Cynthia Brumfield
Cynthia Brumfield is a veteran communications and technology analyst who is currently focused on cybersecurity. She runs a cybersecurity news destination site, Metacurity.com.
TSA’s pipeline cybersecurity directive is just a first step experts say
The new, hastily announced security directive requires US pipeline companies to appoint a cybersecurity coordinator and report possible breaches within 12 hours.
How the post-pandemic world will challenge CISOs
More permanent remote workers, requirements for protecting health data, and a more dangerous threat landscape await security teams as the COVID crisis ends.
SolarWinds, Exchange attacks revive calls for mandatory breach notification, better information sharing
Strong two-way communication between government and the private sector combined with a clear national breach notification policy will put a dent in cybercrime, experts say.
Biden administration releases ambitious cybersecurity executive order
Though lacking in definitional clarity, this new executive order might be more effective than past federal efforts, especially in the wake of the Colonial Pipeline attack.
Colonial Pipeline shutdown highlights need for better OT cybersecurity practices
Experts weigh in on what the Colonial attack teaches critical infrastructure providers about preparation and incident response.
Task force proposes framework for combatting ransomware
A diverse coalition of experts from business and the public sector present 48 recommendations for solving the ransomware crisis, including international cooperation and regulating cryptocurrencies.
Biden administration releases 100-day plan to address electric system cybersecurity risks
The plan focuses largely on supply chain risks to the electric grid, requests input on the DOE's role in coordinating cybersecurity efforts.
US sanctions Russian government, security firms for SolarWinds breach, election interference
The Biden administration places economic sanctions on Russian government organizations, individuals, and companies including several security firms.
Experts fear that Biden’s cybersecurity executive order will repeat mistakes of the past
President Biden is expected to issue an executive order soon in response to the SolarWinds and Exchange Server attacks. Leaked details suggest it might not focus on the most effective actions.
States enact safe harbor laws against cyberattacks, but demand adoption of cybersecurity frameworks
Connecticut might soon follow Ohio and Utah by enacting a law that offers liability protection against ransomware and other cyberattacks, but only if victims follow security best practices.
US government calls for better information sharing in wake of SolarWinds, Exchange attacks
The Biden administration seeks ways to better gather and share security intelligence from the private sector, but experts see barriers to success.
Why the Microsoft Exchange Server attack isn’t going away soon
For some victims, patching and proper forensics will be difficult, plus new threat actors are now exploiting the same Exchange Server vulnerabilities.
Virginia data protection bill signed into law
The state is the second in the nation to enact a consumer data protection law along the lines of the EU's GDPR. Here's what businesses need to know about Virginia's CDPA.
Cyber Diplomacy Act aims to elevate America's global cybersecurity standing
The new bill has bipartisan support to improve the US's ability to prevent and respond to cyberattacks and correct missteps of the Trump administration.
New York issues cyber insurance framework as ransomware, SolarWinds costs mount
The state looks to protect one of its core industries, which is threatened by mounting and potentially "unsustainable" losses due to the SolarWinds and ransomware attacks.
Egregor ransomware group explained: And how to defend against it
Egregor is one of the most rapidly growing ransomware families. It employs "double ransom" techniques to threaten reputational damage and increase pressure to pay.
Oldsmar cyberattack raises importance of water utility assessments, training
The attempt to poison a city's water supply by remotely accessing its ICS underscores the need for cybersecurity assistance at under-resourced critical infrastructure facilities.
Biden administration brings expertise, new attitude to cybersecurity
The US president promises a reckoning for SolarWinds hackers and places cybersecurity at the top of the administration's agenda.
Sprite Spider emerging as one of the most destructive ransomware threat actors
Having flown under the radar for several years, the Sprite Spider group is using a ransomware code suite that is effective and hard to detect.
-
White Paper
-
White Paper
-
Video/Webcast
Sponsored -
White Paper
-
White Paper
