Znalosti & postřehy
Bezpečnostní znalosti bez zbytečného bullshitu. Píšeme o tom, co skutečně funguje — v terénu, u reálných klientů.
The new Czech Cybersecurity Act (No. 264/2025 Coll.) introduces obligations that this time go far beyond large corporations and public institutions. The regulation affects thousands of Czech companies — and many still don't know it.
Číst článek →In 2023, Copilot for Microsoft 365 was a near-future promise. In 2024, it became available to enterprise customers. In 2025, Microsoft announced the EU Data Boundary as a solved problem, and Copilot began reaching regulated environments — with assurances that customer data would stay in Europe. In 2026, two developments complicated that picture.
Číst článek →Finanční instituce, které od ledna 2025 plní DORA, čelily v České republice nepříjemné otázce: musíme paralelně plnit i ZKB, nebo ne? Odpověď nebyla jednoznačná — až do 24. června 2026, kdy ČNB a NÚKIB vydaly společné prohlášení.
Číst článek →AI tools are already in your organisation — whether IT knows about it or not. Employees are working with ChatGPT, Gemini, and Copilot, feeding them internal documents, customer emails, source code, and business plans. Data that previously stayed inside the corporate network now travels to cloud-based models operated by external providers.
Číst článek →EU Cyber Resilience Act: Secure Software Development Is No Longer Optional. The regulation entered into force on 10 October 2024. It is built on a straightforward premise: manufacturers bear responsibility for the security of their products throughout their supported lifetime, not only at the point of sale. And they cannot transfer that responsibility to customers through license agreement exclusions (EULAs).
Číst článek →Three Critical June 2026 Vulnerabilities Under Active Exploitation: Check Point VPN (CVE-2026-50751) patched June 8, 2026 · Cisco SD-WAN (CVE-2026-20182) patched · RoguePlanet (CVE-2026-47281) unpatched
Číst článek →The most common mistake in cybersecurity? A company builds a system, launches an application, or introduces a new process — and only then starts asking how to secure it. By that point, it's usually too late for security to be truly effective. And too expensive to be done properly.
Číst článek →Picture this: someone walks into your office, plugs a USB stick into an employee's laptop, and five minutes later walks out with access to everything on that encrypted drive. Or imagine an employee with no admin rights running a simple script on a company computer and gaining full control of the operating system — no alert from the antivirus, no log entry, nothing to suggest anything happened at all.
Číst článek →Just a few years ago, a fraudulent email was obvious at first glance: typos, awkward phrasing, a suspicious sender, and an unrealistic promise. Today, it was written by a model trained on billions of texts. It knows your name, references your latest project, and knows what your boss is called. How do you defend against a threat the human eye can no longer see?
Číst článek →Large enterprises have CISOs, dedicated security teams, and million-euro budgets. Small and medium-sized businesses have reality — limited resources, little time, and a steadily growing number of cyberattacks aimed squarely at them. The good news: 80% of threats can be eliminated with the right basic measures in place. Here are the ten that matter most.
Číst článek →