[Owasp-leaders] Statement about the AppSec-EU 2018 and related events

Martin Knobloch martin.knobloch at owasp.org
Wed Jan 24 13:48:41 UTC 2018

> Hi Lucas, Eoin, Tobias, et all,
> We totally agree about the openness and transparency.
> Again, please understand we needed to talk with the involved parties
> first, as we did this week Monday.
> About your question why the AppSec-Eu 2018 is not taking place as
> scheduled, unfortunately is it not always as straight forward as we want
> and it can be cumbersome to report on events.
> To fully comprehend the situation, some background information is
> required. In order to find the root causes of all, we can go back as far as
> begin of 2017 and the events during that year. Meaning the vacant position
> of an ED and 3 employees resigning their positions, leaving behind a big
> gap in the organization, our processes and support.
> Finally hiring an ED at the end of the year, Karen had to deal with the
> fact our Global events that are our major fundraising activities, the
> AppSec-Eu in Belfast and the AppSec-US in Orlando ending up negative on the
> balance and making less money then expected.
> There have been voiced calling out the OWASP foundation would be about
> money after all. As many do not realize, OWASP indeed requires funds to be
> an healthy organization and to be able to do all the good things do. All
> our financials are public available.
> As for the reason of not hosting the AppSec-Eu in Israel, only this is
> true:
> With background as mentioned above, the forecast for the AppSec-Eu in
> Israel  being concerning regarding estimated costs, predicted number of
> paying attendees and sponsor support - again, this is not the fault of the
> Israel chapter and other volunteers involved, but the lack of support the
> Foundation as able to offer - our ED raised concerns about hosting the
> event as planed. Therefore the previous board had asked Karen to
> investigate impact of hosting the conference in Tel Aviv and investigating
> alternatives. In the following up, our ED and staff has tried to gather as
> much information as possible to make a substantiated decision.
> As organization, it appears we to lack insight and demographic information
> about our own conferences. With Karen's extensive experience in running and
> non for profit organization and hosting major events, she has identified
> our gap in this matter and works hard on solving this issues next to many
> others.
> Hope this answers your questions.
> Please find the meeting notes of the conference call last Monday with the
> Israel and UK chapters regarding this matter attached, the meeting has also
> been recorded
> <https://drive.google.com/a/owasp.org/file/d/1yXPSr8XcFnO63vXSTOCRTb16tn5YTFww/view?usp=sharing>
> .
> Kind regards,
> -martin
> On Wed, Jan 24, 2018 at 11:20 AM, Tobias Glemser <tobias.glemser at owasp.org
> > wrote:
>> +1 Eoin
>> From several chats I had with OWASP volunteers about this issue I feel
>> we, the community, are deeply confused about the decision. OWASP is open
>> and transparent. Board, go for it. Please.
>> On Wed, Jan 24, 2018 at 11:07 AM, Eoin Keary <eoin.keary at owasp.org>
>> wrote:
>>> Hi Martin,
>>> I may of missed this but It may be useful to cite reasons for the move
>>> from Israel to the UK to keep alignment with our mantra of OWASP "radical
>>> transparency".
>>> What was the basis for the decision.
>>> Eoin
>>> On Tue, Jan 23, 2018 at 11:33 PM, Martin Knobloch <
>>> martin.knobloch at owasp.org> wrote:
>>>> Dear OWASP community,
>>>> As there have been quite a number of changes over the last number of
>>>> months, the Global OWASP Foundation has faced a number of challenges. As
>>>> you may be aware, three of our staff members have left the foundation,
>>>> leaving a big gap in our day to day operations. This is not an excuse, but
>>>> a reason why some processes both slowing down or even came to a complete
>>>> halt. We are very happy to have found an Executive Director (ED) in Karen
>>>> Staley. Since joining, Karen has been working hard to turn these challenges
>>>> into opportunities and to allow OWASP to increase our organizational
>>>> maturity and professionalism. I think it’s safe to say that the four newly
>>>> elected board members and new ED, have had the most memorable start in
>>>> their new position.
>>>> We are all extremely passionate about OWASP and with this passion comes
>>>> frustrations. Your frustration in relation to the lack of information/
>>>> communication is understandable. As most of you were celebrating the
>>>> Christmas and New Year holidays, the board were blindsided by these events.
>>>> To this end the newly elected and sitting board members, together with our
>>>> ED, were busy with the matters at hand. Given the time of year and the
>>>> nature of the matter at hand, it’s easy to forget to communicate. We
>>>> understand that the lack of communication on our part can make you assume
>>>> nothing is happening.
>>>> Even though there was no communication with the OWASP community at
>>>> large, we want to ensure you that we were in constant communications with
>>>> those involved and are working towards an acceptable path forward.
>>>> As per previous mailing list communications, the AppSec-EU 2018
>>>> conference will take place in the UK. Operational challenges are currently
>>>> being resolved and information about the conference venue, location will be
>>>> available as soon possible.
>>>> Volunteers who have been working hard on organizing the AppSec-EU 2018
>>>> conference in Tel Aviv and the OWASP Israel chapter especially, felt
>>>> frustrated with the decision to move the conference and way it had been
>>>> communicated. Those that have previously organized a global OWASP AppSec
>>>> conference in the past know how much more complex it is to organize
>>>> compared to a local event, even if the numbers of attendees are more of
>>>> less the same. The decision to move the AppSec-EU 2018 conference to the UK
>>>> has been made. We would like to acknowledge the effort of the organizing
>>>> team, while realizing the required level of support from the foundation was
>>>> not achieved.
>>>> As OWASP board and staff, we see the huge burden it puts on the local
>>>> chapter and leading volunteers. The OWASP board and staff recognizes the
>>>> necessity of providing more professional support to the local chapter and
>>>> volunteers to justify the expectations of our community and sponsors. With
>>>> her extensive experience in organizing international conferences, our ED is
>>>> working hard to do so.
>>>> As you are aware, the board members are volunteers too and we do our
>>>> best to act in the best interest of the OWASP community. OWASP is bigger
>>>> than individuals or the board, OWASP is a community which is driven by it
>>>> volunteers and we welcome your input in how we can improve OWASP to further
>>>> our mission. Please be invited to the OWASP Board meetings
>>>> <https://www.owasp.org/index.php/Board>, the first meeting of the
>>>> current board is January 24th
>>>> <https://www.owasp.org/index.php/January_24,_2018>.
>>>> Many times, those who shout the loudest are perceived in representing
>>>> the community’s opinion. In the succession of the announcement the
>>>> AppSec-EU to be moved from Tel Aviv to the UK, and the public statement
>>>> that has been made articulating the frustrations about this decision,
>>>> people from inside and outside the OWASP community felt the need to vent
>>>> their opinions. As we are an open organization, I appreciate how
>>>> forthcoming our community was.
>>>> Nevertheless, in OWASP we have a clear policy of ethics, stating the
>>>> expected professionalism in communication and respect towards each other.
>>>> We as a community of professionals are required to set an example to the
>>>> next generation and should therefore lead by example in respecting these
>>>> ethics when communicating both privately and in the public domain.
>>>> We will endeavor to improve our communications going forward and hope
>>>> that this has not deterred any of the great OWASP community that have spent
>>>> a countless number of hours volunteering to improve software security as a
>>>> whole.
>>>> Kind regards,
>>>> Martin Knobloch
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>> --
>>> OWASP Volunteer
>>> @eoinkeary
>>> _______________________________________________
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20180124/78bc3f47/attachment-0001.html>

More information about the OWASP-Leaders mailing list