna Alamri - will follow up with email to attendees regarding industry outreach
- 2nd session: Gathering Information - Industry CISO Survey 12:05-12:50 pm, presented by Rex Booth
- 3 people in attendance (in addition to committee members - Lorna Alamri and Colin Watson)
- Report/session notes from Rex Booth pending
- 3rd session: Industry Roundtable discussion 3:00-3:45 pm, presented by Sarah Baso with remote participation by Joe Bernik
- Unattended
Plans for AppSec USA
Are we going to have Industry outreach session(s)/track?
- Jerry Hoff is attending AppSec USA and is happy to assist with Industry Outreach, Sherif Koussa does not know yet if he will attend
- If GIC wants to have outreach session(s) here similar to appsec EU, more planning and marketing needs to occur around the sessions to ensure their success
SANS workshop in Washington DC
- If interested, reply to Rex Booth (email thread) who is coordinating this initiative
Nist Draft on Cloud Computing
- NIST wants comments on its cloud computing guide, which includes
security concerns. The announcement is here: http://www.nist.gov/itl/csd/20110512_cloud_guide.cfm
- Any interest in comment on the NIST cloud computing guide? Sarah Baso to send out email reminder to GIC list to see if anyone is interested in taking this on.
Nomination of IS Pros for the 2011 GISLAs
Are we doing anything with PCI Security Standards?
- https://lists.owasp.org/pipermail/global_industry_committee/2011-May/000711.html
- https://www.pcisecuritystandards.org/communitymeeting/2011/
- No current comments/interest in this initiative.
GIC Governance Policies
Currently listed here: https://www.owasp.org/index.php/Global_Industry_Committee_Governance
- Will be implemented based on no response from committee members, policies may be superceded by policies applying to all
Next Meeting
2 weeks
- 30 June, 2011 16:00 UTC/GMT
- Dial in: +1-866-534-4754, code: 69277
- Industry Outreach activities for AppSec USA will be priority discussion (considering lessons learned from AppSec EU).