[Owasp-leaders] [Owasp-board] Where are the boardmembers?

Larry Conklin larry.conklin at owasp.org
Sun May 14 23:28:49 UTC 2017

We do need better feedback. I would like to see board minutes, and who
attended in OWASP connector and which board members attend the
conversation. I would also like to see in OWASP Connector published future
board meetings.

I also believe we have some many ways different ways of communicating that
communications is getting lost. Look at Matt and group instead of using the
wiki we now have a blog. We need to get back to a more single point of
communications so no one can say they didn't know.


On Sun, May 14, 2017 at 4:41 PM, johanna curiel curiel <
johanna.curiel at owasp.org> wrote:

> @Josh
> When I say "we" the board are doing a horrible job I'm including myself so
> yes, is about improving the communication for the sake of Owasp
> I rather hear you opinions even if I don't like them instead of being
> ignored
> On Sunday, May 14, 2017, Josh Sokol <josh.sokol at owasp.org> wrote:
>> Johanna,
>> In November 2015 you wrote an email to the OWASP Leaders list with the
>> subject of "Good bye OWASP leaders - time to leave the hornet
>> <http://lists.owasp.org/pipermail/owasp-leaders/2015-November/015652.html>"
>> in reaction to a differing of opinions between yourself and others on the
>> OWASP Benchmark project.  I was quick to jump into the discussion to share
>> my thoughts on the issue, and the result was getting accused of "stinging"
>> you myself.  You took it a step further and insinuated that I was somehow
>> "bought" by Jeff Williams and Contrast, which couldn't be further from the
>> truth.  I can't speak for the other Board members, but your response to me
>> forced me to re-evaluate how I interact on the OWASP mailing lists.  I
>> detailed some of my personal thoughts and feelings, at the time, on the
>> "ivory tower" that you mention in a blog post here:
>> http://www.webadminblog.com/index.php/2015/12/01/the-owasp-
>> board-ivory-tower-dilemma/
>> This leads me back to the "Ivory Tower" dilemma.  If my desire is to
>>> actively be a part of the community, then I place myself directly in a
>>> position of potential conflict when I speak.  I'm not allowed to speak as
>>> Josh, the community member, because the perception is that I am always
>>> speaking with my Board member hat on.  And I have a strong feeling that
>>> this perception of Board members speaking authoritatively is what leads a
>>> person on the other side to feel marginalized.  Definitely not intended, at
>>> least on my part, but that's what I've started to gather from some of the
>>> feedback that I've received.  So if that's the case, then I begin to wonder
>>> if the situation would have been better off had I held my tongue and
>>> refrained from jumping into the discussion in order to let our community
>>> continue to fight it out or to let another Board member, our Executive
>>> Director, or somebody else communicate the Board's analysis and actions.
>>> But, if I do that, aren't I now perpetuating the stereotype of the OWASP
>>> Board being an "Ivory Tower"?
>> Personally, I hate feeling like my opinion has been marginalized to the
>> point that it only matters when the Board is in quorum, but that is what
>> has happened, and it is a direct result of your interactions with myself
>> and others on the mailing lists.  I absolutely hate the idea of the "Ivory
>> Tower", but biting my tongue and saving my opinion for the Board meetings
>> (on certain things) has resulted in far less accusations of "stinging".
>> Johanna, do you really want to hear the opinions of myself and other Board
>> members, even if they may not agree with your own?  Or will engaging with
>> you, as you express the desire for, actually result in a recurrence of the
>> conflicts we've seen in the past?
>> ~josh
>> On Sun, May 14, 2017 at 2:14 AM, johanna curiel curiel <
>> johanna.curiel at owasp.org> wrote:
>>> @Bev
>>> I believe that community members have the right to express
>>> discontentment or disappointment . Complaint might sound negative but is
>>> not. Receiving a complaint is an opportunity to understand what is wrong,
>>> especially if there can be a discussion. Of course as long as those
>>> complains focus on issues with the purpose of changing the situation, but
>>> those complaining should also analyse the situation.
>>> Different community members have expressed their sentiment regarding
>>> OWASP board leaders not attending the APPSEC EU this year and some board
>>> members have expressed clearly their POV. But most have not even reacted.
>>> I mean, we are 7 members and only 3 have reacted to this list. This is
>>> the major problems with every single thing when it comes to a discussion
>>> with the board. Most of these members are disengaged, they hardly react on
>>> emails or issues that require discussion and want to play nice with
>>> everyone and when the Board meeting takes place, we don't even get the time
>>> to finalize all what we should (like the bloody Budget), so the efficiency
>>> of the board is very low. Thats why we(the community) should not go and
>>> blame the staff of any inefficiencies because the biggest is us, THE BOARD.
>>> When I have complaint myself at board meetings that we are doing a
>>> horrible job as a board, the reactions are very defensive. To me the board
>>> is the biggest bottleneck because:
>>>    - Crucial decisions that are needed for employees to move forward
>>>    are delayed due to multiple reasons
>>>    - The staff cannot move properly forward without those decision
>>>    taken place
>>>    - We meet once a month but we are not communication properly during
>>>    the month to move forward
>>>    - Some board members have been completely absence of discussions and
>>>    their roles, is like they do even exist just to vote at board meetings
>>>    - Most board members have jobs that do not really allow them to be
>>>    engaged or more deeply involved
>>> So yes we have too many captains in this ship call OWASP and every
>>> single board meeting has been a struggle to get things approved and done.
>>> Now, maybe the whole thing with EU is that the amount of EU OWASP
>>> members is lower that US and therefore less important? Or is it that the EU
>>> income generation conference leaves less revenue therefore less important?
>>> I have no freaking idea but I wish that those dormant board members wake
>>> up and take at least some time to listen and go over of where this ship is
>>> heading and especially , if they were the ones that decided to be board
>>> members to make time for OWASP .
>>>  We are volunteers but we still are TRUSTEES and accountable for the
>>> situation at OWASP.
>>> The Board Member’s First Duty: Accountability
>>> https://www.snpo.org/samples/V180613.pdf
>>> Board members != Volunteers ==> we are accountable and if you don't have
>>> time to be a board members , please, then think very well about it
>>> Regards
>>> Johanna
>>> On Sun, May 14, 2017 at 2:32 AM, Bev Corwin <bev.corwin at owasp.org>
>>> wrote:
>>>> @johanna Thanks for sharing the article. I'll forward to the WIA list.
>>>> Valuable feedback. I agree, unfortunately, often the only response we get
>>>> is no response. Re: board issues - In my past experiences with non profits,
>>>> boards are typically expected to lead fundraising, set strategy and
>>>> oversight for the organization. You mentioned the problem of a disengaged
>>>> board. Yes, It is a serious problem. I also see a problem of a board that
>>>> is spinning its wheels, not able to keep up the momentum and productivity
>>>> for the growing needs of the organization. Would be nice to see both board
>>>> members and staff engage in "listening" more to the needs of the community
>>>> to help inspire improvements. However, I do not see general conversations
>>>> or so called "complaining" as a particularly negative thing. To me, it is
>>>> foundation of a normal active healthy communication process which is
>>>> necessary for a community to grow, learn and refine improvements.
>>>> Interpreting comments in a positive way is important too, especially in a
>>>> global diverse organization. I agree that assuming things negatively is
>>>> discriminatory, though sharing different viewpoints isn't, and a sense of
>>>> humor is always useful too. Thank you for all the good work that you do.
>>>> Best of luck with your board responsibilities! Let me know how I can help.
>>>> Cheers, Bev
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>> --
>>> Johanna Curiel
>>> OWASP Volunteer
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> --
> Johanna Curiel
> OWASP Volunteer
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170514/28f99f0a/attachment.html>

More information about the OWASP-Leaders mailing list