Resignation of Mark Curphey


Grant Ongers

Monday, March 20, 2023

At 09:30 GMT today Mark Curphey officially announced his resignation from the OWASP global board of Directors. It didn’t come as a surprise to the board, as he announced his desire to resign during the last board meeting he attended last week on Thursday the 16th of March. It also shouldn’t have come as a surprise to the OWASP community in general as Mark also announced it on LinkedIn on the Friday following that meeting.

That post by Mark does a good job of describing the reasons he has for making this move. Although I disagree with his conclusions and (in some specific instances) his proposed approach to solving the problems high-lighted in the open letter, there will be few folks more disappointed than I am that he’s taken this decision.

I would have very much loved to have channelled Mark’s energy and his considerable talents towards making OWASP a better place for projects, but that is no longer on the cards.

However, OWASP is first and foremost a community. One of contributors and participants. From all the individual members, who elected the board, through to all of the amazing folks who build, maintain and improve the 277 projects currently under its banner. OWASP is all those who organise all of the 285 active chapters, through to all the people who simply attend any of these chapter meetings. OWASP is also all the Leaders who volunteer their time and who want OWASP to be the best it can be. OWASP is every one of you who leverages all of that, and because it is all about this community, it must always remain independent.

I know that the projects are going to be most disappointed by Mark’s move - especially those that signed the open letter. However, Mark’s efforts on your behalf do not end with his resignation. The board and I will continue the efforts we are making to find a way to enable you all to flourish. We will do this without us having to erode the democratic make-up of the board. We expect you to continue to support our efforts in doing so and to continue pushing us to get things right.

As for Mark’s planned future work in the open community: I’m excited to be honest, and I’ll follow his progress closely. He started this thing that I, we, all love (OWASP) and we are always keen to work with other like-minded organisations. We already do this with Open SSF where Andrew van der Stock (our Executive Director) is on the board and Nonprofit Cyber (where I currently sit on the board as an OWASP board member). But I do hope that whatever he builds works together with OWASP and not at cross purposes, as OWASP is still the best home for these projects, and duplication of efforts is counterproductive.

What are the board’s next steps? Well, to start with we didn’t move things forward on Thursday and Friday last week. We’ll have to try to catch up on that time now on the strategy for the Foundation (generally) and projects (and the open letter - more specifically). We also need to fill Mark’s seat so expect to see many more public meetings of the board to do all that ASAP.