It's really hard to create an OWASP Project Summit with the current model (with little funding, with no dedicated team, attached to a conference, etc..)
The formula that worked in the past was to start with a set budget (lets say 50k to 100k) and :
- use those funds to make sure the key players (in this case project leaders and 'new players') are going to attend (by offering to cover all travel and accommodation expenses (while asking them if they can get their employee to pay instead))
- hire a dedicated summit team (for that period)
- secure dedicated venue and summit resources
- generate a huge amount of energy about the summit sessions (starting by inventing all sorts of sessions, until the real sessions become solid)
- cast a very wide net of 'invitations to attend the summit' (with the vision that 'the summit is THE place to be, where all the key players will be in the same location, and where REAL work can be done')
The hard part is making people 'believe' in the Summit. The objective is for our leaders (and attendees) to create the sessions that THEY want to attend (on top of the infrastructure provided by the Summit). By definition those sessions will be interested to others, and eventually a virtuous cycle will start to occur.
Back to the Project Summit, the interesting question is: should OWASP invest 50k or 100k on its projects?
I think the answer is YES since Owasp's projects are critical part of OWASP (which deserves solid investment)
Here are some of my blog posts about my views on OWASP Summits and OWASP Projects
- Summits must be part of OWASP's DNA
- Great description of why OWASP Summits are special
- OWASP Revenue Splits and the "Non-profits have a charter to be innovators"
- I want to vote for a Summit Team+Vision , NOT for a venue
- Some proposed Visions for next OWASP Summit
- Why large OWASP projects start to stale (and who should pay for the work)
- OWASP: Proposed change for SoC: Use budget to pay for project related expenses
- Sometimes the best response is just say 'YES'
- I wish that OWASP in 2014 ....
- OWASP Principles based on NHS?
- On how to get paid to work on OWASP projects
- ROI on OWASP investment on Projects (ie paying leaders)
- Improved Wikipedia funding page, why OWASP needs something similar, and who buys OWASP Corporate Memberships