[Owasp-leaders] OWASP Board Canidates

Andrew van der Stock vanderaj at owasp.org
Tue Aug 26 15:21:35 UTC 2014


Sure, although please note that I don't have all the answers!

The Ada Initiative has helped many conferences with anti-harrassment and
inclusion policies:

Community code of conduct / inclusion / anti-harassment policies

We don't have to use the Ada Initiative off the shelf examples, we can
investigate and design our own. As I said, I don't have the answers here,
other than we need a better answer than we have today.

I believe the fact that we only have a few women who regularly post to the
OWASP leaders list, means that we as a community are not representative of
the folks who are in infosec as a whole, and we are the poorer for it. If
nothing else, we are missing out on membership and participation in our
projects, our conferences, and our chapters. For example, there are only
five women speakers at this year's AppSec USA, out of 74 speakers (6%). As
a volunteer-led organisation, the barriers to entry and participation are
very low, so why aren't we able to attract, engage and keep all who come to
our organisation? Are we too blokey? Do we drive away folks after a short
while? Is there something about the way we run OWASP that is a barrier to
continued cooperation?

I feel that OWASP could have done a great deal better than we did over the
last few years:
- We need to help promote OWASP better to women and other folks who aren't
current represented for whatever reason. I don't how to do this, and I will
defer to others who have greater insight, but to do nothing is not an
- We need to help chapters feel empowered to protect their own communities
from harassment and behaviors that don't match OWASP's behaviors,
particularly if they feel powerless to act without coming to the Board or
similar for adjudication. We are not a legal body, and we shouldn't be
trying to pretend being a legal body. Common sense should prevail,
especially when it impacts members.
- We need to help make it clear the expected and acceptable behaviors at
conferences so everyone can feel welcome. This will open our conferences up
even more.

This can be challenging. For example, at Linux.conf.au, I did find it
difficult not to swear (I'm Australian, so this is more difficult than you
would think!), but the family friendly atmosphere allowed kids to
participate in sessions, and thus start bringing up the next set of Linux
champions, makers and do-ers in the community. We need renewal, and not
just from folks already set in their ways to think like us.


On Tue, Aug 26, 2014 at 11:49 PM, Timur 'x' Khrotko (owasp) <timur at owasp.org
> wrote:

> Andrew, sorry, I don't get what to check out at that site, could you
> specify it more clearly for me, please.
> Regards:
> Timur
> On Tue, Aug 26, 2014 at 3:13 PM, <abbas.naderi at owasp.org> wrote:
>> Very interesting. Lets hear what women in our community think about this!
>> -Abbas
>> On Aug 26, 2014, at 2:42 AM, Andrew van der Stock <vanderaj at owasp.org>
>> wrote:
>> In my platform, I've put down that we need to find and adopt a suitable
>> inclusion policy, such as from the Ada Initiative.
>> http://adainitiative.org/
>> We really need more diversity in both the Board, but also in chapters and
>> projects.
>> I hope other candidates will also pipe up on this important issue.
>> thanks,
>> Andrew
>> On Sun, Aug 24, 2014 at 2:58 AM, Bev Corwin <bev.corwin at owasp.org> wrote:
>>> Hi Johanna,
>>> I hope that you will have some time at some point to participate and
>>> lead the committee that Jim proposed!
>>> Sincerely,
>>> Bev
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>> _______________________________________________
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> Email us to enforce secure link with your mail servers (domain).
> This message may contain confidential information - you should handle it
> accordingly.
> Ez a levél bizalmas információt tartalmazhat, és ekként kezelendő.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140827/dc8f9898/attachment.html>

More information about the OWASP-Leaders mailing list