Incident Impact, Insider Threat, and Time to Weaponization
2–16–2026 (Monday)
Hello, and welcome to The Intentional Brief - your weekly video update on the one big thing in cybersecurity for middle market companies, their investors, and executive teams.
I’m your host, Shay Colson, Managing Partner at Intentional Cybersecurity, and you can find us online at intentionalcyber.com.
Today is Monday, February 16, 2026, and it’s President’s Day here in the US, as well as provincial holiday Family Day up in British Columbia, Canada.
We’ve got a few things to update you on this week, so let’s jump right in.
Incident Impact, Insider Threat, and Time to Weaponization
We’ve got a bit of a news roundup this week, as we’re focused on what matters to teams building and defending middle market businesses.
The first is a check-in with a story we covered last week - payment provider BridgePay Network Solutions. As regular watchers of the show will be able to guess, they got hit by ransomware on 2/6, and within a couple of hours were hard down.
Checking in now, on Monday 2/16, now 10 days later, and they are still hard down. Their latest update was 4 days ago, and notes only that
Small comfort to customers, and I’m sure the reality of what those teams are living on a daily basis is tough. Preventable, of course, but still hard to be where they are today.
Shifting to another team, we saw another example of how quickly vulnerabilities are weaponized by attackers. In this case, threat actors began attacking remote support and privileged remote access tool BeyondTrust within 24 hours of a new vulnerability being released as a “Proof of Concept.”
Several other threat research outfits have confirmed in-the-wild exploitation, including WatchTowr and Defused.
Again, a reminder that you need to be able to patch faster than the attackers can weaponize (a shrinking timeline). There’s also the uncomfortable elephant in the room of vendors being able to get a patch out as quickly, which is often not the case. In those instances, you need to be able to deploy other compensating controls or countermeasures, which is often easier said than done with these types of tools - especially if you’ve got workflows or automations built out for them.
Our final reminder today is a somewhat silly insider threat case, that stems from spyware provider Paragon, whose General Counsel posted a selfie on LinkedIn. Not usually a problem, except for the fact that this selfie was taken with a big dashboard of the company’s secretive product behind the people in the photo. It gave previously undisclosed details about how the product works, what it can capture, and how it extracts data from phone numbers and social media applications.
We saw something similar in a picture released during the US raid on Venezuela, where pictures released on Twitter showed the President, US Secretary of State and Secretary of Defense in front of a big screen - this one apparently the search page of Twitter with the word “Venezuela” typed in.
Good timing to remind yourself and your people about how these seemingly innocuous actions can have real consequences.
Fundraising
From a fundraising perspective, a solid week this week, with more than $14.2B in newly committed capital, including:
Blue Owl raised over $3b for its inaugural "strategic equity and secondaries strategy”;
Montana Capital Partners raised $1.4b for its sixth PE secondariers fund, focused on midmarket opportunities in North America and Western Europe.;
Vision Ridge raised $2.4b for its fourth sustainable asset real assets strategy; and
Oaktree Capital held a $2.4b first close on its fourth special situations fund
There’s also an interesting article in the Wall Street Journal noting that Ivy League universities may be looking to draw down the private equity investments from their endowments. The article notes that a significant amount of funding will remain in PE, as “it is many elite universities’ biggest holding—making up more than 40% of assets at Harvard, Yale and Princeton” (whose combined endowments total more than $133B), but that the returns and lack of liquidity compared to public markets are raising both eyebrows and questions on-campus.
A reminder that you can find links to all the articles we covered below, find back issues of these videos and the written transcripts at intentionalcyber.com, and now sign up for our monthly newsletter, the Intentional Dispatch.
We’ll see you next week for another edition of the Intentional Brief.
Links
https://status.bridgepaynetwork.com/incidents/mgg52286dn24
https://bsky.app/profile/jurrevanbergen.nl/post/3mels73udpk25