[Infowarrior] - Open Security Foundation - State of the Union 2010

Richard Forno rforno at infowarrior.org
Sat Feb 6 18:15:52 UTC 2010 

Open Security Foundation - State of the Union 2010
Posted by jkouns 12 hours ago

http://blog.osvdb.org/2010/02/06/open-security-foundation-state-of-the-union-2010

The Open Security Foundation (OSF) has grown from a humble beginning  
in 2004 to an internationally recognized 501(c)(3) non-profit public  
organization. Through the work of a small team of dedicated  
information security enthusiasts, the Open Source Vulnerability  
Database (OSVDB) and DataLossDB projects have provided organizations  
of all sizes with the knowledge and resources to accurately detect,  
protect and mitigate information security risks. OSF research is often  
cited throughout the security industry and the organization was  
honored by being named winner of the SC Magazine's Editors Choice  
award for 2009.

To ensure the highest quality information that has become the  
trademark of OSF, a tremendous amount of effort is expended on a daily  
basis by OSF volunteers to process an ever increasing amount of data  
loss and vulnerability reports. Over the years, many volunteers have  
been involved in the projects, but for the most part the the heavy  
lifting has been the work of only a few very dedicated volunteers.   
The "open source" approach to resourcing the projects has been  
successful to date but is now proving to be an unsustainable model.   
With long-term sustainability and increased services as our goal, we  
have initiated a comprehensive review of our current operations, our  
existing approach to project funding and the creation of potential new  
services for the security community.

As a start, we plan to do a better job of sharing our view on the  
state of the information security industry and creating a mechanism to  
gain community feedback to better establish our vision for the OSVDB  
and DataLossDB projects.

To that end I want to take a moment to share our initial plans for 2010.

The OSF officers and project leads have been dedicated to the daily  
operations required to make OSVDB and DataLossDB the recognized leader  
in vulnerability and data loss tracking. This focused dedication has  
left little time to take the pulse of the industry as it relates to  
our projects or to establish a clear long-term vision for the  
projects. To address this need, OSF will be creating an Advisory  
Board. The board will consist of three to five senior leaders capable  
of providing broad based perspective on information security, business  
management and fundraising. It is our hope that this will provide a  
sounding board when developing future plans, an open forum when  
reviewing community feedback and a broader view when prioritizing  
potential new services. Additional information along with an official  
call for Advisory Board nominations is planned for 2/12/2010.

Direct unfiltered feedback from both the security community as well as  
the organizations that benefit from our projects is critical. Over the  
next few weeks, we plan to post a public survey asking for feedback  
that will help shape our long-term vision and establish our near-term  
plans for OSVDB and DataLossDB.  Those of you who value the work that  
the OSF provides and/or consider yourselves friends and supporters of  
OSF are asked to help spread the word to maximize the feedback provided.

Feedback from the survey will be the foundation for the OSF vision and  
2010 plan. Our goal is to present a draft of both the vision and the  
2010 plan to the newly formed Advisory Board by mid-April 2010. Once  
finalized, both  documents will be shared with the information  
security community.

OSF has been recognized for providing a critical service to the  
information security community but our potential is much greater. We  
look forward to hearing your ideas on how OSF can further improve the  
state of security while building a stronger organization to deliver  
even higher quality research and additional services.

We appreciate your support and if you are interested in working with  
OSF please contact us at moderators at osvdb.org or  
curators at datalossdb.org.

Jake Kouns
Chairman, Open Security Foundation

More information about the Infowarrior mailing list