This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Global Industry Committee"
From OWASP
m |
(Added SAFECODE / edits to IIL and ENISA / added OWASP Scotland presentation) |
||
| Line 14: | Line 14: | ||
Step 2: | Step 2: | ||
| − | Prioritize the proposed liasons based on potential impact, and also realistic | + | Prioritize the proposed liasons based on potential impact, and also realistic likelihood of the organization actively working with us |
Step 3: | Step 3: | ||
| Line 80: | Line 80: | ||
! Who | ! Who | ||
|- | |- | ||
| − | | | + | | [http://www.safecode.org/feedback.php SAFECode] |
| − | | - | + | | 31 Jul 2009 |
| + | | Standards | ||
| + | | New | ||
| + | | Response to SAFECode "Fundamental Practices for Secure Software Development: A Guide to the Most Effective Secure Development Practices in Use Today." | ||
| + | | ''TBC'' | ||
| + | |- | ||
| + | | [[Scotland]] | ||
| + | | 25 Jun 2009 | ||
| Outreach | | Outreach | ||
| In progress | | In progress | ||
| − | | | + | | Presentation about the Global Industry Committee, its role and recent activities |
| CW | | CW | ||
|- | |- | ||
| Line 98: | Line 105: | ||
| Outreach | | Outreach | ||
| In progress | | In progress | ||
| − | | Contact ENISA regarding OWASP inclusion in directory | + | | Contact ENISA regarding OWASP inclusion in directory (in progress). Encourage European chapter leaders to contact their ENISA liaison officers (completed). Contact UK liaison officer on behalf of London, Leeds and Scotland chapters. |
| CW | | CW | ||
|- | |- | ||
| Line 112: | Line 119: | ||
! Description | ! Description | ||
! Who | ! Who | ||
| + | |- | ||
| + | | IIL [http://www.iilondon.co.uk/ Insurance Institute of London] | ||
| + | | 2 Jun 2009 | ||
| + | | Outreach | ||
| + | | Closed | ||
| + | | Contact IIL regarding future input to their publication [http://www.iilondon.co.uk/XtraCart/store/comersus_viewItem.asp?idProduct=187 Insurance Aspects of E-Commerce] | ||
| + | | CW | ||
|- | |- | ||
| [[Industry:Draft NIST SP 800-118|Draft NIST SP 800-118]] | | [[Industry:Draft NIST SP 800-118|Draft NIST SP 800-118]] | ||
| Line 132: | Line 146: | ||
| Closed | | Closed | ||
| Provide response to "BS 10012 Specification for the management of personal information in compliance with the Data Protection Act 1998" Draft for Public Comment (DPC) | | Provide response to "BS 10012 Specification for the management of personal information in compliance with the Data Protection Act 1998" Draft for Public Comment (DPC) | ||
| − | | | + | | CW |
|- | |- | ||
| [[Industry:Draft NIST SP 800-53 Revision 3|Draft NIST SP 800-53 Revision 3]] | | [[Industry:Draft NIST SP 800-53 Revision 3|Draft NIST SP 800-53 Revision 3]] | ||
| Line 139: | Line 153: | ||
| Closed | | Closed | ||
| Provide response to "Draft NIST Special Publication 800-53 (Revision 3) Recommended Security Controls for Federal Information Systems and Organizations" | | Provide response to "Draft NIST Special Publication 800-53 (Revision 3) Recommended Security Controls for Federal Information Systems and Organizations" | ||
| − | | | + | | RB |
|- | |- | ||
| [[Industry:Draft NIST SP 800-122|Draft NIST SP 800-122]] | | [[Industry:Draft NIST SP 800-122|Draft NIST SP 800-122]] | ||
| Line 146: | Line 160: | ||
| Closed | | Closed | ||
| Provide response to "Draft NIST Special Publication 800-122 Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)" | | Provide response to "Draft NIST Special Publication 800-122 Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)" | ||
| − | | | + | | CW |
| + | |- | ||
| + | | [[London]] | ||
| + | | 12 Mar 2009 | ||
| + | | Outreach | ||
| + | | Closed | ||
| + | | Presentation about the Global Industry Committee, its role and recent activities (presentation slides [[Image:Owasp-london-industry-committee-march-2009.ppt]] and written notes [[Image:Owasp-london-industry-committee-march-2009-notes.pdf]]) | ||
| + | | CW | ||
|- | |- | ||
| [[Industry:Digital Britain Interim Report|Digital Britain Interim Report]] | | [[Industry:Digital Britain Interim Report|Digital Britain Interim Report]] | ||
| Line 153: | Line 174: | ||
| Closed | | Closed | ||
| Provide response to UK Government's "Digital Britain Interim Report Jan 2009" | | Provide response to UK Government's "Digital Britain Interim Report Jan 2009" | ||
| − | | | + | | CW |
|- | |- | ||
| [[Industry:DPC BS 8878:2009|DPC BS 8878:2009]] | | [[Industry:DPC BS 8878:2009|DPC BS 8878:2009]] | ||
| Line 160: | Line 181: | ||
| Closed | | Closed | ||
| Provide response to "BS 8878:2009 Web accessibility. Building accessible experiences for disabled people" Draft for Public Comment (DPC) | | Provide response to "BS 8878:2009 Web accessibility. Building accessible experiences for disabled people" Draft for Public Comment (DPC) | ||
| − | | Puneet/ | + | | Puneet/CW |
|- | |- | ||
| AppSec Presentation Delivered to Infragard, Dec 2008 | | AppSec Presentation Delivered to Infragard, Dec 2008 | ||
| Line 178: | Line 199: | ||
* March 2009 [[Image:Owasp-industry-committee-summary-march-2009.ppt]] | * March 2009 [[Image:Owasp-industry-committee-summary-march-2009.ppt]] | ||
| − | |||
| − | |||
| − | |||
Other [http://www.owasp.org/index.php/Global_Committee_Pages Global Committees] | Other [http://www.owasp.org/index.php/Global_Committee_Pages Global Committees] | ||
Revision as of 10:04, 11 June 2009
The Global Industry Committee was created during the OWASP EU Summit in Portugal. The primary purpose of the Global Industry Committee is to work with industry executives to gather requirements from industry, work with Membership, Projects and others.
Mission Statement
To expand awareness of and promote the inclusion of software security best practices in Industry, Government, Academia and regulatory agencies and be a voice for industry. We will accomplish this through outreach; including presentations, development of position papers and collaborative efforts with other entities. Powerpoint of Accomplishments
Committee Plan
DRAFT PLAN
Step 1: Identify specific organizations worth working with to spread the OWASP gospel
Step 2: Prioritize the proposed liasons based on potential impact, and also realistic likelihood of the organization actively working with us
Step 3: Execute, leveraging global OWASP resources as much as possible to maximize impact
Step 4: Evaluate progress & repeat Step 1-3
Committee Members
Board Member Rep: Tom Brennan
Committee Members:
- Rex Booth (U.S.)
- David Campbell: dcampbell 'at' owasp dot org (U.S.)
- Georg Hess (Germany)
- Eoin Keary (Ireland)
- Colin Watson (UK)
OWASP Employees:
- Alison
- Kate Hartman
Getting Involved
Mailing List
Meetings
The next Global Industry Committee meeting will be:
- TBC (Conference Bridge: 1-866-534-4754)
Host Code: check calendar invite
Guest Code: 192341
Previous meeting minutes are:
Membership
Membership explains how to become an OWASP organization supporter or individual member.
You don't have to be an OWASP Member or Committee Member to contribute - the current committee members joined for a 12 month term - see How to Join a Committee and Global Committee Pages.
Current Activity
Work in Progress
The current activities being undertaken:
| Task | Deadline | Type | Status | Description | Who |
|---|---|---|---|---|---|
| SAFECode | 31 Jul 2009 | Standards | New | Response to SAFECode "Fundamental Practices for Secure Software Development: A Guide to the Most Effective Secure Development Practices in Use Today." | TBC |
| Scotland | 25 Jun 2009 | Outreach | In progress | Presentation about the Global Industry Committee, its role and recent activities | CW |
| OWASP Presentation at CFP Con 2009 | 1 June 2009 | Outreach | New | Deliver presentation on web threats and countermeasures. See CFP tutorial page grep OWASP for more info. | DC |
| ENISA Who-Is-Who Directory | - | Outreach | In progress | Contact ENISA regarding OWASP inclusion in directory (in progress). Encourage European chapter leaders to contact their ENISA liaison officers (completed). Contact UK liaison officer on behalf of London, Leeds and Scotland chapters. | CW |
Completed Items
| Task | Completed | Type | Status | Description | Who |
|---|---|---|---|---|---|
| IIL Insurance Institute of London | 2 Jun 2009 | Outreach | Closed | Contact IIL regarding future input to their publication Insurance Aspects of E-Commerce | CW |
| Draft NIST SP 800-118 | 29 May 2009 | Standards | Closed | Provide response to "Draft NIST Special Publication 800-118 Guide to Enterprise Password Management" | CW/EK/RB/DC |
| Outreach Presentation to Frontier Airlines | 7 May 2009 | Outreach | Closed | Provide outreach presentation covering fundamentals of AppSec and Intro to OWASP | DC |
| DPC BS 10012 | 31 Mar 2009 | Standards | Closed | Provide response to "BS 10012 Specification for the management of personal information in compliance with the Data Protection Act 1998" Draft for Public Comment (DPC) | CW |
| Draft NIST SP 800-53 Revision 3 | 27 Mar 2009 | Standards | Closed | Provide response to "Draft NIST Special Publication 800-53 (Revision 3) Recommended Security Controls for Federal Information Systems and Organizations" | RB |
| Draft NIST SP 800-122 | 13 Mar 2009 | Standards | Closed | Provide response to "Draft NIST Special Publication 800-122 Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)" | CW |
| London | 12 Mar 2009 | Outreach | Closed | Presentation about the Global Industry Committee, its role and recent activities (presentation slides File:Owasp-london-industry-committee-march-2009.ppt and written notes File:Owasp-london-industry-committee-march-2009-notes.pdf) | CW |
| Digital Britain Interim Report | 11 Mar 2009 | Legislation | Closed | Provide response to UK Government's "Digital Britain Interim Report Jan 2009" | CW |
| DPC BS 8878:2009 | 31 Jan 2009 | Standards | Closed | Provide response to "BS 8878:2009 Web accessibility. Building accessible experiences for disabled people" Draft for Public Comment (DPC) | Puneet/CW |
| AppSec Presentation Delivered to Infragard, Dec 2008 | Dec 2008 | Outreach | Closed | Infragard is a collaboration between the US FBI and maintainers of critical infrastructure. Presentation here. Email DC for full PPT with speaker notes | DC |
General Presentations and Reports
Summaries (for inclusion into other full OWASP presentations):
- May 2009 File:Owasp-industry-committee-summary-may-2009.ppt
- April 2009 File:Owasp-industry-committee-summary-april-2009.ppt
- March 2009 File:Owasp-industry-committee-summary-march-2009.ppt
Other Global Committees
