[Owasp-leaders] The myth of the OWASP board

Mike Boberski mike.boberski at gmail.com
Thu Feb 17 18:02:14 EST 2011


Flame in response to my response, to clarify

On 2/17/11, Mike Boberski <mike.boberski at gmail.com> wrote:
> Re ecosystems, I think you'd be better off studying how car crash or
> airplane safety standards came about than the galapogus islands. This
> stuff only works when there's regulation.
>
> Flame on.
>
> On 2/17/11, Jeff Williams <jeff.williams at owasp.org> wrote:
>> Hi everyone,
>>
>>
>>
>> Before the Summit, Dinis and I had a long conversation where we both
>> agreed
>> that OWASP was ready for some new leadership. My understanding with him
>> was
>> that we were going to wait for the upcoming election to announce, but he
>> (as
>> usual) couldn't wait J
>>
>>
>>
>> So, for those of you I haven't told already, I won't be running again for
>> the board.  I'm still just as passionate about OWASP as ever, but I feel
>> democratic leadership is really important for OWASP. I've thoroughly
>> enjoyed
>> serving on the board and I can't wait to get back to doing more technical
>> projects.
>>
>>
>>
>> For those of you that don't really care about OWASP governance - good for
>> you! Stop reading here. Thanks for all your hard work and I'm looking
>> forward to working with you in the future.
>>
>>
>>
>> ------
>>
>>
>>
>> For the rest, I've read all the email, and I *strongly* urge you to focus
>> on
>> making OWASP a great platform for anything related to application
>> security,
>> and not worry too much about establishing a "top-down" board to set
>> objectives and direction.  To me, the board should have extremely limited
>> power that is centered around improving and protecting the platform
>> (independence, brand, core values, ethics, finances, etc.)  The idea that
>> we
>> need a board to direct OWASP is a myth and a mistake.
>>
>>
>>
>> The Summit is a great example of what can happen when we let things
>> self-organize on top of a great platform, where we keep things free and
>> open, and protected from commercial influence. Please, think hard about
>> how
>> OWASP works. How can we actually drive change with an army of volunteers?
>> What can a top-down board really get people to do?  Who should set the
>> priorities? Also note that we *could* raise a lot of money, but what
>> message
>> we would send in the process?
>>
>>
>>
>> A community-driven OWASP ecosystem *can* effect broad change in the
>> software
>> market. We're only just starting to scratch the surface of what we can
>> accomplish if we follow the platform strategy.  For a little background
>> on
>> this way of thinking, I've attached an article that will be coming out in
>> the next issue of Crosstalk. The article touches on the issues in
>> creating
>> ecosystems that produce security.  I'm looking forward to your thoughts,
>>
>>
>>
>> --Jeff
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> Mike
>


-- 
Mike


More information about the OWASP-Leaders mailing list