The Cyber Incident Reporting for Critical Infrastructure Act has been in a holding pattern since CISA missed its original October 2025 deadline. The final rule is now expected in May 2026. If you’ve been treating CIRCIA as a future problem, that window is closing fast. RSA This post isn’t about what CIRCIA says in theory.…
The conflict between the United States and Iran that began on February 28, 2026 moved into the cyber domain almost immediately. If you’ve been watching it as a geopolitical story and not a security operations story, it’s time to adjust your perspective. This isn’t abstract nation-state activity happening at the edges of critical infrastructure. On…