[Owasp-leaders] OWASP 2014 - Strategic Goals

Jim Manico jim.manico at owasp.org
Sat Nov 9 04:21:14 UTC 2013


> Shouldn't the strategies have something to do with the mission? 

Of course. But we also need a well run organization in order to properly serve the mission. The staff has done a remarkable job in cleaning up a lot of difficult messes that OWASP had become. There is no shame meant in that statement. OWASP is just growing up - kind of like moving from a start-up to a larger organization. The organizational changes that Colin and Josh suggest are really critical in terms of efficiency. We just want to maximize the minimal resources that we have to serve the mission.

Another thing, the suggestions below from Colin and Josh are additions, not the entire set of strategic goals of the organization.

Here are the past OWASP strategic goals. https://docs.google.com/a/owasp.org/document/d/19BJMDMTVWlwqMcvUfDy1Mcjtd_bKGbhu-D-VBE-7kFU/edit 

We are going to be building the 2014 strategic goals after AppSecUSA (www.appsecusa.com) on November 22rd. https://www.owasp.org/index.php/November_22,_2013 You are welcome to dial in and lend advice and support!

If you have any suggestions as to how we can make "aggressive game changing innovation" in an open, vendor-neutral and community based way, then bring it on!

> How are we going to change the trajectory of software development?

Jeff, as one of the OWASP Top Ten leaders, you have a HUGE opportunity to effect the culture of software. I see the OWASP Top Ten in almost every dev shop I run into. So I ask you, is the OWASP Top Ten 2013 an "aggressive pursuit and encouragement of game-changing innovation, not just technological but cultural"? I think that one of your biggest opportunities to see the change you want.

Aloha,
Jim
 

> How are we going to change the trajectory of software development?  How to make appsec something every developer wants to know...aspirational?
> 
> The strategies ought to include aggressive pursuit and encouragement of game-changing innovation, not just technological but cultural. Otherwise we will continue to slowly lose ground in the face of rapid tech expansion.  
> 
> --Jeff
> 
> 
>> On Nov 8, 2013, at 4:25 PM, Colin Watson <colin.watson at owasp.org> wrote:
>>
>> I still quite like the "platform" and "quality" aspects.
>>
>> 1. The community (incl staff) efforts on updating design and the wiki
>> has made a huge improvement. Contrary to the 2013 objective, the wiki
>> stuff is improving from the bottom up, but I'm sure this will surface
>> onto the home page soon.
>>
>> 2. I'd like to see some effort in enabling "self-service" for
>> volunteers to take some of the load off the staff e.g. "how tos and
>> FAQs" for project leaders.
>>
>> 3.  I also think we need to keep pushing the "open" aspect. Make it
>> difficult for secret groups, cliques and closed-door activities to
>> occur.
>>
>> Colin
>>
>>
>>
>>> On 8 November 2013 21:06, Jim Manico <jim.manico at owasp.org> wrote:
>>> Right on, Josh! Bring it! :)
>>>
>>> Aloha,
>>> --
>>> Jim Manico
>>> @Manicode
>>> (808) 652-3805
>>>
>>> On Nov 8, 2013, at 4:02 PM, Josh Sokol <josh.sokol at owasp.org> wrote:
>>>
>>> I would like to add two strategic goals to this list:
>>>
>>> 1) Create policies and processes to support the chapters.  Encourage them to
>>> innovate.  Create a framework to allow them to be financially
>>> self-sufficient.
>>>
>>> 2) Investigate what it means to be an "OWASP member".  How do we justify
>>> becoming a paid member?  What are the benefits that paid members receive
>>> from their contributions?
>>>
>>> ~josh
>>>
>>>
>>> On Fri, Nov 8, 2013 at 2:50 PM, Michael Coates <michael.coates at owasp.org>
>>> wrote:
>>>>
>>>> Leaders,
>>>>
>>>> For the past 2 years we have set strategic goals at the board level. The
>>>> purpose of these initiatives are to zero in on a few key elements where we
>>>> wish to drive growth. These strategic goals are also used to prioritize and
>>>> guide the operation team's tactcial goals and focus.
>>>>
>>>> As we're planning for 2014 I'd like to ask all of you for your thoughts
>>>> and feedback on strategic goals for the OWASP foundation. Please note that
>>>> these items are geared towards the owasp organization, not any specific
>>>> project, conference, chapter etc. OWASP is building the platform for all of
>>>> these wonderful things to occur. How should we specifically try and grow
>>>> that platform in pursuit of our mission in 2014?
>>>>
>>>> The list of 2012 and 2013 strategic goals can be found here:
>>>> https://docs.google.com/document/d/19BJMDMTVWlwqMcvUfDy1Mcjtd_bKGbhu-D-VBE-7kFU/edit
>>>>
>>>>
>>>> Please reply to this thread with your thoughts, comments and ideas.
>>>>
>>>>
>>>>
>>>> Thanks!
>>>>
>>>> --
>>>> Michael Coates | OWASP | @_mwc
>>>>
>>>>
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>>
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders



More information about the OWASP-Leaders mailing list