incident-response

Federal Cyber Reality Check: Capacity, Coordination, and Confidence Are Out of Sync

John Z Black Mar 18, 2026

Policy, Law & Governance #cisa #dhs #critical-infrastructure #governance #policy #incident-response #federal-cyber

Staffing gaps, fuzzy lead-agency roles, and public messaging that doesn't always match operational uncertainty -- the layers of federal cyber aren't running in sync right now.

Breach Disclosure Lag Is Becoming the Real Story in Financial Supply Chains

John Z Black Mar 18, 2026

Incidents & Breaches #breach #financial-services #third-party-risk #disclosure #ransomware #governance #incident-response

The Marquis breach started with a ransomware attack. The damage is still accumulating months later -- not because of what happened technically, but because of how disclosure was handled.

The Insider No One Suspected: DOJ Says a Ransomware "Helper" Was Running the Attack

John Z Black Mar 14, 2026

Ransomware #blackcat #ransomware #incident-response #doj #trust #insider-threat #alphv #digitalmint

A ransomware negotiator was secretly feeding BlackCat operators confidential victim data to jack up ransom payments. The DOJ just charged him.

The Ransomware 'Negotiator' Was Running the Attack: DigitalMint's $75M Double Cross

John Z Black Mar 13, 2026

Ransomware #ransomware #incident-response #digitalmint #blackcat #vendor-risk #extortion

Federal charges reveal DigitalMint's ransomware negotiators were allegedly running the attacks themselves. The second employee charged in the same operation. This wasn't a rogue employee. It was the business model.