I apologize but I will be unable to attend the 3-Nov PGB meeting since I’ll be guest lecturing at a class and I will also miss the December meeting because I’ll be in Antarctica. I would like the board to discuss my previous proposal to start a new project called ‘Cybersecurity Automation’. It would have several purposes:

• Run the Cybersecurity Automation Workshops (http://www.cybersecurityautomationworkshop.org/)
• Cybersecurity Automation “awareness & adoption” (and thereby OCA PR) eg create big picture use cases showing value of all this stuff working together along the lines of https://youtu.be/oW5JsQX2zuI
• “Create” standards in Cybersecurity Automation. Create is in quotes because intent is to write standards calling out other standards when possible. For example, I believe we have agreement within OCA that at least one command & control language used by OCA is OpenC2, and one threat language is kestrel. This would codify those in standards as well as in our open source. In some cases it would be “only”, but in many/most cases it would be one of a list (e.g. HTTPS, MQTT, OpenDxl, …)
• Reinvigorate the membership (no guaruntees but my hope would be this would bring in both new sponsors and new contributing members).

The scope has expanded during the discussions over the last 5 months (e.g not just CAW but including use cases and standards) and stabilized as a project (not workgroup since needs a repo and will make standards track work products). I think it is now stable and the clock is ticking on the next CAW (as well as some good “awareness/adoption” triggers  coming up). So I’d like to move forward via whatever is the correct way to do that. And I don’t want my conflicts with next two PGB’s to delay it further.

I am not sure of the proper mechanism for PGB to approve this proposal (Claudia? Jane? Chet? Do you know?) . I presume I’ll have to write something up (what?) to get approved. I’d like to understand (1) if any objections/suggestions/improvements/lukewarm-agreement/wild-enthusiam from PGB meeting and (2) what next steps (eg what do I need to write/do?).

Duncan can I make a suggestion to help ensure this moves forward, because based on history it is unlikely we will achieve quorum at the PGB meeting – if we have ballot text proposed, we can start an electronic ballot now and keep it open for 2 weeks. The ballot can then be discussed at the meeting.

I apologize but I will be unable to attend the 3-Nov PGB meeting since I’ll be guest lecturing at a class and I will also miss the December meeting because I’ll be in Antarctica. I would like the board to discuss my previous proposal to start a new project called ‘Cybersecurity Automation’. It would have several purposes:

• Run the Cybersecurity Automation Workshops (http://www.cybersecurityautomationworkshop.org/)
• Cybersecurity Automation “awareness & adoption” (and thereby OCA PR) eg create big picture use cases showing value of all this stuff working together along the lines of https://youtu.be/oW5JsQX2zuI
• “Create” standards in Cybersecurity Automation. Create is in quotes because intent is to write standards calling out other standards when possible. For example, I believe we have agreement within OCA that at least one command & control language used by OCA is OpenC2, and one threat language is kestrel. This would codify those in standards as well as in our open source. In some cases it would be “only”, but in many/most cases it would be one of a list (e.g. HTTPS, MQTT, OpenDxl, …)
• Reinvigorate the membership (no guaruntees but my hope would be this would bring in both new sponsors and new contributing members).

The scope has expanded during the discussions over the last 5 months (e.g not just CAW but including use cases and standards) and stabilized as a project (not workgroup since needs a repo and will make standards track work products). I think it is now stable and the clock is ticking on the next CAW (as well as some good “awareness/adoption” triggers  coming up). So I’d like to move forward via whatever is the correct way to do that. And I don’t want my conflicts with next two PGB’s to delay it further.

I am not sure of the proper mechanism for PGB to approve this proposal (Claudia? Jane? Chet? Do you know?) . I presume I’ll have to write something up (what?) to get approved. I’d like to understand (1) if any objections/suggestions/improvements/lukewarm-agreement/wild-enthusiam from PGB meeting and (2) what next steps (eg what do I need to write/do?).

So it sounds like the path forward is I should create a charter including some background and the subproject scope, and request an eballot. I will do that over next few days.

In general, given this certainly hits the sweet spot areas of interest of R7, I would certainly be supportive of such an initiative.  I will also float the idea internally as well and will report back anything substantive I get back.

Revising “next few days” – it will probably take longer. I’m hopefully meeting Friday with one of the ‘how does this relate to …’ groups

So it sounds like the path forward is I should create a charter including some background and the subproject scope, and request an eballot. I will do that over next few days.

In general, given this certainly hits the sweet spot areas of interest of R7, I would certainly be supportive of such an initiative.  I will also float the idea internally as well and will report back anything substantive I get back.