Why the Huawei ban is bad for security
Many believe the ban on exporting U.S. technology to Chinese company Huawei could hurt American tech vendors and do little to mitigate supply chain threats.
Cynthia Brumfield | 13 Jun | Read more
Stories by Cynthia Brumfield
2016 election hacking in Florida: Russian emails, hidden tracks
The Mueller Report says the Russians planted malware on at least one Florida county system, and Florida's governor announces that two counties were hacked in 2016. Experts believe the problem could be bigger.
Cynthia Brumfield | 23 May | Read more
Why local governments are a hot target for cyberattacks
Recent ransomware and other attacks underscore the value attackers see in the data stored in city and regional government systems. Here's why they are vulnerable and what they can do to reduce the threat.
Cynthia Brumfield | 01 May | Read more
FEMA contractor at center of privacy violation provides services to many other agencies
Corporate Lodging Consultants is provides lodging services to many other government agencies. Is more sensitive personal information at risk?
Cynthia Brumfield | 12 Apr | Read more
New CISA director outlines top 5 priorities for protecting U.S. critical infrastructure
CISA’s Christopher Krebs has a two-year plan for his new cybersecurity agency, with China, supply chain and 5G as top priorities.
Cynthia Brumfield | 06 Mar | Read more
The cybersecurity legislation agenda: 5 areas to watch
The 116th Congress is only a few months old, but far-reaching cybersecurity bills to protect infrastructure and the supply chain, ensure election integrity, and build a security workforce are now being considered. Here’s the list.
Cynthia Brumfield | 21 Feb | Read more
EFF has an encryption plan for the entire internet
Spurred by government surveillance of data, the Electronic Frontier Foundation is making progress toward its goal of encrypting all internet traffic using technology and scorecards.
Cynthia Brumfield | 31 Jan | Read more
NIST framework released to widespread praise, but what happens next?
Following a solid year of intensive work, the National Institute of Standards and Technology (NIST) released yesterday its "final" framework for improving critical infrastructure cybersecurity as mandated under a February 2013 executive order by President Obama. The 41-page document closely tracks, with some notable changes, the preliminary framework released by NIST in November.
Cynthia Brumfield | 13 Feb | Read more
Adoption, privacy biggest topics as NIST cybersecurity framework nears February deadline
The National Institute of Standards and Technology (NIST) held a fifth workshop in Raleigh, North Carolina last week on the comprehensive, preliminary cybersecurity framework mandated under President Obama's February 2012 executive order, the last such gathering before the framework becomes final in February.
Cynthia Brumfield | 18 Nov | Read more
NIST's latest cybersecurity framework reveals a lot of goodwill amidst continued criticism
After delays due to the government shutdown, the National Institute of Standards and Technology (NIST) released on October 22 its latest version of a comprehensive cybersecurity framework for critical infrastructure as mandated by President Obama's February cybersecurity executive order (EO). This preliminary framework is subject to a 45-day public comment period, after which NIST will make revisions and then produce a final framework for publication in February.
Cynthia Brumfield | 24 Oct | Read more
NIST closer to critical infrastructure cybersecurity framework
The National Institute of Standards and Technology (NIST) held in San Diego last week the third of four workshops to develop a comprehensive cybersecurity framework for critical infrastructure as required under an executive order signed by President Obama on February 12, 2013. NIST's goal with the workshop was to solicit feedback from nearly five hundred attendees to generate content for the preliminary draft framework, which is due in early October.
Cynthia Brumfield | 18 Jul | Read more
NIST seeks input on cybersecurity framework
Starting tomorrow, July 10th, in San Diego, the National Institute of Standards and Technology (NIST) will host the third, and perhaps most important, in a series of workshops aimed at developing a voluntary comprehensive cybersecurity framework that will apply across sixteen critical infrastructure sectors.
Cynthia Brumfield | 09 Jul | Read more