The window between knowing and fixing is fragmenting across vendors, researchers, and regulators with no common clock.
Adversaries optimize for access to intent, not classification boundaries
Decision surface: disclosure authority, incident timing, and governance credibility
