Cybersecurity Institute News Roundup 21 April 2025
Welcome to this week’s Cybersecurity Institute News Roundup: a weekly overview of the most interesting news and articles that have caught our attention recently from across the cybersecurity industry. In this week’s roundup, we cover the NIST’s updated privacy framework to address AI privacy risks, extended funding from CISA for the Common Vulnerabilities and Exposures (CVE) program, the UK Ministry of Defense under attack from a spear phishing campaign, reports of DHS workforce cuts, and the UK’s £121 million investment in quantum research to help tackle cybercrime.
NIST releases updated privacy framework for public comment
NIST has released a new draft of its Privacy Framework, PFW 1.1, with the intent to better align it with the agency’s updated Cybersecurity Framework 2.0 and to address AI privacy risks. Public feedback is being accepted until June 13th, 2025.
CISA reversal extends CVE program funding
Just hours before funding of the Common Vulnerabilities and Exposures program was set to lapse, CISA reversed course and extended funding for 11 months, prompting a huge sigh of relief across the larger cyber community.
UK Ministry of Defense targeted by spear phishing campaign
The UK government reported that the country’s Ministry of Defense was targeted by a spear phishing campaign in late 2024 that appears to be affiliated with Russian threat actors.
Rumored deep DHS staff cuts could undermine US cybersecurity
Unconfirmed reports cite that DHS is seeking to cut up to a third of its workforce including 1300 employees at CISA, raising concerns around continued US cyber vigilance, preparedness, and defense.
UK to invest £121 million to harness quantum computing for the greater good
On World Quantum Day (April 14th), the UK government announced £121 million in funding for quantum technology research and development to help tackle cybercrime, fraud, and money laundering.