Cynthia Brumfield

Cynthia Brumfield is a veteran communications and technology analyst who is currently focused on cybersecurity. She runs a cybersecurity news destination site, Metacurity.com.

The Latest from Cynthia

News Analysis

NSA, CISA release Kubernetes hardening guidance following Colonial Pipeline, other attacks

The guidance seeks to educate IT administrators about cloud security risks and best practices for implementing and maintaining Kubernetes.

News Analysis

Biden memo, infrastructure deal deliver cybersecurity performance goals and money

The White House initiatives and expected passage of the US infrastructure plan will set new cybersecurity standards for critical infrastructure, provide money to state and local governments.

News Analysis

18 new cybersecurity bills introduced as US congressional interest heats up

The new bills, many with bi-partisan support, aim to increase cybersecurity funding, improve breach reporting, investigate cryptocurrencies, and more.

News Analysis

TSA issues second cybersecurity directive for pipeline companies

Experts applaud the agency's new, detailed security requirements for US pipeline operators but question how they will be enforced or monitored.

News Analysis

Biden administration, US allies condemn China's malicious hacking, espionage actions

Global coalition calls on China to curtail its cyber activities. For the first time, the US blames China directly for ransomware attacks.

News Analysis

Biden Administration announces flurry of new anti-ransomware efforts

The defensive initiatives include a reward for information on nation-state actors and the formation of a new interagency ransomware task force.

News Analysis

NIST’s EO-mandated software security guidelines could be a game-changer

While experts applaud the new security guidance, it's unclear whether software vendors will completely embrace and implement the needed security practices.

News Analysis

Ransomware talks: How Biden could push Putin to the table

Under pressure to end the ransomware scourge, the White House faces strong headwinds. The problem: Putin has no motivation to change the status quo.

News Analysis

Proposed bill would create a new federal agency to protect consumer data

The Data Protection Act of 2021 has wide-ranging definitions of high-risk data practices and privacy harm.

News Analysis

NIST defines "critical software" with a broad range of security functions

The goal is to enable stronger security practices for government-purchased software mandated by President Biden's cybersecurity executive order.

News Analysis

Four states propose laws to ban ransomware payments

Some state legislatures are debating bills that could limit or ban ransom payments. A better option, experts say, is mandatory reporting of ransomware attacks.

News Analysis

Government-mandated SBOMs to throw light on software supply chain security

The US government will soon require vendors to provide a software bill of materials to help ensure integrity of an application's components.

News Analysis

US Congress tees up ambitious cybersecurity agenda in the wake of supply chain, ransomware attacks

Roughly 115 cybersecurity-related bills are working their way through the legislative process, in many cases with bipartisan support.

News Analysis

Feds seize $2.3 million in cryptocurrency wallet reportedly used in Colonial Pipeline ransomware attack

The successful seizure could encourage other victims to better cooperate with federal agencies and cause ransomware gangs to rethink their operations.

News Analysis

TSA’s pipeline cybersecurity directive is just a first step experts say

The new, hastily announced security directive requires US pipeline companies to appoint a cybersecurity coordinator and report possible breaches within 12 hours.

News Analysis

How the post-pandemic world will challenge CISOs

More permanent remote workers, requirements for protecting health data, and a more dangerous threat landscape await security teams as the COVID crisis ends.

News Analysis

SolarWinds, Exchange attacks revive calls for mandatory breach notification, better information sharing

Strong two-way communication between government and the private sector combined with a clear national breach notification policy will put a dent in cybercrime, experts say.

News Analysis

Biden administration releases ambitious cybersecurity executive order

Though lacking in definitional clarity, this new executive order might be more effective than past federal efforts, especially in the wake of the Colonial Pipeline attack.

News Analysis

Colonial Pipeline shutdown highlights need for better OT cybersecurity practices

Experts weigh in on what the Colonial attack teaches critical infrastructure providers about preparation and incident response.

News Analysis

Task force proposes framework for combatting ransomware

A diverse coalition of experts from business and the public sector present 48 recommendations for solving the ransomware crisis, including international cooperation and regulating cryptocurrencies.

Popular Resources

Video/Webcast
Sponsored

Remoting 101: How to Remote Your Mac
Video/Webcast
Sponsored

The Next Generation of Protection for the Content Cloud
eBook
Sponsored

CIO Think Tank Roadmap Report: Data and Analytics at Scale
White Paper

8 Key Tips For Cloud Cost Management on AWS
Video/Webcast
Sponsored

A Deep Dive on Hybrid Cloud Security

See All