Cynthia Brumfield
Cynthia Brumfield is a veteran communications and technology analyst who is currently focused on cybersecurity. She runs a cybersecurity news destination site, Metacurity.com, consults with companies through her firm DCT-Associates, and is the author of the book published by Wiley, Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework.
CISA kicks off ransomware vulnerability pilot to help spot ransomware-exploitable flaws
The CISA pilot program will notify organizations of vulnerabilities that can lead to ransomware attacks, with small organizations the primary beneficiaries.
Universities and colleges cope silently with ransomware attacks
Ransomware gangs like Vice Society target colleges and universities like every other sector, but they try hard to keep that information quiet.
CISA funding to top $3 billion under Biden's FY 2024 budget
President Biden's FY2024 budget increases CISA's budget to over $3 billion and boosting spending on several cyber initiatives.
Municipal CISOs grapple with challenges as cyber threats soar
Municipal CISOs grapple with challenges as they become targets for nation-state threat actors, cope with regulations, and pursue funding from resource-constrained governments.
White House releases an ambitious National Cybersecurity Strategy
The Biden administration's National Cybersecurity Strategy calls for more regulation on critical infrastructure providers and holds software providers accountable for their insecure products.
Cyber arms race, economic headwinds among top macro cybersecurity risks for 2023
The Bipartisan Policy Center's report on the top eight macro cybersecurity risks highlights how little progress organizations have made in dealing with them.
Surge of swatting attacks targets corporate executives and board members
Swatters use data brokers and stolen information on the dark web to target C-suite and board members. Removing personal information from the web is the best way to minimize this risk.
New UN cybercrime convention has a long way to go in a tight timeframe
Nations around the world are hammering out a new cybercrime convention, but some UN members seek to criminalize activities that are not bona fide crimes.
Recent legal developments bode well for security researchers, but challenges remain
Security researchers gained greater federal legal protections over the past two years, but US state laws and China’s recently adopted vulnerability disclosure law pose threats.
US Maritime Administrator to study port crane cybersecurity concerns
Recently passed legislation might have been spurred by supply chain disruption and surveillance concerns enabled by Chinese-made cranes.
Twitter's mushrooming data breach crisis could prove costly
An apparent data breach potentially impacting hundreds of millions of users could damage Twitter's finances and operations. EU regulators pose the biggest threat to the Elon Musk-owned company.