
Cynthia Brumfield
Cynthia Brumfield is a veteran communications and technology analyst who is currently focused on cybersecurity. She runs a cybersecurity news destination site, Metacurity.com.


New US IoT law aims to improve edge device security
The Internet of Things Cybersecurity Improvement Act will require device manufacturers to meet new security standards for government contracts. Carryover effect expected for the private sector.

China’s exclusion from US 5G market likely to continue with Biden administration
Telecom insiders discuss supply chain security and call for better communication, collaboration, and transparency from the federal government about threats within their industry.

Defining data protection standards could be a hot topic in state legislation in 2021
Some states could follow the New York Shield Act’s lead and set clearer regulatory expectations for reasonable cybersecurity. Election security legislation likely not on the agenda.

Passage of California privacy act could spur similar new regulations in other states
Voters approved the California Privacy Rights and Enforcement Act (CPRA), which in part limits how organizations can use personal data. Legal experts expect other states to follow suit.

US DOJ indictments might force Russian hacker group Sandworm to retool
Experts hope that indictments against six Russian military intelligence agents will make Russia rethink plans to disrupt the US election.

Common pitfalls in attributing cyberattacks
Attack attribution is always difficult as criminal groups often share code and techniques, and nation-state actors excel at deception. Here, security researchers share their techniques and common pitfalls.

Late-game election security: What to watch and watch out for
Despite disruption of the Trickbot botnet network, last-minute leaks of stolen documents and post-election undermining of trust in the election system remain big concerns.

How SilentFade group steals millions from Facebook ad spend accounts
SilentFade steals credentials and ad spend account information and sells the information to other bad actors. The group returned with improved malware after Facebook's initial mitigation efforts.

New FBI strategy seeks to disrupt threat actors, help defenders through better coordination
The FBI sharpens its focus on collaboration among US and foreign government agencies and the private sector. It will acting as a central hub to deal with cybersecurity threats.

CIOs say security must adapt to permanent work-from-home
Both private- and public-sector CIOs see many more employees permanently working remotely, and say security needs to adapt to new threats and how they communicate.

Preventing insider threats: What to watch (and watch out) for
Understanding human behaviors that precede malicious actions from an insider is the best way to avoid data loss or disruption, experts say.

Ransomware attacks growing in number, severity: Why experts believe it will get worse
Law enforcement and federal experts discuss recent ransomware trends and challenges of fighting the attacks.

Election security status: Some progress on ballot integrity, but not on Russian interference
With the election less than two months away, government and election officials say voting itself is more secure, but Russian disinformation remains largely unaddressed.

CMMC bakes security into DoD’s supply chain, has value for all businesses
The Cybersecurity Maturity Model Certification provides a means for the DoD to certify the security capabilities of its contractors, but it's a good way to assess the cybersecurity maturity for all companies.

With cloud's security benefits comes systemic risks, report finds
A new report from the Carnegie Endowment for International Peace seeks to give law and policy makers a better understanding of cloud security risks.

Security in the spotlight as the US heads into elections
A new report and tabletop exercise show how the upcoming US elections could be disrupted at the local government level without hacking the election itself.

TLS attacks and anti-censorship hacks
Despite safeguards in TLS 1.3, China is still censoring HTTPS communications, according to a new report. There are workarounds to this. Plus, how TLS can be used as an attack vector.

Hybrid cloud complexity, rush to adopt pose security risks, expert says
Organizations rushing to adopt hosted cloud infrastructure alongside on-premises systems might not fully understand or address potential security threats.

CISO Q&A: How AvidXchange manages COVID-related threats and risk
Like many CISOs, Christina Quaine's team is supporting the payment processor's work-at-home employees and managing internal pandemic-specific risks. It also helps its mid-market customers meet new security challenges.
-
White Paper
-
Sponsor Article
Sponsored -
Video/Webcast
Sponsored -
White Paper
-
White Paper