Thursday, June 12, 2014

OWASP - What's Next - Community Discussion

Sarah Baso has been an amazing addition to the OWASP community and helped us advance our mission through her role as Executive Director. She's recently announced that she'll be stepping down in August. We wanted to provide additional information on what's next for OWASP.



OWASP Community,

Many thanks again to Sarah for her time and dedication to OWASP.  Sarah and the entire operations team has made tremendous strides for OWASP over the years. We’re sad to see Sarah go, but at the same time we feel very happy for her and the exciting events in her future.

While OWASP is made up of many great individuals, we are more than just a collection of individuals. Focused on the mission, we donate countless hours in our volunteer efforts just to make the world a better place. For us at OWASP we pursue this through advancing and bringing awareness to application security.

As we’ve seen over the past week there are many changes at OWASP. This is a natural evolution of an organization and also an opportunity for new leaders to step forward.

What’s next? With every transition we have the opportunity to pause and ask, “what should we do to move forward?” Sometimes this is to continue along the same path as before. Other times it is to shift into a new direction. There are several changes happening here at OWASP and we should evaluate what move is best for our growing community. This could be a straight backfill or this could be something new. As a community, let’s have that discussion.

A few specific items:
Open
There are many different paths forward for OWASP. As a community let’s determine where we want to go. The discussion and process will be open to all. Though we may have different ideas ultimately the community as a whole will reach a path forward and we can all rally around the next steps.

Focus on Community
We must continue to look at how we advance OWASP to empower community. OWASP is a unique organization and we need to build structures that are cognizant of our volunteers and their contributions, and also work in the distributed world wide organization that we are. This is more than just talk too. We need to address the hard questions so we can build a well functioning system that is exciting and welcoming for our community.

Two areas are already under discussion and I encourage you all to get involved, committees 2.0 and the upcoming board elections.

The business side of OWASP
The business side of OWASP is no small task. We have legal entities in US and Europe, income from events around the world, tax and legal obligations and more. In the interim we will be hiring a third party firm that specializes in the business operations of non-profits. This will enable OWASP to focus on what we do best, application security. In addition, the third party will also ensure the business side of the house is in order. This is a short term engagement that will be re-evaluated as part of our larger discussion.

OWASP Operations Team
The operations team works tirelessly to advance OWASP. We are truly grateful for their efforts. The business group mentioned above will augment our operations team. Every member of the operations team plays a critical role and we need them to be able to focus on their areas of expertise.

Although things will be changing in some areas of OWASP as we all evaluate the best structure, it is still crucial to provide a single point of contact for the operations team. In the interim the operations team will report directly to the chairman of the board, Michael Coates.

Continuing the conversation
This is only the beginning of the conversation. Here are several ways to continue sharing ideas.

1. Open Town Hall
A google hangout is scheduled for next week at Monday, June 16, 7am Pacific (hangout link & world time conversions). The call will be recorded and streamed live. You can join the call in real time or submit your questions ahead of time via google moderator.

2. Google Moderator
Have an idea to share? Want to dive into a different proposal? Use the google moderator to have a free form conversation with just enough structure in the tool so good ideas can rise up.

3. Mailing lists
The age old mailing lists (the OWASP leaders list and the OWASP community list)  are still there and will of course be used. But, sometimes good ideas get lost here in long threads. So please consider capturing important items within google moderator too.

4. Run for the board
Board elections are seeking candidates. Submit your candidacy here. http://www.tfaforms.com/329974.

Change can sometimes feel a bit uncomfortable, but at the same time it can be a great opportunity. Let’s embrace this opportunity to develop the future of OWASP together.

We are wishing our Sarah all the best for the future and looking forward to all of your feedback, ideas, and energy that made OWASP the great organization it is today and which will lead OWASP into the future.


- The OWASP Board
Michael Coates,
Tom Brennan,
Josh Sokol,
Tobias Gondrom,
Fabio Cerullo,
Eoin Keary,
Jim Manico




No comments: