Cynthia Brumfield

Cynthia Brumfield is a veteran communications and technology analyst who is currently focused on cybersecurity. She runs a cybersecurity news destination site, Metacurity.com.

Election security status: Some progress on ballot integrity, but not on Russian interference

Election security status: Some progress on ballot integrity, but not on Russian interference

With the election less than two months away, government and election officials say voting itself is more secure, but Russian disinformation remains largely unaddressed.

CMMC bakes security into DoD’s supply chain, has value for all businesses

CMMC bakes security into DoD’s supply chain, has value for all businesses

The Cybersecurity Maturity Model Certification provides a means for the DoD to certify the security capabilities of its contractors, but it's a good way to assess the cybersecurity maturity for all companies.

With cloud's security benefits comes systemic risks, report finds

With cloud's security benefits comes systemic risks, report finds

A new report from the Carnegie Endowment for International Peace seeks to give law and policy makers a better understanding of cloud security risks.

Security in the spotlight as the US heads into elections

Security in the spotlight as the US heads into elections

A new report and tabletop exercise show how the upcoming US elections could be disrupted at the local government level without hacking the election itself.

TLS attacks and anti-censorship hacks

TLS attacks and anti-censorship hacks

Despite safeguards in TLS 1.3, China is still censoring HTTPS communications, according to a new report. There are workarounds to this. Plus, how TLS can be used as an attack vector.

Hybrid cloud complexity, rush to adopt pose security risks, expert says

Hybrid cloud complexity, rush to adopt pose security risks, expert says

Organizations rushing to adopt hosted cloud infrastructure alongside on-premises systems might not fully understand or address potential security threats.

CISO Q&A: How AvidXchange manages COVID-related threats and risk

CISO Q&A: How AvidXchange manages COVID-related threats and risk

Like many CISOs, Christina Quaine's team is supporting the payment processor's work-at-home employees and managing internal pandemic-specific risks. It also helps its mid-market customers meet new security challenges.

18 (new) ways attackers can compromise email

18 (new) ways attackers can compromise email

Researchers have discovered eighteen new vulnerabilities in how email systems authenticate senders, making it even easier for criminals to fool users.

Mathematical Mesh alpha release promises better end-to-end encryption

Mathematical Mesh alpha release promises better end-to-end encryption

Web pioneer proposes a new cryptographic system that relies on threshold key infrastructure to improve end-to-end encryption.

Many Cyberspace Solarium Commission recommendations expected to become federal law

Many Cyberspace Solarium Commission recommendations expected to become federal law

Dozens of cybersecurity measures designed to protect US businesses and infrastructure are part of the National Defense Authorization Act. Budget, political concerns might eliminate some.

Twitter hack raises alarm among government officials, security experts

Twitter hack raises alarm among government officials, security experts

The recent account takeover attack underscores how Twitter and other social platforms have become a critical component of political systems worldwide.

Time running out to protect US November elections

Time running out to protect US November elections

Experts say it's too late for significant legislative action to better protect voting this fall, but meaningful changes are still possible.

New DOE document names China, Russia as threats to US bulk power system

New DOE document names China, Russia as threats to US bulk power system

A US Department of Energy RFI seeks information on energy industry's supply chain security practices following executive order to develop industry regulations.

Domestic 5G development at core of US communications security plan

Domestic 5G development at core of US communications security plan

New NTIA document outlines White House 5G security goals, which promote home-grown R&D and call for continuous risk assessment and management.

Bipartisan bill could bring back the White House national cyber director role

Bipartisan bill could bring back the White House national cyber director role

Cyberspace Solarium Commission leaders introduce the National Cyber Director Act to reintroduce cybersecurity expertise into the White House.

New Republican bill latest in long line to force encryption backdoors

New Republican bill latest in long line to force encryption backdoors

Here we go again. Senate Republicans push a new bill to mandate "lawful access" to encrypted devices and data. It won't end until law enforcement has better cyber forensics capabilities.

Data security risks threaten approval of Chinese undersea cable plan

Data security risks threaten approval of Chinese undersea cable plan

The US government's "Team Telecom" wants to partially deny a proposed undersea cable connection between the US and Hong Kong over surveillance, data theft concerns.

Revised DOJ compliance guidance offers risk-management lessons for cybersecurity leaders

Revised DOJ compliance guidance offers risk-management lessons for cybersecurity leaders

Prosecutors use this guidance to assess criminal liability in a compliance breach, so it behooves business and security leaders to understand the expectations.

Senate subcommittee blasts FCC and Team Telecom approach to Chinese supply chain threats

Senate subcommittee blasts FCC and Team Telecom approach to Chinese supply chain threats

A report claims that oversight of Chinese telecoms for security threats to the US communications supply chain is lacking and without adequate authority.

New cybersecurity recommendations for US government target IoT, social media

New cybersecurity recommendations for US government target IoT, social media

The COVID-19 pandemic spurs the Cyberspace Solarium Commission policy initiative to issue a set of four security recommendations for the federal government in the wake of the crisis.

Load More