On-Chain vs Off-Chain governance. What are the rules to Calvinball?

By Kurt Seifried, Chief Blockchain Officer, CSA If you don’t know what Calvin and Hobbes is you can skip the next bit, but it is amusing.  Calvinball is a game invented by Calvin and Hobbes. Calvinball has no rules; the players make up their own rules as they go along, making it so that no […]

Read more...

Facebook Project Libra – the good, the bad, the ugly and why you should care

By Kurt Seifried, Chief Blockchain Officer, CSA So you’ve probably heard by now that Facebook will be creating a crypto-currency called “Project Libra” and if you haven’t well, now you know. So first let’s cover what is good about this. Facebook has announced Project Libra as a Stablecoin, its value will be pegged to a […]

Read more...

CVE and Cloud Services, Part 2: Impacts on Cloud Vulnerability and Risk Management

By Victor Chin, Research Analyst, Cloud Security Alliance, and Kurt Seifried, Director of IT, Cloud Security Alliance This is the second post in a series, where we’ll discuss cloud service vulnerability and risk management trends in relation to the Common Vulnerability and Exposures (CVE) system. In the first blog post, we wrote about the Inclusion […]

Read more...

CVE and Cloud Services, Part 1: The Exclusion of Cloud Service Vulnerabilities

By Kurt Seifried, Director of IT, Cloud Security Alliance and Victor Chin, Research Analyst, Cloud Security Alliance The vulnerability management process has traditionally been supported by a finely balanced ecosystem, which includes such stakeholders as security researchers, enterprises, and vendors. At the crux of this ecosystem is the Common Vulnerabilities and Exposures (CVE) identification system. In order […]

Read more...

Counterfeit gear in the cloud

One of the best and worst things about outsourced cloud computing (as opposed to in house efforts) is the ability to spend more time on what is important to you, and leave things like networking infrastructure, hardware support and maintenance and so on to the provider. The thing I remember most about system and network […]

Read more...