US Spy Law Expiry Sparks Battle Over Warrantless Surveillance of Americans

As the clock ticks toward an April 30 deadline, a contentious debate is unfolding in Washington over the future of a powerful surveillance law. At the heart of the dispute is warrantless surveillance of overseas communications—a practice that also sweeps up data on countless Americans. Lawmakers are deeply divided on whether to renew the law as is or impose new privacy protections.

What Is Section 702 and Why Does It Matter?

Section 702 of the Foreign Intelligence Surveillance Act (FISA) permits agencies like the National Security Agency (NSA), the CIA, and the FBI to collect foreign communications flowing through U.S. networks without individual warrants. However, this dragnet also captures the phone logs, emails, and other data of Americans who contact people under surveillance abroad.

This practice has drawn sharp criticism from civil liberties advocates, who argue it violates constitutional protections. The law is set to expire on April 30 after a brief extension passed last week, leaving lawmakers scrambling for a solution.

Bipartisan Push for FISA Reform

A bipartisan group of House and Senate members is calling for sweeping changes to curb warrantless surveillance. Their proposed solution is the Government Surveillance Reform Act, introduced in March by Senators Ron Wyden (D-OR) and Mike Lee (R-UT). The bill seeks to close the so-called “backdoor search” loophole, which allows agencies to search through collected data on Americans without a warrant.

Another key provision would stop federal agencies from buying Americans’ location data from commercial brokers. FBI Director Kash Patel recently confirmed in a congressional hearing that the bureau purchases such data without court approval. This practice has alarmed both Republicans and Democrats, who see it as an end-run around the Fourth Amendment.

Privacy groups like the American Civil Liberties Union (ACLU), the Electronic Privacy Information Center (EPIC), and the Project on Government Oversight (POGO) strongly support the bill.

The Secret Legal Interpretation

Senator Wyden, a longtime privacy advocate, has warned that multiple administrations have relied on a secret legal interpretation of Section 702 that directly affects Americans’ privacy rights. He has urged the government to declassify this information so that lawmakers can debate it openly. Representative Thomas Massie (R-KY) echoed these concerns after viewing classified FISA court documents, stating on X that the Constitution requires him to vote against reauthorization.

What Happens If Section 702 Expires?

Even if the law lapses on April 30, warrantless surveillance will not stop immediately. A legal quirk allows the Foreign Intelligence Surveillance Court (FISC) to certify the government’s practices for another year, effectively extending surveillance until March 2027 unless Congress intervenes.

Additionally, the government has other tools, such as Executive Order 12333, a secret presidential directive that governs much of its overseas surveillance and also ensnares Americans’ communications. This means the debate over Section 702 is just one piece of a larger puzzle about privacy and security.

As technological advances make surveillance easier than ever, the outcome of this legislative battle will have lasting implications for Americans’ privacy rights. For more on digital privacy, check out our guide on protecting your privacy online and the history of surveillance laws.

CISOs Urged to Innovate in Talent Retention as Job Satisfaction Declines

Cybersecurity leaders face a mounting crisis: job satisfaction among their teams is slipping, and a growing number of professionals are eyeing the exit door. A new report from IANS and Artico Search calls on CISOs to get aggressive and innovative with their talent retention strategies if they hope to keep top performers. Based on interviews with over 500 US cybersecurity professionals, the 2026 Cybersecurity Talent Report paints a stark picture of an industry in flux.

Why Job Satisfaction Is Falling Among Cybersecurity Teams

The numbers are sobering. Only 34% of respondents plan to stay in their current role over the next year. Meanwhile, 43% are actively considering a job change—a figure that jumps to 46% among senior professionals. What’s driving this restlessness? According to the report, career progression, compensation satisfaction, and a healthy work-life balance are the strongest predictors of job satisfaction. Interestingly, while pay matters, even modest salary increases can boost satisfaction and retention more effectively than flat compensation.

This means that CISOs cannot rely on hefty paychecks alone. As Steve Martano, IANS faculty member and partner at Artico Search, explains: “We still see junior-level cyber professionals commanding high levels of compensation, but it is clear that top-quartile talent is seeking more than just a hearty paycheck. Visibility, career growth, and support from security leadership are necessary to keep high performers.”

Innovative Talent Retention Strategies for CISOs

Rethink Work Models for Better Work-Life Balance

One clear signal from the report is the power of hybrid work. Professionals who work on-site one or two days per week report the strongest work-life balance outcomes. CISOs looking to improve talent retention strategies should consider flexible schedules that give employees autonomy without sacrificing team cohesion.

Prioritize Career Development and Mentorship

Another key finding: 73% of security professionals who believe cybersecurity is a core organizational priority report high job satisfaction. In contrast, only 19% of those who see little senior backing feel the same. This gap highlights the importance of visible leadership support. Nick Kakolowski, senior research director at IANS, advises: “As pressure on cyber teams skyrockets, CISOs who double down on mentorship, coaching and career development can create a sense of purpose and progression that helps their employees avoid burnout.”

Building on this, CISOs should create clear career pathways and invest in professional development programs. When employees see a future in their organization, they are far less likely to jump ship. For more on this, check out our guide on cybersecurity career development best practices.

The Hidden Cost of Ignoring Retention

A separate IANS report from last year underscores why retention matters so much. Over half of CISOs face staff shortages, often due to hiring freezes or budget constraints. This leads to heavier workloads for remaining team members, driving down morale and increasing quality assurance issues. Ultimately, the report claims, weakened defenses become the new normal.

The broader industry picture is equally troubling. An ISC2 report from December found that 59% of global organizations have critical or significant skills shortages, up from 44% the previous year. The two biggest culprits: talent shortages (30%) and lack of budget (29%). Alarmingly, 88% of respondents said these shortages have led to at least one significant cybersecurity incident.

Actionable Steps for Security Leaders

So, what can CISOs do today? First, audit your team’s work-life balance and consider hybrid options. Second, make career development a priority—not a side project. Third, communicate the strategic importance of cybersecurity at the executive level to ensure your team feels valued. Finally, don’t underestimate the power of small compensation adjustments. As the IANS report shows, even incremental pay increases can improve satisfaction and retention.

For a deeper dive into building resilient teams, explore our article on building high-performing cybersecurity teams. The stakes have never been higher, but with the right talent retention strategies, CISOs can turn the tide.

Ex-Ransomware Negotiator Admits to Double-Crossing Victims for Profit

A former ransomware negotiator has pleaded guilty to helping cybercriminals extort companies, marking the third such case in the past year. Angelo Martino, once employed by cybersecurity firm DigitalMint, confessed to betraying his clients by feeding confidential information to the operators of the ALPHV/BlackCat ransomware group.

According to the U.S. Justice Department, Martino admitted to playing both sides during five separate incidents. While ostensibly working for victims, he secretly passed details about their insurance policy limits and negotiation strategies to the criminals. His goal: maximize the extortion payout, from which he took a cut.

The Betrayal Behind the Negotiation Table

Prosecutors described Martino’s actions as a calculated breach of trust. “Angelo Martino’s clients trusted him to respond to ransomware threats and help thwart them,” said Assistant Attorney General A. Tysen Duva. “Instead, he betrayed them and began launching ransomware attacks himself.”

This case is not isolated. In 2024, two other cybersecurity professionals—Kevin Tyler Martin (also a DigitalMint employee) and Ryan Clifford Goldberg (a former incident response manager at Sygnia)—were charged with similar offenses. Authorities had mentioned a third unnamed individual; we now know it was Martino.

How the ALPHV/BlackCat Ransomware Scheme Worked

ALPHV/BlackCat operates as a ransomware-as-a-service model. The gang develops and maintains the file-locking malware, while affiliates deploy it in attacks and share a portion of the ransom with the developers. Martino, along with Martin and Goldberg, essentially became affiliates for six months in 2023.

During that period, the trio extorted over $1.2 million from a single victim, prosecutors said. Martino pleaded guilty to extortion and faces up to 20 years in prison. Authorities have already seized $10 million in assets from him.

The DigitalMint Connection

When reached for comment, an unnamed DigitalMint spokesperson told TechCrunch that the company had no knowledge of Martino’s criminal actions. They added that both employees were fired after the accusations surfaced. However, the case raises questions about oversight in the cybersecurity incident response industry.

Building on this, Martino’s guilty plea highlights a troubling trend: insiders exploiting their access to sensitive victim data for personal gain. As ransomware attacks continue to rise, companies must vet their incident response partners more rigorously.

Law Enforcement Actions Against ALPHV/BlackCat

In 2023, an international coalition of law enforcement agencies seized the dark web leak site of ALPHV/BlackCat, disrupting its operations. They also released a decryption tool to help over 500 victims restore their systems. This takedown, however, did not stop the group’s affiliates from operating independently.

For more insights on ransomware response strategies, check out our guide on building a ransomware response plan. Additionally, learn how to negotiate with cyber insurers without exposing critical data.

As a result, the Martino case serves as a stark reminder: even those hired to protect can become the threat. Companies must implement strict protocols to monitor third-party negotiators and ensure they act solely in the victim’s interest.