January 2023 Agenda/Minutes

Meeting Details

• Date: 24 January 2023
• Time: 12PM US Eastern, UTC 1700 convert
• Location: Remote
• Recording: Zoom Meeting

Agenda

CALL TO ORDER

Board Members

• Vandana Verma Sehgal, Grant Ongers, Avi Douglen, Glenn ten Cate, Mark Curphey, Matt Tesauro, Bil Corry.

Guests

• Andrew van der Stock, Shelby Graham, Dawn Aitken, Harold Blankenship, Lisa Jones, Kelly Santalucia, Lauren Thomas

CONFLICT OF INTEREST AND ANTI-TRUST STATEMENT

As the Board consists of individuals from many competing organizations, OWASP and its Board shall abide by all applicable anti-trust and competition laws. To avoid any perceived or actual conflict of interest, or anti-trust concerns under US federal, state, or regulations, only the published agenda shall be discussed or voted upon, or amended as below. If there are any conflicts of interest, Board members are expected to disclose the conflict of interest and must recuse themselves from discussion and voting.

• OWASP Conflict of Interest Policy
• Director’s Commitment Agreement

CHANGES TO THE AGENDA

Changes to the agenda - unless otherwise prohibited by anti-trust or competition laws - including adding, altering, or tabling of motions is permitted by following Roberts Rules of Order (RONR 12th Ed) 41:63, which requires an affirmative two-thirds vote.

APPROVAL OF MINUTES

• Previous Meeting Minutes - December 2022

Vote

• Vandana Verma - Yes
• Grant Ongers - Yes
• Avi Douglen - Yes
• Matt Tesauro - Yes
• Bil Corry - Yes
• Glenn ten Cate - Yes
• Mark Curphey - abstained

Passed: 6-0

PRE-READING MATERIAL AND REPORTS

• Executive Director Board Summary
• Finance Board Narrative
• Finance Board Package

NEW BUSINESS

ELECTION OF 2023 OFFICERS

Background The first official business at the first general public meeting must be to elect Board officers. The outgoing officers are the pro tem officers until their incoming officers are elected. The process is defined by RONR 12th ed. 46:31 (2) - nominations from the floor, followed by a ballot to obtain a majority candidate who is confirmed to office via a majority vote of the Board.

Motion: “Resolved, that the Board votes to elect Grant Ongers or Mark Curphey as Chair.”

Discussion: The Chair will call for nominations from the floor. If multiple nominations are received, the nominee with a majority of nominations will proceed to the motion. If there is only one nomination, the Chair will immediately call for a vote on the motion. If there is a tie, the Chair will cast the deciding vote. The incoming officer takes their office as soon as the motion is passed.

NB: Outgoing Chair conducts the election of the incoming Chair

RONR 12th ed. 46:47 Vandana Verma, as the 2022 Chair, will open the meeting and conduct the election of the 2023 Chair. Once the new Chair is confirmed, the new Chair will immediately become the new OWASP Chair, and conduct the rest of the meeting, including the election of the other officers.

Sponsor: Vandana Verma Sehgal Second: Grant Ongers

Vote

• Vandana Verma - Grant Ongers
• Grant Ongers - Grant Ongers
• Avi Douglen - Grant Ongers
• Matt Tesauro - Grant Ongers
• Bil Corry - Grant Ongers
• Glenn ten Cate - Mark Curphey
• Mark Curphey - Mark Curphey

Passed: 5-2 - Grant as Board Chair

Motion: “Resolved, that the Board votes to elect Avi Douglen as Vice Chair.”

Discussion: Same as before.

Sponsor: Grant Ongers Second: Vandana Verma

Vote

• Grant Ongers - Yes
• Vandana Verma - Yes
• Bil Corry - Yes
• Matt Tesauro - Yes
• Glenn ten Cate - Yes
• Avi Douglen - Yes
• Mark Curphey - abstained

Passed: 6-0

Motion: “Resolved, that the Board elects Matt Tesauro as Secretary.”

Discussion: Same as before.

Sponsor: Grant Ongers Second: Vandana Verma

Vote

• Grant Ongers - Yes
• Vandana Verma - Yes
• Bil Corry - Yes
• Matt Tesauro - Yes
• Glenn ten Cate - Yes
• Avi Douglen - Yes
• Mark Curphey - Yes

Passed: 7-0

Motion: “Resolved, that the Board elects Bil Corry as Treasurer.”

Discussion: Same as before.

Sponsor: Grant Ongers Second: Vandana Verma

Vote

• Grant Ongers - Yes
• Vandana Verma - Yes
• Bil Corry - Yes
• Matt Tesauro - Yes
• Glenn ten Cate - Yes
• Avi Douglen - Yes
• Mark Curphey - Yes

Passed: 7-0

Motion to approve Distinguished Lifetime Awards

Discussion: The Board will consider a motion to approve the Distinguished Lifetime Awards for early 2023.

• Distinguished Lifetime Membership February 2023

Motion: “Resolved, that the Board approves the attached Distinguished Lifetime Awards for early 2023.”

NB: The spreadsheet will become public after Global AppSec Dublin.

Sponsor: Grant Ongers Second: Avi Douglen

Vote:

• Grant Ongers - Yes
• Avi Douglen - Yes
• Bil Corry - Yes
• Matt Tesauro - Yes
• Glenn ten Cate - Yes
• Mark Curphey - Yes
• Vandana Verma - Yes

Passed: 7-0

Motion to move April and December Board meetings

The Board will consider a motion to move the April and December Board meetings to avoid conflicts with RSA and the end of year holidays.

Motion: “Resolved, that the Board moves the April Board meeting to Tuesday, April 18 and December to Tuesday December 19, 2023.”

Sponsor: Grant Ongers Second: Vandana Verma

Vote

• Grant Ongers - Yes
• Avi Douglen - Yes
• Bil Corry - Yes
• Matt Tesauro - Yes
• Glenn ten Cate - Yes
• Mark Curphey - Yes
• Vandana Verma - Yes

Passed: 7-0

COMMENTS, ANNOUNCEMENTS, AND OTHER BUSINESS

Events Briefing and Global AppSec DC Training Splits

Lauren Thomas and Kelly Santalucia will take the Board through an Events briefing, and discuss the need for a different training split for AppSec DC to maintain profitability. The Board may consider proposing a motion to approve the proposed split.

Update on NetGuru Website Project

Mark Curphey to provide an update to the Board on the NetGuru website redesign initiative.

OpenCRE Budget Request

Spryos Gasteratos will present a request to the Board for funding to support the OpenCRE project.

ADJOURNMENT

Adjournment motion

The next general Board meeting is on 28 February 2023, at 12 pm US Eastern Time.

• February 2023

“It is moved, and seconded to adjourn. Those in favor, say “aye””

Sponsor: Chair (Grant) Second: Avi

Staff Reports

Executive Director

See slides

Finance

Attached please find the financial package for OWASP US which represents financial performance for the twelve months of 2022 ended December 31st, 2022.

The financials ONLY consider the US activities through December 2022 YTD.

Statement of Activities – Accrual Basis

The following is a summary of the YTD Statement of Activities:

Revenue: On an accrual basis (EARNED Revenue), total revenue through December 2022, is $2,798,610 vs 2022 Budget of $2,155,000 or $643,610 over the Budget as of 12.31.22. The reasons for this include:

• Actual, recognized Corp Membership at $521,820 was $271,731 AHEAD of the YTD 2022 Budget of $250,000
• Actual recognized Individual Membership at $275,731 was $24,269 UNDER the YTD 2022 Budget of $300,000
• Actual recognized Donations of $169,631 were $16,369 UNDER the YTD budgeted amount of $186,000 (however $100,000 of the shortfall is due to the budgeted/estimated Grant that did not occur in 2022, so actual donations are $83,631 ahead of budget through 12.31.22
• YTD Event income of $1,829,415 was $454,415 AHEAD the YTD budget of $1,375,000. The largest driver of this difference is the fact that the budget includes $665,000 in expected revenue for Global AppSec in San Francisco. Actuals for AppSec YTD are $415,595 for Registrations and $786,700 for Sponsorships. This is $537,295 over the budgeted amount.
• Merch and Trademark income is UNDER Budget by $38,996, combined.

Expenses: On an accrual basis (INCURRED), total expenses through December 2022 were $1,661,100 as compared to an approved YTD budget of $2,154,732. The results are OWASP is $493,632 UNDER the approved YTD 2022 budget for expenses (though excluding the budgeted expenses associated with the “grant” of $90,000, which has not occurred yet, in the 2022 Budget actual expenses are only $403,632 below budget thru 12.31.22). The reasons for this Variance to YTD include:

• Projects were $106,503 under budget excluding the $90,000 for the estimated “grant” expenses that have not occurred, actual underspending in Projects is only $16,503 due to underspending on Projects and Marketing.
• Events are Under Budget by $444,334 due to budgeted spend for AppSec SF – Budget includes $520,000 of expected expenses. Expenses recorded YTD are $84,174. The largest portion of the variance is due to prior year spending for the event. We are also waiting for the final bills for food and accommodation as no bill has been entered yet for Hyatt Regency San Francisco.
• Chapters and Outreach were a combined $24,118 Under budget due primarily under spending in Chapter spending, Marketing, and timing of YM platform fees.
• G&A was over budget by $60,433 due to payment of pending Legal fees offset by underspending on EU expenses compared to Budget as of 12.31.22
• All other depts were a combined over budget in spending by $20,890.

Net Income/Loss: Net Profit (Loss) as of December 31st, 2022, is $1,137,510. The approved budgeted net profit (loss) was $268. The actual net profit is AHEAD of budget by $1,137,242 due to underspending in certain areas and exceeding the Revenue budget YTD 2022, including higher Revenue than budgeted for Global AppSec US in San Francisco and the timing difference of matching of revenue and Global AppSec US event expenses from the prior year. Net income is down from 11.30.22 by $213,717.

Months of Operational Reserve: The cash balance of $2,684,473 is $11,055 MORE than 11.30.22 and $1,227,412 more than the 12.31.21 balance, or a 84% increase in our cash balance YoY. In a continually challenging Pandemic year, this is a fantastic achievement and a testament to the OWASP Staff and the OWASP Community’s support of the Foundation. If we segregate the AP and assumed Project balance, we would have approximately $2,456,579 ($138,799 less than 11.30.22) or 20 months of reserve at the $121,000 of avg monthly Operating expenses and 13.6 months of reserve at the $180K of avg of all monthly expenses (this includes all the event expenses and is 1 month less than 11.30.22). Again, a very good metric as the Non-Profit industry avg months of Operational reserve is 6 months.

Though actuals came out ahead of the budget for the year, we should be mindful of our expenses – a specific area to highlight is keeping an eye on speaker travel as we head into fiscal year 2023. The current draft budget is projecting a loss for 2023, and though we have cash reserves to invest in operations, projects, or whatever deemed fit, we should try to keep additional travel costs at a minimum where possible.

I will see you all next week for the Board call on January 24th.

Events

TBA