Welcome to the Commons Focus Area. I plan to blog post here weekly with news of progress for those that don't want to delve into the forums / mailing lists. You can subscribe to these updates via RSS at the side bar.
The first project I want to start is an Information Security Glossary. Why you may well ask? There are a million of the things there like NIST surely? Yes and yes! There are many glossaries and some are OK but not one I have found is good for the majority of cases. NIST is very US government centric, others quite frankly confuse the hell out of me and some are just plain old wrong. I think nomenclature does matter and its essential that all of our projects can reference a common source of definitions. Just yesterday I witnessed a dozen mailing to the Security Metrics mailing list debating definitions for Threats and Vulnerabilities.
Paul Zedeck has made a start by compiling various terms into a spreadsheet that I will be posting in the files area shortly. I will maintain a Word document and add to it gradually. I think the strategy should be to focus on quality definitions and not quantity.
If you are interested in helping, please email me or join the mailing list / discussion forum.