Louis Griffith
About Me
Technology reinvents how we live and work at an enormously fast pace. I’ve spent my career cultivating my passion for programming through continual learning, demanding the best from both myself and my teams to bring about enormous success. My analytical skills and critical thinking have afforded me the ability to streamline operations, putting in place best practices and developing state-of-the-art solutions.
What I bring to the OWASP board is over two decades of cultivated knowledge and experience, which has granted me continued success in this industry. I am employed full-time as a Senior IT Architect role with a local insurance provider. I am also a co-founder of a software start-up developing applications and online services for consumers. Hopefully, one day, our products and services will be available around the world!
My workflows and processes ensure that technology operates at its greatest potential. My innovative thought processes create a clear path forward, bypassing complexity and adversity, to both meet and exceed goals.
As a leader, I rely on a proactive approach to resolve complex technology problems, working collaboratively to improve user experiences, capability, and productivity. Through my mentorship, countless team members have produced exceptional work and advanced their careers.
My track record of leading by example and integrity while injecting efficiency and innovation at every step in my career makes me uniquely suited to make further change in the technology industry and I expect to carry this same passion as a future board member of OWASP. I’m eager to roll up my sleeves and get to work as your next Global Board Member!
Link to My Video
OWASP has great resources for different people and different roles: CISOs, AppSec Managers, Pentesters, Analysts, Developers, DevOps, QA, and even users. Currently, most of them are either not aware of OWASP, or consider OWASP as a short for the “OWASP Top 10”. What practical steps should OWASP take to change that?
Social media is the most influential and impactful mediums for digital marketing. Organization leveraging many social platforms reach the widest possible audience aiding in solidifying their brand’s widest-possible surface area. OWASP can widen its surface area to reach to the widest possible audience further building its brand.
OWASP offers quality online AppSec training and formed strategic partnerships with organizations like We Hack Purple, allowing OWASP to offer benefit options to membership. Keeping with the same strategy, I would want to collaborate with others in the organization to identify and foster relationships bringing additional benefits to membership. Part of the attraction to membership are the benefits of membership and positive word-of-mouth marketing helps build brand strength.
I would like to explore the feasibility for OWASP to offer vendor-neutral security certifications. A major undertaking in terms of administration and resources that must be weighted with the benefit of the major objective of the organization, securing applications, where those who earn the credentials set a bar for the minimum amount of knowledge to be effective in the industry and the benefit to OWASP brand potentially increasing recognition across the industry.
Sometimes local chapters disband before anyone knows they exist and there does not seem to be a strong mechanism to regrow them. How will you enable members to grow OWASP in their localities?
Enabling members to grow OWASP in their localities is strongly tied to funding. OWASP can empower local chapters by helping these chapters raise funds and obtain any required resources to ensure their continued success.
Special care should be taken with local chapters to encourage continued operation and growth. Chapters can take advantage of virtual meetups and networking to safely meet. Our lives are busy and holding remote meetings leverage the convenience of being able to join with just a few clicks.
What experience do you bring serving in a board or executive committee of a large international organization or project?
My over two decades of application development experience and knowledge will be leveraged to advance OWASP objectives. I have experience with many types of organizations, having served on student organizations, a former director of a private company, several corporate committees, chaired IT committees of local organizations and was formally appointed as a director of a government quango.
My continuing education affords me a unique prospective to modern solution development, planning and implementation. I am confident I can make an immediate contribution serving on the OWASP global board.
COVID-19 has had a major impact on OWASP’s major earning sources which were conference tickets / training tickets. What will you do to ensure more balanced funding sources in the future?
The pandemic is negatively impacting people, businesses, governments and countries around the world and I would like to take this opportunity to thank all front-line workers around the world for their continued effort and dedication to savings lives. To those that have been impacted, affected or know someone who has been affected, please accept my sincere sympathy.
I am eager to work with the other board members to formulate a plan to navigate OWASP through this stressful time. OWASP should embrace virtual meetups and leverage all the remote conferencing technology offering similar conferences like the OWASP 20th Anniversary celebration. These conferences should offer exclusive content for paid attendees or donation options to help raise funds.
What are the three main things you’d focus on changing/improving for OWASP as an organization, and why?
My three main areas of focus will be:
(1) Education is extremely important to promote and encourage with a direct impact of positive affecting the quality of software security and efficiency and profitability of organizational operations. Expanding to university chapters would encourage its members to think about security early in their design phase. Promotion of education and offering discounts and free training to members is an important incentive to grow the membership.
(2) Donations are a vitally important for any non-profit organization. OWASP should broaden their donation-raising efforts by leveraging the membership to help promote and highlight OWASP to employers as a potential donor. Many organizations set aside sometime generous amounts for giving to charities and non-profits and usually look to employees for ideas on who should receive funds. Members who recommend OWASP for receipt to their employer should be highlighted with special status.
(3) Given the strain the pandemic has placed on individuals and businesses, I would look at what OWASP can do to assist our communities. A national day of giving with local chapters providing support to the community in general whatever the needs may be. This will strengthen the OWASP brand.
Automation and now AI have been good for AppSec in that it has increased the speed of releases, improved detection of coding flaws and reduced overall operating costs. At the same time, jobs in AppSec are moving from analyst positions to lower paid engineering positions. What do you see as being OWASP’s role in the industry in ten years and how would you begin to position OWASP to get there?
Continuing to offer and develop educational products and services is vital to OWASP’s continued success. As previously mentioned, technology is tremendously fast paced. By arming individuals who work for and with organizations, governments and business with the fresh application security training services and products, allows them to keep pace. I see OWASP as an important part of securing the future of applications.