Cynthia Brumfield
Cynthia Brumfield is a veteran communications and technology analyst who is currently focused on cybersecurity. She runs a cybersecurity news destination site, Metacurity.com, consults with companies through her firm DCT-Associates, and is the author of the book published by Wiley, Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework.
Data protection concerns spike as states get ready to outlaw abortion
The use of personal data from brokers, apps, smartphones, and browsers to identify those seeking an abortion raises new data protection and privacy risks.
Five Eyes nations warn MSPs of stepped-up cybersecurity threats
The warning likely comes in response to an increase in attacks on managed service providers, through which threat actors can access their clients.
A year later, Biden’s cybersecurity executive order driving positive change
Notable experts say the cybersecurity executive order has improved the nation's security posture, but more work is to be done.
NIST Cybersecurity Framework update comments highlight a gamut of needed changes
Better metrics, implementation guidance, and alignment with other frameworks are high on the list of suggested improvements to the NIST CSF.
U.S. White House releases ambitious agenda to mitigate the risks of quantum computing
The Biden administration issued an executive order to ensure U.S. leadership in quantum computing and a memorandum to mitigate its security risks.
Spyware was used against Catalan targets and UK prime minister and Foreign Office
Researchers at the Citizen Lab says dozens of officials' phones were compromised by spyware sold by NSO Group or Candiru.
Rare and dangerous Incontroller malware targets ICS operations
A coalition of U.S. government agencies, security researchers, and companies warn about this new malware that can gain complete access to ICS and SCADA systems.
Ukraine energy facility hit by two waves of cyberattacks from Russia’s Sandworm group
Sandworm succeeded in planting a new version of the Industroyer malware to disrupt ICS infrastructure at multiple levels, but was thwarted from doing serious damage.
With AI RMF, NIST addresses artificial intelligence risks
The new framework could have wide-ranging implications for the private and public sectors. NIST is seeking comments on the current draft by April 29, 2022.
New threat group underscores mounting concerns over Russian cyber threats
Crowdstrike says Ember Bear is likely responsible for the wiper attack against Ukrainian networks and that future Russian cyberattacks might target the West.
U.S. State Department unveils new Bureau of Cyberspace and Digital Policy
The new Bureau could enhance the United States' ability to work effectively with other nations on cybersecurity matters.