Machines Gain Access. Leaders Carry the Risk.
Cyber This Week Edition 99 explores machine identities, API-token risk, autonomous AI agents, strategic cyber leadership, ransomware response, data breaches, collaboration security, and defence-in-depth.
Cybersecurity is moving beyond human users, traditional access controls, and purely technical risk. This edition of Cyber This Week explores how machine identities, API tokens, AI agents, and automated systems are creating new forms of insider risk, while security teams work to separate practical AI use cases from hype and rethink rigid controls that may fail in dynamic environments. At the same time, cyber risk is becoming a core business and governance issue. From the evolving role of the CISO and board-level strategy to ransomware response, collaboration security, major breaches, and defence-in-depth for critical infrastructure, the focus is shifting towards accountability, resilience, and better-informed decisions.

This Week's Articles
- 01SecurityInfoWatch
The Hidden Identity Threat Lurking Behind APIs and Automation
Machine identities now significantly outnumber human users in many enterprises, with API keys, OAuth tokens, and service accounts often unmanaged, overprivileged, or poorly rotated. The article explains how attackers exploit these vulnerable machine identities and highlights their emergence as a rapidly expanding attack surface that traditional IAM programmes struggle to govern.
Why it mattersUnmanaged machine identities can quietly gain excessive access across critical systems. Organisations need stronger ownership, rotation, monitoring, and governance of non-human credentials.
- 02CIO
Your next insider threat doesn't have a badge. It has an API token
AI agents and automated components can effectively become insiders because they hold powerful API tokens and can act autonomously beyond the visibility and control of traditional user-centric security models. The article focuses on understanding and limiting what agents are permitted to do, and reconstructing what an agent was allowed to do and actually did after an incident.
Why it mattersAutonomous agents can cause insider-like harm without human intent. Security teams need enforceable permissions, activity records, and clear accountability for non-human actors.
- 03Forbes Technology Council
Cutting Through AI Hype: Building A Pragmatic Cybersecurity Strategy
Cybercriminals are rapidly adopting AI to produce convincing, personalised scams, social engineering, and other attacks at scale, increasing both frequency and sophistication. The article offers guidance on separating genuinely valuable security applications of AI from hype, so teams can prioritise practical use cases when building an AI-enabled cyber strategy.
Why it mattersAI investments should solve real security problems rather than follow market hype. Clear use cases and measurable outcomes help organisations direct resources effectively.
- 04SC World
Stop trying to 'lock down' your AI: Why rigid guardrails are a gift to hackers
This article challenges the assumption that maximally restrictive guardrails are always the safest approach for AI agents accessing sensitive data or performing critical actions. It explores how overly rigid and static controls can become predictable, brittle, and exploitable when agents operate in dynamic environments with changing threats and data.
Why it mattersAI security controls must be adaptive as well as restrictive. Static rules can create blind spots when systems, data, and attacker behaviour change.
- 05Cybersecurity Dive
US enterprises incorporate cyber risk into larger strategic focus
Large US enterprises are reassessing business risk amid rising AI use and aggressive cloud adoption, with cyber risk becoming deeply integrated into top-level strategic discussions. Boards and executives are embedding cyber considerations into wider decisions, including transformation programmes and ecosystem partnerships.
Why it mattersCyber risk is increasingly shaping investment, transformation, and partnership decisions. It must be included early in enterprise strategy rather than reviewed after decisions are made.
- 06CSO Online
The modern CISO is becoming the next CFO
Cyber risk is now treated as business risk, expanding the CISO's responsibilities beyond technical security into enterprise-wide decision-making. The modern CISO is described as an executive who quantifies cyber risk financially, influences investment choices, and participates in core governance processes.
Why it mattersCISOs need financial, governance, and communication skills in addition to technical expertise. Their influence increasingly depends on translating cyber exposure into business terms.
- 07Dark Reading
European Organizations Have a Collaboration Security Confidence Gap
European organisations report significant difficulty securing collaboration with external parties, particularly when using multiple internal collaboration platforms. A lack of simple, unified tools for granting selective and controlled access is contributing to low confidence in collaboration security.
Why it mattersExternal collaboration can create fragmented access controls and unclear data exposure. Organisations need simpler and more consistent ways to govern third-party access.
- 08Ars Technica
Ransomware negotiator hired to represent victims was working for the attackers
A former ransomware negotiator has been sentenced to 70 months in prison for secretly collaborating with the BlackCat ransomware group. He helped extort organisations that had engaged him to negotiate on their behalf during ransomware incidents, betraying his clients for the attackers' benefit.
Why it mattersIncident-response partners operate in highly sensitive positions of trust. Organisations need due diligence, contractual controls, oversight, and clear conflict-of-interest safeguards.
- 09Security Magazine
6 Data Breaches to Know About (June 2026)
Security Magazine provides a concise round-up of six notable data breaches disclosed in June 2026, summarising the key facts of each incident. It offers a snapshot of current breach patterns and developments rather than a deep technical analysis.
Why it mattersRegular breach reviews help security leaders identify recurring weaknesses, affected sectors, and emerging patterns that may influence their own risk priorities.
- 10Hydrocarbon Engineering
Defence-in-depth cybersecurity
This special report examines how oil, gas, and chemical facilities can define tolerable risk levels while maintaining uptime by combining safety, reliability, and cyber resilience. It considers supply-chain vulnerabilities alongside cybersecurity exposure in industrial control and operational technology environments, advocating a defence-in-depth approach.
Why it mattersCritical infrastructure cannot rely on a single security control. Layered protection must balance cyber resilience with operational safety, reliability, and availability.
