[Owasp-leaders] OWASP needs your vote - election

Tobias tobias.gondrom at owasp.org
Mon Oct 14 19:12:14 UTC 2013

Hello OWASP leaders and contributors,

as some of my fellow candidates took the chance over the last few days
to state their points here, I like to use this opportunity as well.

We have a great community and this year many great candidates
volunteered for the board. A good sign how much people care and that our
community is very much alive and engaged. This time your voting is also
combined with the WASPY awards and a discussion on how we as OWASP want
to handle project sponsorship/branding. So your vote is even more
important. ;-)

On a second, personal note:
Even though most of you have met me before during the last few AppSecs
in Austin, Dublin, Germany, Korea, Sydney, here on the leaders list and
at various chapter talks, I thought to maybe take a moment to speak
about why I like to ask you for your support and your vote for me.

My name is Tobias. And since the first time I joined OWASP many years
ago, I feel very passionate about our mission and our goals for an open
community to advance web and application security globally. In the past
that has inspired me to help with some ground work here and there,
helping for the Germany and London chapters, working for some of our
awesome projects, but not so much seeking a board election. However, in
the last year, there were a few board decisions and activities, where I
felt they were executed not in the best way for our community. And as a
consequence, I gave myself the challenge to either shut up and accept
things as they are or to spend the time and make the effort and try to
do it better. So am now trying the latter and volunteering for the board
and hope some of my points resonate with you and maybe gain your
supporting vote.

What I like to do:
1. First and foremost I want to re-energise our spirit and culture of an
open community. Only with empowering and including everyone to
contribute can OWASP achieve its full potential. In the last few years I
feel that while some projects have been doing well, we had some decline
of activities of the broader community. I think we need to recognise
that and return to a way of including and empowering every single one as
much as possible. That means more decisions should involve the community
as a whole and we should be flexible and empower the community chapters
and projects much more to decide what works best for them.
2. Increase our reach out to developers and industry: to really achieve
our goal of improving application security around the world, we need to
make more efforts to include and grow our membership beyond the current
community. Specifically we need to reach out into the developer
community and across all regions. This is so to speak "where the rubber
meets the road". We have so much expertise and knowledge in our
community with all our great security experts and projects, but we need
to get it out there and bring this more into the developer community and
industry who actually build the applications in the first place. And we
need to continue to extend into the regions. We must go out and help
developers around the world to write secure software applications. And
instead of just talking about it, we need to actively start doing things
now. I have no illusions. This broadening is not easy and will not
change overnight, but there are many small steps that we really can do
today to make this happen.
3. Governance. We have grown and become well recognised as an
organisation. And the influence and resources of OWASP have grown with
us. So today we need to recognise that we are no longer an organisation
of a few dozens or hundreds, but of thousands of members and
contributors. And we need to put the right governance frameworks in
place to manage and avoid conflicts of interest and to empower every
single member of our community.
In my view there are three main steps:
- Disclose and manage conflicts of interest
- We as an organisation, our board and leadership team must become much
more transparent about the way or processes by which we make decisions.
- And last but not least, we need to empower the community to make
decisions directly as much as possible.
The more you share power the saver it is. So I want to empower and
involve the community in general and via chapters and projects much more
in all major decisions and share as much information as possible as
early as possible. The board is a steward serving the community, not
it's master. Let's empower the community together, so that everyone can
participate in OWASP as an open, fair and welcoming home to all

If you want to read more about me and the other candidates, please take
a look on our election pages:


Cheers, thanks a lot for your time and all your contributions and
looking forward to seeing you again in this great and amazing community,


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20131014/d69b7c7f/attachment.html>

More information about the OWASP-Leaders mailing list