Elastos Chimwanda
About Me
I am a highly accomplished cybersecurity and cloud security expert known for my extensive expertise as an advisor, thought leader, and published author. I have a strong foundation in audit, cybersecurity, and cloud security and am a passionate advocate for software security. I am also the founder of Cyber Defence Consultancy and serve as an advisor to various organizations, providing expert strategic guidance and insight on software security strategies. My advisory roles involve assessing the security posture of cybersecurity and cloud environments, recommending improvements, and helping organizations navigate the complexities of cybersecurity and software security.
Link to My Video
Questions
What unique strategic goal do you intend to bring on board, if you are elected?
My unique strategic goal is to enhance OWASP’s global outreach by establishing regional security hubs within chapters that focus on localized software security challenges and are empowered to develop local solutions. I will also advocate for creating and expanding OWASP chapters in underrepresented regions such as the Middle East and Africa. This will assist in increasing OWASP’s presence and ensure initiatives are tailored to meet the specific needs of the global community.
What is your vision for OWASP over the next three to five years?
In the next three to five years, I wish to see OWASP becoming the leading authority in software security best practices, research, and education worldwide. I aim to ensure that everyone involved in software becomes a member of OWASP. This can be achieved through expanding our educational programs and outreach, increasing collaboration with industry and government leaders, and continuously updating our resources to address emerging threats.
What contributions have you personally made to OWASP or other open source projects?
I have actively contributed to OWASP as an expert reviewer for the various AppSec Conference proposals. In this role, I have reviewed dozens of proposals from various perspectives and presenters covering emerging threats such as Artificial Intelligence (AI), Machine Learning (ML), and cloud security. During the reviews, my major focus was to assist the various potential innovators in improving the quality of their papers and bringing their ideas to the global audience to fruition. I have also been involved as a Subject Matter Expert (SME) with various professional bodies such as ISACA, ISC2, and the Cloud Security Alliance (CSA). Lastly, I am also a published author, having written numerous articles and books on cybersecurity.
What strategies would you implement to increase community engagement and participation in OWASP?
If elected, I would implement strategies to increase community engagement, such as expanding the hosting of regular virtual meetups to foster a sense of community among members and launching tailored mentorship programs to connect experienced software security professionals with those still new to the industry. I will also work on creating more gamified learning experiences to enhance the appeal of software security education and make learning more engaging.
What will be your efforts to ensure OWASP continues to be a centerpiece in software security?
I will focus on maintaining OWASP’s relevance by continuously ensuring our resources reflect the latest security threats and best practices aligned with security trends and strengthening partnerships with academic institutions, industry leaders, government, and other professional bodies to promote widespread adoption and usage of OWASP standards. I will also work to ensure that OWASP develops professional certifications in software security that will enhance the members’ credibility.
What should OWASP stop doing and why?
OWASP should consider stopping the practice of holding conferences on regional bases that target well-represented geographical regions. Such an approach only leads to membership concentrated in certain geographical regions when OWASP is global. Instead, we should focus on promoting and holding conferences in regions with fewer members to increase access.