The Cyber Incident Reporting for Critical Infrastructure Act has been in a holding pattern since CISA missed its original October 2025 deadline. The final rule is now expected in May 2026. If you’ve been treating CIRCIA as a future problem, that window is closing fast. RSA This post isn’t about what CIRCIA says in theory.…
The conflict between the United States and Iran that began on February 28, 2026 moved into the cyber domain almost immediately. If you’ve been watching it as a geopolitical story and not a security operations story, it’s time to adjust your perspective. This isn’t abstract nation-state activity happening at the edges of critical infrastructure. On…
Every year on March 31st, the security community celebrates World Backup Day. Vendors tweet reminders. IT teams run awareness campaigns. Someone in marketing makes a clever graphic about the 3-2-1 rule. And every year, organizations that had backups still lose everything to ransomware. That’s because we’ve been celebrating the wrong thing. We’ve been celebrating the…
Forty-three thousand people. Six hundred exhibitors. Thirty-one session tracks. Hugh Jackman somehow closing out the week at the Moscone Center. That’s RSAC 2026 in a sentence — massive, loud, and relentlessly marketed at from every direction. If you attended, you’re probably still recovering from the badge lanyard tan lines and the booth swag guilt. If…
It is tax season, which means it is also “Tax Scam Season.” While we all know to avoid phishing emails claiming to be the IRS (pro tip: the IRS never emails you), there is a more sophisticated threat: Stolen Identity Refund Fraud. This occurs when an attacker uses your Social Security Number (SSN)—likely stolen in…
To My Fellow California Business Owners, Navigating the complexities of running a small business is challenging enough without adding the ever-evolving landscape of data privacy into the mix. As your neighbor and cybersecurity partner at CK Cybersecurity, I want to cut through the noise and offer some straightforward, actionable advice to help you protect your…
The holiday season is upon us, and with it comes the annual rush of online shopping, deal-hunting, and digital gift-giving. As we search for the perfect gifts, cybercriminals are searching for their next target. This year, don’t let a scammer steal your holiday cheer. The key to staying safe is to treat your personal information…
As 2025 draws to a close, it’s time to look back at the cyber landscape. This year wasn’t just about more threats; it was about smarter, more targeted attacks. While the headlines focused on massive data dumps and ransomware payments, the real stories are in the how and why. If we learn from the major…
‘Tis the season for new gadgets. Whether it’s a smart TV, a new connected speaker, a security camera, or a “smart” appliance, these devices (part of the “Internet of Things” or IoT) are popular gifts. But this excitement comes with a risk. IoT devices are notoriously insecure, and a single “hacked” device can give an…