Defend Less
1–12–2026 (Monday)
Hello, and welcome to The Intentional Brief - your weekly video update on the one big thing in cybersecurity for middle market companies, their investors, and executive teams.
I’m your host, Shay Colson, Managing Partner at Intentional Cybersecurity, and you can find us online at intentionalcyber.com.
Today is Monday, January 12, 2026, and damn if it hasn’t been a long week since we’ve seen each other.
Obviously, tons of news on all fronts here in the US, and in terms of relating it back to cyber, and building on our notes from last week on 2026 strategic imperatives, let me frame one more for you all this week: Defend Less.
Defend Less
There’s news this morning from Politico that President Trump is being briefed on what are being called “cyber options in Iran” - meaning cyber attacks.
As you may know, civil unrest continues in Iran, and for their part, have said that attacks in their country would put US and Israeli bases in the region on the board as legitimate targets.
All of these countries - US, Israel, and Iran - have material cyber capabilities, along with the proxy entrants of Russia and China always looming.
The tie back for us, of course, is the worry about collateral damage. Perhaps that would be direct, but more than likely indirect implications for us.
One interesting one already noted was a network of social media accounts posing as supporters of Scottish independence that all fell silent as Iran’s internet was cut off during the civil unrest to prevent coordination and media coverage.
While we work to navigate these geopolitical challenges, we’re also getting similar unintended consequences around AI - with the past week dominated by news that Twitter’s AI bot, Grok, has been widely used to create and share unconsentual images of women and children. So much so that the “The UK’s independent online safety watchdog, Ofcom, has today opened a formal investigation into X under the UK’s Online Safety Act, to determine whether it has complied with its duties to protect people in the UK from content that is illegal in the UK.”
We will continue to see unintended consequences swinging major impacts in 2026 - which is why I am urging you today to find ways to Defend Less.
The easy way to do this, of course, is to run a tight ship in terms of offboarding and deprovisioning, be it people, identities, machines, or vendors. As technologists - whether IT or cyber - we’re great at building things, spinning things up, tinkering, trying them out, etc. We’re less great at keeping them running and even less great at cleaning them up.
So do yourself a favor - build systems that help you clean up, that help you think before you build, and that regularly review whether you still need the data, the system, the access, the connection, etc.
By defending less, you’re winning on both a strategic and tactical level. You’re less likely to get caught unaware, but you’re also better able to support the resources that truly make a difference for your organization. Less to patch, less to monitor, less to maintain, and less to lose.
This type of discipline is difficult to instill, especially once the luster of the new thing has worn off a bit, but it’s something that’s entirely in your control, often doesn’t take additional budget to get started, and has a demonstrable and ongoing ROI.
You can start today, you can start small, and once you’ve built some momentum and figured out what works for you, begin systematizing these efforts to both limit sprawl and manage cleanup. Both sides of the equation are important.
Fundraising
From a fundraising perspective, the year is off to one hell of a start, with $38.7B in newly committed capital already announced this year, including:
Lindsay Goldberg quietly raised $4.5b for its sixth midmarket PE fund;
BV Investment Partners raised nearly $2.47b for its 12th fund;
Monroe Capital raised $6.1b for its fifth private credit fund focused on lower mid-market companies;
KKR raised $2.5b for its second Asia-focused private credit fund;
Lux Capital raised $1.5b for its ninth fund;
Warburg Pincus raised $3b for its third financial services fund; and
Andreessen Horowitz raised over $15 billion for a group of new funds, including $6.75 billion for its fifth growth equity fund.
At the same time, the New York Times closed the year out with an article whose headline reads “Once Wall Street’s High Flyer, Private Equity Loses Its Luster,” again warning about the challenges of liquidity with an undersized return in comparison to public markets.
Whether or not that will matter is an open question, but at least these big name funds have no problem generating new private capital to invest.
A reminder that you can find links to all the articles we covered below, find back issues of these videos and the written transcripts at intentionalcyber.com, and now sign up for our monthly newsletter, the Intentional Dispatch.
We’ll see you next week for another edition of the Intentional Brief.
Links
https://www.politico.com/news/2026/01/11/trump-briefed-options-iran-00721524
https://ukdefencejournal.org.uk/iranian-linked-scottish-accounts-fall-silent-again/
https://www.nytimes.com/2025/12/23/business/private-equity-stock-market.html