[Owasp-leaders] Signing off as chapter leader

John Steven John.Steven at owasp.org
Thu May 9 22:45:55 UTC 2013


As I've stated privately, I think you're provided an incredibly positive
influence towards depth and quality. Thank you for the bar you set out

I too have transferred leadership of the OWASP NoVA Chapter board: to Jack
Mannino. Jeremy Long remains and is joined by Mike McCabe. From what I've
seen of these guys already, they're going to do a great job.

As I reflected on my time as Chapter Leader, a few key accomplishments and
challenges stuck out in my mind. Of course, the Chapter
but it can be daunting to use as a new chapter owner. Here are
thoughts from my experience:

[Towards Content & Quality]
* Set yearly learning objectives based on actual and desired membership

* Plan speakers and topics towards learning objectives instead of
available/well-known vendors.

* If a single leader:

    1) seek traction quickly,
    2) establish a chapter board as soon as possible and,
    3) groom a replacement.

* Do not rely solely on the Speaker
    * Allot about 6-8 hrs for speaker QA prior to the meeting. Start EARLY;
    * Explicitly communicate a NO PITCH policy (slides, intros,
sales/recruiting, etc.);
    * Attend the meeting and ACTIVELY challenge BS; Kill pitching fast.

* Don't take the fundamentals for granted. Remember to cycle back to key
OWASP content/projects.

* Seek out and gather non-vendors for leadership roles.

[Push the Edges]
* Spread focus: focus on coding and security Initiatives as well as
vulnerability discovery.

* Stretch OWASP rules (we explicitly brought a vendor in to offer free time
on their tool). But:
    * Announce it to the leader's list first;
    * Foster and incorporate discussion about how to do it well;
    * Plan for a lot more work when you stretch things;
    * Debrief the chapter and leaders. Learn.

* Invite your competitors. Where antagonistic, script content-based
discussion focused on benefiting the audience.

* Let go. You might be amazed at where the next leaders take your chapter.

[Advertising & Growth]
*  Use a variety of channels to drive awareness. Meetup has been extremely
effective. Use the wiki, Twitter, Google's tools, and  physical means
(posters, etc.)

* Advertise multiple times beginning at least two (2) weeks in advance of
the meeting.

* Use changing (like increasingly specific teasers) for announcements
subsequent to the first.

* Make a big deal of things. Three of our most successful meetings were:
   * Van Wyk Moderating a Penetration Testing panel: Boutique vs. SaaS vs.
Tool (AppScan Std)
   * "Bring your Boss to OWASP Day": Better food, conversation w/ CISO
about what he wants to hear, & Q&A
   * Free hands-on training on a SAST tool. 4hrs to tinker.

* Provide 30-60 minutes for member mixing/conversation / meeting

* Solicit and cajole 2-3 "Fire talks" / meeting: 5 min "I'm [Me] and here's
what I'm working on..."

* When you fly OWASPers out, make sure you take time to:
   * Spend time with them as people/humans;
   * Collaborate, to the extent possible, with the org. you come from.

Hopefully, these thoughts tickle some ideas you might have been thinking
about for your own chapters.

Phone: 703.727.4034
Rss: http://feeds.feedburner.com/M1splacedOnTheWeb

On Thu, May 9, 2013 at 5:27 PM, John Wilander <john.wilander at owasp.org>wrote:

> Hi leaders!
> As of this week's chapter meeting in Stockholm I am no longer co-leader of
> OWASP Sweden. Upcoming work changes are the primary reason for this
> decision. But after nearly six years it feels good to leave a spot open for
> someone new. And there are excellent people still running the show in
> Stockholm with the two remaining co-leaders Mattias and Robert as well as a
> local board.
> It's been a great journey. My two peaks were as chair of the OWASP AppSec
> Research conference in 2010 and as organizer of the Browser Security track
> at the OWASP Summit 2011.
> OWASP Sweden has since the start in 2007 spawned into two sibling chapters
> – Stockholm and Gothenburg – and the joint chapter mailing list has a
> whopping 943 members. I'd like to thank all the speakers we've had through
> the years. Some are on this list.
> I will stay in the OWASP community, at least as leader of OWASP 1-Liner (
> http://1-liner.org/). My family's plan is to relocate to California next
> year so I'll probably turn up at a local chapter there further on.
> Thanks for all the support, knowledge, and geekery (so far)!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20130509/5f63e326/attachment-0001.html>

More information about the OWASP-Leaders mailing list