This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Global Industry Committee"

From OWASP
Jump to: navigation, search
(Thank you added)
 
(56 intermediate revisions by 8 users not shown)
Line 1: Line 1:
'''The Global Industry Committee was created during the OWASP EU Summit in Portugal. The primary purpose of the Global Industry Committee is to work with industry executives to gather requirements from industry, work with Membership, Projects and others.'''
+
__NOTOC__
 +
{{Global_Committee_Retirement}}
  
== Mission Statement  ==
+
Thank you to everyone who participated in, and contributed to, the Global Industry Committee up until 1st April 2013.
  
''To expand awareness of and promote the inclusion of software security best practices in Industry, Government, Academia and regulatory agencies and be a voice for industry. We will accomplish this through outreach; including presentations, development of position papers and collaborative efforts with other entities.'' [https://www.owasp.org/index.php/Global_Industry_Committee#General_Presentations_and_Reports Powerpoint of Accomplishments]
+
==== About the Committee ====
  
 +
=== Mission Statement ===
 +
 +
The Global Industry Committee was created during the OWASP EU Summit in Portugal. '''The OWASP Global Industry Committee (GIC) shall expand awareness of and promote the inclusion of software security best practices in Industry, Government, Academia and regulatory agencies and be a voice for industry. This will be accomplished through outreach; including presentations, development of position papers and collaborative efforts with other entities.'''  The committee is governed by the [[Global Industry Committee Governance]] document.
 
<br>
 
<br>
  
== Committee Plan  ==
 
 
Step 1: [[Industry:Organizations for Outreach|Identify specific organizations]] worth working with to spread the OWASP gospel
 
 
Step 2: Prioritize the proposed liaisons based on potential impact, and also realistic likelihood of the organization actively working with us
 
 
Step 3: Execute, leveraging global OWASP resources as much as possible to maximize impact
 
 
Step 4: Evaluate progress &amp; repeat Step 1-3
 
 
== Committee Members  ==
 
  
 +
=== Committee Members ===
 
<br>Members:  
 
<br>Members:  
  
Line 27: Line 21:
 
! Location
 
! Location
 
|-
 
|-
| Lorna Alamri
+
| Tobias Gondrom
| lorna.alamri 'at' owasp dot org  
+
| tobias.gondrom 'at' owasp dot org  
| USA
+
| HK, UK and DE
 
|-
 
|-
| Joe Bernik §
+
| Rex Booth
| bernik 'at' gmail dot com
+
| rex.booth 'at' owasp dot org
| USA
+
| DC, USA
 
|-
 
|-
| Rex Booth
+
| Mauro Flores
| rex.booth 'at' gt dot com
+
| mauro.flores 'at' owasp dot org  
| USA
+
| Uruguay
|-
 
| David Campbell
 
| dcampbell 'at' owasp dot org  
 
| USA
 
 
|-
 
|-
 
| Alexander Fry  
 
| Alexander Fry  
Line 47: Line 37:
 
| USA
 
| USA
 
|-
 
|-
| Georg Hess
+
| Eoin Keary
| georg.hess 'at' artofdefence dot com
+
| eoin.keary 'at' owasp dot org
| Germany
+
| Dublin, Ireland
 +
|-
 +
| Mateo Martinez
 +
| mateo.martinez 'at' owasp dot org
 +
| Uruguay
 
|-
 
|-
 
| Colin Watson  
 
| Colin Watson  
Line 55: Line 49:
 
| UK
 
| UK
 
|-
 
|-
| Mauro Flores
+
| Marco Morana
| mauro.flores 'at' owasp dot org
+
| marco.m.morana 'at' citi dot com
| Uruguay
+
| Italy
|-
 
| Mateo Martinez
 
| mateo.martinez 'at' owasp dot org
 
| Uruguay
 
 
|-
 
|-
| Nishi Kumar
+
| Christian Papathanasiou
| nishi.kumar@owasp.org
+
| christian.papathanasiou 'at' owasp dot org
| USA
+
| Greece
 
|}
 
|}
  
  
§ The committee chair is Joe Bernik.  The previous chairs were:  
+
'''§ The committee chair is Tobias Gondrom.''' The previous chairs were:  
  
 +
*Rex Booth (July 2011 to September 2012)
 +
*Joe Bernik (Feb 2011 to July 2011)
 
*Yiannis Pavlosoglou (Nov 2010 to Jan 2011)
 
*Yiannis Pavlosoglou (Nov 2010 to Jan 2011)
 
*Colin Watson (Nov 2009 to Oct 2010)
 
*Colin Watson (Nov 2009 to Oct 2010)
  
<br>Board Member Representative:
 
 
{| class="prettytable FCK__ShowTableBorders"
 
|-
 
! Name
 
! Email
 
! Location
 
|-
 
| Eoin Keary
 
|eoin.keary 'at' owasp dot org
 
| Ireland
 
|}
 
 
<br>Secretary:
 
 
{| class="prettytable FCK__ShowTableBorders"
 
|-
 
! Name
 
! Email
 
! Location
 
|-
 
| [[User:Sarah_Baso |Sarah Baso]]
 
| sarah.baso 'at' owasp dot org
 
| USA
 
|}
 
  
 
Former members of the committee:
 
Former members of the committee:
 +
*David Campbell
 +
*Georg Hess
 +
*Eoin Keary
 
*Yiannis Pavlosoglou
 
*Yiannis Pavlosoglou
 +
*Joe Bernik
 +
*Nishi Kumar
 +
*Lorna Alamri
 +
*Sherif Koussa
  
== Monthly Report ==
 
  
See [http://www.owasp.org/index.php/Global_Industry_Committee#Work_in_Progress below...]
 
  
== Getting Involved  ==
+
==== Meetings and Getting Involved  ====
  
 
=== Mailing List  ===
 
=== Mailing List  ===
Line 115: Line 87:
  
 
=== Meetings  ===
 
=== Meetings  ===
 +
Currently, the Global Industry Committee conference call meetings approximately every 4 weeks and last no longer than an hour.
 +
  
The next Global Industry Committee meeting will be:  
+
The '''next Global Industry Committee meeting''' will be:  
 +
'''Monday Oct-15, 2012, 18:00 UTC / GMT.'''
  
*Friday, April 8 at 16:00 hrs GMT
+
Global Meeting Time Planner - [http://www.timeanddate.com/worldclock/fixedtime.html?iso=20121015T19&p1=136&ah=1 Click Here]
**+1 877 534 8500 or International +1 513 534 8500
 
**Passcode 410105 #
 
** [[Industry:Minutes_2011-04-08|Agenda for 08 Apr 2011]]
 
  
 +
'''Meeting agenda'''
 +
* CISO Guide
 +
* CISO Survey
 +
* Industry Table at AppSec US
 +
* industry bodies contacts?
 +
* ...?
  
*Friday, March 18 at 5pm / 17:00 hrs GMT
 
**+1 877 534 8500 or International +1 513 534 8500
 
**Passcode 410105 #
 
**Agenda forthcoming
 
  
 
Minutes of previous meetings are:  
 
Minutes of previous meetings are:  
 
+
* [[Industry: Minutes_2013-03-01|1.March 2013]]
 +
* December 2012 (call on the CISO Guide and CISO Survey project)
 +
* October 2012
 +
*[[Industry:Minutes_2012-06-13|13 June 2012]]
 +
* 19 April 2012
 +
* 02 September 2011
 +
* 28 July 2011
 +
*[[Industry:Minutes_2011-06-16|16 June 2011]]
 +
*[[Industry:Minutes_2011-05-13|13 May 2011]]
 +
*[[Industry:Minutes_2011-04-29|29 Apr 2011]]
 +
*[[Industry:Minutes_2011-04-08|08 Apr 2011]]
 
*[[Industry:Minutes 2011-03-18|18 Mar 2011]] ([[Media:GIC_Meeting_Minutes_03182011.pdf| PDF of 18 Mar 2011 Meeting Minutes]])
 
*[[Industry:Minutes 2011-03-18|18 Mar 2011]] ([[Media:GIC_Meeting_Minutes_03182011.pdf| PDF of 18 Mar 2011 Meeting Minutes]])
 
*[[Industry:Minutes 2011-03-04|04 Mar 2011]] ([[Media:GIC_Meeting_Minutes_03042011.pdf| PDF of 04 Mar 2011 Meeting Minutes]]) ([https://spreadsheets.google.com/ccc?key=0ApZ9zE0hx0LNdEpRbVhBUEljMGpLNnVJa0FHeWZwMkE&hl=en&authkey=CPjLgdwN Proposed GIC Budget for 2011])
 
*[[Industry:Minutes 2011-03-04|04 Mar 2011]] ([[Media:GIC_Meeting_Minutes_03042011.pdf| PDF of 04 Mar 2011 Meeting Minutes]]) ([https://spreadsheets.google.com/ccc?key=0ApZ9zE0hx0LNdEpRbVhBUEljMGpLNnVJa0FHeWZwMkE&hl=en&authkey=CPjLgdwN Proposed GIC Budget for 2011])
Line 140: Line 124:
 
*[[Industry:Minutes 2009-01-23|23 Jan 2009]]
 
*[[Industry:Minutes 2009-01-23|23 Jan 2009]]
 
* 16 Dec 2010
 
* 16 Dec 2010
 
  
 
=== Membership  ===
 
=== Membership  ===
Line 149: Line 132:
  
  
=== Other ongoing initiatives  ===
+
==== Current Activity ====
 
 
*[http://www.owasp.org/index.php/Global_Industry_Committee-SIG Special Interest Groups] - Outreach to sector-specific critical infrastructures worldwide.
 
*[http://www.owasp.org/index.php/Category:India OWASP India Advisory Board] - Regional panel contributing to the software outsourcing industry.
 
*[http://www.owasp.org/index.php/Industry:Citations OWASP Citations] - References to OWASP in official, or otherwise important, documents.
 
 
 
  
=== Committee Working Documents ===
 
* [https://spreadsheets.google.com/ccc?key=0ApZ9zE0hx0LNdEZ1NmNHRGZOX3E0V2F2T2lUZ0RyVkE&hl=en&authkey=CN3toL0F GIC Member Task List]
 
* [https://docs.google.com/document/d/1ow_XZ_chhopu0yAYuMnmGXfdTRhlrKJEdqKZZ-pHloo/edit?hl=en&authkey=CPWb-csP Comprehensive List of Industry Verticals]
 
 
 
== Current Activity  ==
 
  
 
=== Work in Progress  ===
 
=== Work in Progress  ===
Line 176: Line 148:
 
! Who
 
! Who
 
|-
 
|-
| [http://www.cio.gov/pages.cfm/page/Federal-Risk-and-Authorization-Management-Program-FedRAMP FedRAMP]
+
| Nominet Consultation
| 17 Jan 2011
+
| Jan 2013
 
| Standards
 
| Standards
| In progress
+
| New
| Provide response to FedRAMP certification and accreditation process
+
| Submit response to proposed security aspects of Nominet's [http://www.nominet.org.uk/how-participate/policy-development/current-policy-discussions-and-consultations/consultation-new-uk consultation on a new .uk domain name service]
| RB
+
| CW
 +
|-
 +
|-
 +
| ENISA Who-Is-Who Directory
 +
| Sep 2012
 +
| Outreach
 +
| New
 +
| Request update to ENISA Who-Is-Who directory ([http://www.enisa.europa.eu/publications/who-is-who-directory-2011 2011 version]) for OWASP and OWASP UK; promote other EU chapters to submit information
 +
| CW
 +
|-
 +
| [https://www.owasp.org/index.php/Industry:DECC_Smart_Metering_Implementation Smart Metering Implementation Draft Licence Condition Relating to Security]
 +
| 18 Jul 2012
 +
| Standards
 +
| Closed
 +
| Submit response to UK smart meter security consultation
 +
| CW, TG
 +
|-
 +
| Industry Outreach Sessions at OWASP AppSec EU 2012
 +
| 12 Jul 2012
 +
| Outreach
 +
| Closed
 +
| Conduct industry outreach sessions at AppSec EU to educate about OWASP initiatives and solicit feedback
 +
| CW
 +
|-
 +
| [https://www.owasp.org/index.php/Application_Security_Guide_For_CISOs AppSec Guide For CISO]
 +
| June 2013
 +
| Outreach
 +
| In progress, draft 75% completed
 +
| Guide to help CISOs (Chief Information Security Officers) to manage application security programs
 +
| MM
 
|-
 
|-
| [http://hacking-lab.com/ Hacking Lab]
+
| [https://www.owasp.org/index.php/Industry:GIC_CISO_Survey_2013 CISO Survey 2013 on Application Security - Draft]
| 14 Dec 2011
+
| Feb 2013
 
| Outreach
 
| Outreach
 
| In progress
 
| In progress
| Matt Tesauro has been working with Hacking Lab previously and brought it to the GIC
+
|  
| MAT
+
| TG
 
 
 
|-
 
|-
| OWASP Panel at Brighttalk Appsec Summit
+
| Industry Outreach Sessions at OWASP AppSec US 2012
| 16 March 2011
+
| 25 Oct 2012
 
| Outreach
 
| Outreach
| In progress
+
| Closed
| Join an expert panel of OWASP leaders as they discuss new web application threats and give their insights on ways to secure them for your business [http://www.brighttalk.com/community/cloud-computing/webcast/24582]
+
| Conduct industry outreach sessions at AppSec US to educate about OWASP initiatives and solicit feedback
| DC
+
| TG
 
|-
 
|-
 
|}
 
|}
 +
 +
=== Other ongoing initiatives  ===
 +
 +
*[http://www.owasp.org/index.php/Global_Industry_Committee-SIG Special Interest Groups] - Outreach to sector-specific critical infrastructures worldwide.
 +
*[http://www.owasp.org/index.php/Category:India OWASP India Advisory Board] - Regional panel contributing to the software outsourcing industry.
 +
*[http://www.owasp.org/index.php/Industry:Citations OWASP Citations] - References to OWASP in official, or otherwise important, documents.
 +
  
 
=== Completed Items  ===
 
=== Completed Items  ===
Line 204: Line 211:
 
[[Global_Industry_Committee/Completed_Initiatives|View the GIC's past initiatives]]
 
[[Global_Industry_Committee/Completed_Initiatives|View the GIC's past initiatives]]
  
=== General Presentations and Reports  ===
 
  
OWASP Summits:
+
==== GIC Records ====
  
 +
 +
=== Committee Working Documents ===
 +
*'''[https://spreadsheets.google.com/spreadsheet/ccc?key=0ApZ9zE0hx0LNdEpRbVhBUEljMGpLNnVJa0FHeWZwMkE&hl=en_US&authkey=CPjLgdwN 2011 GIC Budget]
 +
* [https://spreadsheets.google.com/ccc?key=0ApZ9zE0hx0LNdEZ1NmNHRGZOX3E0V2F2T2lUZ0RyVkE&hl=en&authkey=CN3toL0F GIC Member Task List]
 +
* [https://docs.google.com/document/d/1ow_XZ_chhopu0yAYuMnmGXfdTRhlrKJEdqKZZ-pHloo/edit?hl=en&authkey=CPWb-csP Comprehensive List of Industry Verticals]
 +
* [http://code.google.com/p/owasp-cbt-project/downloads/list Security For Managers And Executives - Industry Outreach Presentation ]&nbsp;
 +
 +
 +
=== Monthly Reports ===
 +
*[https://docs.google.com/present/edit?id=0AZZ9zE0hx0LNZGczZ3B4YnpfMTJnMmh6ZjJmYg&hl=en_US Ppt template for Monthly Board Meeting updates]
 +
*[[Media:GIC_update_4_29_2011.pdf| May Industry Committee Update]]
 +
*[http://www.owasp.org/index.php/File:GIC_update.pptx April Industry Committee Update]
 +
 +
 +
===OWASP Summits and Working Sessions===
 +
*[https://docs.google.com/a/owasp.org/document/d/1WTTmmpc2bx3IZ9f5zU2ubTG_BrCxxrXzVHnUQUIzAWI/edit?hl=en_US Notes from Industry Outreach Sessions at AppSec EU - Dublin, 2011]
 +
*From Industry Outreach Session at 2011 AppSec EU - [https://docs.google.com/leaf?id=1UFf0Fuqhg_0u49E4s6iNxmEwNP8358M36sXs1mwLg3O3oQC7fFSwAxKMUoYW&hl=en_US Ppt presentation on CISO Survey, Rex Booth]
 +
*From Industry Outreach Session at 2011 AppSec EU -[https://docs.google.com/leaf?id=1ZFUaqj7fVSFm1BwEMnVCAS_Zi5xJUbugVHZP54hULIdEUYJYVkQ93vzsuY3o&hl=en_US Ppt presentation on Industry Outreach, Lorna Alamri]
 
*[[Summit 2011]] ([[Media:Summit2011-industry-committee-outcomes.pdf|Working session outcomes]])
 
*[[Summit 2011]] ([[Media:Summit2011-industry-committee-outcomes.pdf|Working session outcomes]])
 
*[[Summit 2009]]
 
*[[Summit 2009]]
  
About the Industry Committee:
+
 
 +
===About the GIC===
  
 
*Global Industry Committee Presentation [[Image:Owasp-summit2009-industry-committee.ppt]]
 
*Global Industry Committee Presentation [[Image:Owasp-summit2009-industry-committee.ppt]]
  
Summaries (for inclusion into other full OWASP presentations):  
+
 
 +
===Summaries===
 +
(for inclusion into other full OWASP presentations):  
  
 
*Sep 2009 [[Image:Owasp-industry-committee-summary-september-2009.ppt]]  
 
*Sep 2009 [[Image:Owasp-industry-committee-summary-september-2009.ppt]]  
Line 223: Line 250:
 
*Mar 2009 [[Image:Owasp-industry-committee-summary-march-2009.ppt]]
 
*Mar 2009 [[Image:Owasp-industry-committee-summary-march-2009.ppt]]
  
 +
 +
 +
<headertabs/>
 
<br>
 
<br>
 
+
[http://lists.owasp.org/mailman/listinfo/global_industry_committee Join our mailing list] | [[How to Join a Committee]] | [[Global_Committee_Pages|Learn about other Global Committees]]
Other [http://www.owasp.org/index.php/Global_Committee_Pages Global Committees]
 

Latest revision as of 08:23, 2 April 2013

As of April 1, 2013 the Global Committees were retired in order to enable wider community involvement and volunteerism through the OWASP Global Initiatives. 

Want to get involved with OWASP, but not sure where to start? Check out the OWASP Global Initiatives Page.

Thank you to everyone who participated in, and contributed to, the Global Industry Committee up until 1st April 2013.

About the Committee

Mission Statement

The Global Industry Committee was created during the OWASP EU Summit in Portugal. The OWASP Global Industry Committee (GIC) shall expand awareness of and promote the inclusion of software security best practices in Industry, Government, Academia and regulatory agencies and be a voice for industry. This will be accomplished through outreach; including presentations, development of position papers and collaborative efforts with other entities. The committee is governed by the Global Industry Committee Governance document.


Committee Members


Members:

Name Email Location
Tobias Gondrom tobias.gondrom 'at' owasp dot org HK, UK and DE
Rex Booth rex.booth 'at' owasp dot org DC, USA
Mauro Flores mauro.flores 'at' owasp dot org Uruguay
Alexander Fry alexander.fry 'at' owasp dot org USA
Eoin Keary eoin.keary 'at' owasp dot org Dublin, Ireland
Mateo Martinez mateo.martinez 'at' owasp dot org Uruguay
Colin Watson colin.watson 'at' owasp dot org UK
Marco Morana marco.m.morana 'at' citi dot com Italy
Christian Papathanasiou christian.papathanasiou 'at' owasp dot org Greece


§ The committee chair is Tobias Gondrom. The previous chairs were:

  • Rex Booth (July 2011 to September 2012)
  • Joe Bernik (Feb 2011 to July 2011)
  • Yiannis Pavlosoglou (Nov 2010 to Jan 2011)
  • Colin Watson (Nov 2009 to Oct 2010)


Former members of the committee:

  • David Campbell
  • Georg Hess
  • Eoin Keary
  • Yiannis Pavlosoglou
  • Joe Bernik
  • Nishi Kumar
  • Lorna Alamri
  • Sherif Koussa


Meetings and Getting Involved

Mailing List

Join our mailing list - this is the best way to find out what's going on day-to-day, and to provide input.


Meetings

Currently, the Global Industry Committee conference call meetings approximately every 4 weeks and last no longer than an hour.


The next Global Industry Committee meeting will be: Monday Oct-15, 2012, 18:00 UTC / GMT.

Global Meeting Time Planner - Click Here

Meeting agenda

  • CISO Guide
  • CISO Survey
  • Industry Table at AppSec US
  • industry bodies contacts?
  • ...?


Minutes of previous meetings are:

Membership

Membership explains how to become an OWASP organization supporter or individual member. But you don't have to be an OWASP Member or Committee Member to contribute.

The current committee members joined for a 12 month term - see How to Join a Committee and Global Committee Pages. We would especially welcome new members who can widen our geographic coverage (e.g. Africa, Asia and South America) and who have time to contribute proactively.


Current Activity

Work in Progress

The current activities being undertaken:

Task Deadline Type Status Description Who
Nominet Consultation Jan 2013 Standards New Submit response to proposed security aspects of Nominet's consultation on a new .uk domain name service CW
ENISA Who-Is-Who Directory Sep 2012 Outreach New Request update to ENISA Who-Is-Who directory (2011 version) for OWASP and OWASP UK; promote other EU chapters to submit information CW
Smart Metering Implementation Draft Licence Condition Relating to Security 18 Jul 2012 Standards Closed Submit response to UK smart meter security consultation CW, TG
Industry Outreach Sessions at OWASP AppSec EU 2012 12 Jul 2012 Outreach Closed Conduct industry outreach sessions at AppSec EU to educate about OWASP initiatives and solicit feedback CW
AppSec Guide For CISO June 2013 Outreach In progress, draft 75% completed Guide to help CISOs (Chief Information Security Officers) to manage application security programs MM
CISO Survey 2013 on Application Security - Draft Feb 2013 Outreach In progress TG
Industry Outreach Sessions at OWASP AppSec US 2012 25 Oct 2012 Outreach Closed Conduct industry outreach sessions at AppSec US to educate about OWASP initiatives and solicit feedback TG

Other ongoing initiatives


Completed Items

View the GIC's past initiatives


GIC Records

Committee Working Documents


Monthly Reports


OWASP Summits and Working Sessions


About the GIC


Summaries

(for inclusion into other full OWASP presentations):



Join our mailing list | How to Join a Committee | Learn about other Global Committees