Security Bulletin: End of Support for Microsoft Exchange Server 2016 and 2019

Release Date: February 20, 2025 Bulletin ID:  Exchange 2016 and 2019 End of Support Severity: Advisory Impact: Security Risks, Lack of Support Summary Microsoft has announced the End of Support (EOS) for Exchange Server 2016 on October 14, 2025. Exchange Server 2019 remains the last on-premises version of Exchange, but customers should be aware of lifecycle policies and support timelines to ensure security and compliance. After the EOS date, Exchange Server 2016 will no longer receive security updates, bug fixes, or technical support, which could leave organizations vulnerable to security threats and compliance issues. Organizations should take proactive steps to plan their migration strategy to ensure continued security and support. Next Steps for Customers Migrate to Exchange Online (Recommended) Microsoft recommends migrating to Exchange Online as part of Microsoft 365. This ensures: - Automatic updates and security patches - Lower maintenance overhead - Cloud-based collaboration and enhanced security features Upgrade to Exchange Server Subscription Edition (If Remaining On-Premises) Exchange Server 2019 is…

Comments Off on Security Bulletin: End of Support for Microsoft Exchange Server 2016 and 2019

Critical Path Security’s Patrick Kelley to Speak at 2025 Co-op Cyber Tech on Mental Health in Cybersecurity

We're excited to share some big news! Our very own Patrick Kelley has been selected to speak at the 2025 Co-op Cyber Tech conference, taking place June 24-26 in Denver, Colorado, at the Hyatt Regency Denver at Colorado Convention Center. This conference brings together cybersecurity professionals from around the globe to exchange ideas, insights, and best practices-so it's truly an honor for Patrick to be a part of it. Patrick's session, "Mental Health in Cybersecurity: Leveraging the Maslach Burnout Inventory (MBI)," will address one of the most pressing challenges facing the industry today: the toll that high-stakes cybersecurity work can take on mental well-being. He'll explore how the MBI, a globally recognized tool for measuring occupational burnout, can help cybersecurity teams identify and address stressors before they escalate. By examining the unique pressures cybersecurity professionals face-intense workloads, rapidly evolving threat landscapes, and round-the-clock incident response-Patrick will demonstrate evidence-based strategies to…

0 Comments

Speaking Event: Mental Health in Cooperatives: Balancing the Scales

At Critical Path Security, we understand that cybersecurity isn't just about technology-it's about people. The pressure to defend critical infrastructure against relentless threats is breaking teams down. Burnout, imposter syndrome, and the weight of impossible expectations are leaving cybersecurity professionals-and the cooperatives they protect-at risk. Next week, Patrick Kelley be speaking at the Alabama Rural Electric Association Accounting Update Annual Meeting about the hidden cost of burnout in cybersecurity and cooperatives. This isn't just a conversation about mental health; it's about the business impact-from increased turnover costs and cyber insurance hikes to the financial ripple effects of security fatigue. Key takeaways: ✔ The "Accidental CISO" Problem - Why so many cybersecurity professionals in cooperatives never planned for the role they're now in. ✔ Burnout & Finance - How stress translates into real financial loss, from regulatory fines to delayed security improvements. ✔ Coping Mechanisms That Work - Practical strategies to…

0 Comments

Strengthening Energy Security: Critical Path Security at CGA’s Energy Security Summit 2025

Cyber threats to energy infrastructure are more serious than ever, and securing critical systems requires collaboration across the industry. That's why Critical Path Security will be attending the Energy Security Summit 2025, hosted by the Canadian Gas Association. We look forward to engaging with industry leaders and security professionals to discuss emerging threats and strategies for protecting North America's energy sector. This summit is a key event for anyone involved in cybersecurity, critical infrastructure, and operational technology (OT) security. If you're attending, let's connect.

0 Comments