Recently, it became clear that OWASP has managed to select 0 women from 7 total keynote speakers at both major conferences, and 72/74 men speakers has been selected for AppSec EU, a rate of 98% men and only 2% women. This rate of participation and selection is well below industry participation by women. It is statistically nigh on impossible to arrive at this number and a lack of women presenters at OWASP global conferences.

The causes of this could include:

• Lack of women submitting papers, which has a root cause of not requiring conference organisers to reach out to women in infosec to submit talks, despite such lists existing
• Lack of sufficient quality submissions by women submitters, which has a root cause of not requiring organisers to assist submitters produce the very best submission they can, particularly for women
• The lack of keynote speakers is particularly offensive, as there are many women in senior leadership roles ready and willing to step in, if only they were asked.
• Panels have not been announced as yet, but it is incumbent on OWASP to not have men only panels, as these are often derided in the press and on social media.
• Lack of women participating in paper committees, because there is no open call for participation, so it’s an invite only club. For example, the AppSec EU papers committee consists of 25 men. It used to be more before some men stepped down. This number of men and no women is statistically impossible to achieve unless there was no open call for participation. There was no open call for participation for either AppSec EU 2016 or AppSec USA 2016.

This has to be resolved immediately to achieve our mission statement of global inclusiveness:

• GLOBAL Anyone around the world is encouraged to participate in the OWASP community.

The following motions are put to the Board for their immediate action:

MOTION - fix AppSec EU 2016

1. OWASP Board to search for and appoint a woman keynote speaker for AppSec EU immediately. This brings AppSec EU up to 1/4 women keynotes, and requires no further action. 

MOTION - fix AppSec USA 2016

2. OWASP Board to search for and appoint a woman keynote speaker for AppSec USA immediately
3. Require the AppSec USA organisers to work with the currently published keynote speakers to ask one of them to step aside, or to create a fifth keynote at a suitable time.

MOTION - Board to discharge its duties towards universal inclusiveness

4. OWASP Board to assist the Women In AppSec (WIA) working group with the responsibility to create and maintain a list of women speakers, including those who are willing to be keynote speakers. This list shall be made available to all conference organisers, with the clear expectation that they will make a direct approach as part of their call for training and call for papers
5. OWASP Board to assist the Women In AppSec (WIA) working group to develop a hands on a mentoring program to assist women speakers to develop speaking and training proposals, and once selected, help them with advice on papers and presentations, such that more women will succeed at being selected in the first round of talk and training selections, as well as have a successful talk at OWASP events.

MOTION - Fix the processes by which ~0 women were selected to speak in 2016

Foundation staff to create or alter the memorandum of understanding between future OWASP conference organisers, that amongst other things, stipulates that:

6. Effective immediately, organisers shall run an open call for open participation for the papers committee at least one month in advance of the call for papers. A list of the papers committee membership shall be open and transparent to all. There shall be no more closed or non-transparent papers committees for any major global OWASP conference or large regional OWASP event.
7. Effective immediately, at least 10% - rising to at least 25% by 2020 - of all paper committee members shall be women. If insufficient women have applied, the OWASP Board will appoint volunteers from within and outside OWASP to make up the necessary numbers.
8. Effective immediately, at all OWASP major conferences and larger regional events such as OWASP Days, AppSec Cali and LATAM tour, at least 25% and preferably 50% of all keynote speakers are to be women. There shall be no more OWASP conferences without a woman keynote speaker. 
9. Effective immediately, Organisers will have to demonstrate they have reached out to sufficient numbers of suitable women keynote speaker candidates to fulfil this requirement, or the OWASP Board will appoint a suitable keynote speaker and remove a previously selected male speaker.
10. Effective immediately, a blind process shall be used to select training and papers, without reference to name, title, or gender
11. Effective immediately, where of the blindly selected training and talks, where 15% has not been filled by women candidates, successful slots should be selected from top rated female submissions until at least the 15% ratio is reached. This shall rise to 25% by 2020. It should be stressed - this is the minimum percentage allowed so as to encourage new and more diverse speakers to appear at OWASP conferences.
12. Effective immediately, all panels shall have at least 25% women participation, rising to 50% by 2020.

As a non-binding set of recommendations on Conference organisers:

• Training and talks should be selected first and foremost by blind selection based upon scoring factors, including merit, interesting new or advances in research, well researched, and great abstract, paper and slides. Talks that have been seen in past years or cover old ground should not be selected.
• If insufficient talks of merit by women were submitted or selected, it’s important for conference organisers to revisit submitters and the list of women speakers and give them enough time to either re-submit with higher quality, or submit a talk that would satisfy the basics: an new or interesting topic, well researched, and well presented
• Conference program should not be published until such time as sufficient women have been selected to avoid embarrassment for conference organizers
• If the organizers are still unable find enough suitable female candidates, they can apply for exceptional approval by the OWASP Board to continue without satisfying the MoU. The organizers would have to demonstrate evidence of the steps that they have actively pursued to comply with these regulations.