Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we learn more about synthetic identity fraud.

Permission creep rarely looks dangerous at first. It starts as a temporary fix, such as granting an admin role to unblock a deployment. Over time, those temporary decisions become permanent standing permissions. The result is an AWS estate littered with high-privilege roles that sit idle for months, expanding your attack surface without anyone actively noticing. It takes organizations an average of 277 days to identify and contain a breach.

In case you missed it, Egnyte recently presented a webinar focused on an ongoing yet potentially overlooked problem for many organizations—their file server strategy. Our discussion covered a ton of ground, but I thought it was important to recap some of the takeaways and recommended next steps here.

This week’s McKinsey incident should be a wake-up call for every enterprise moving fast to deploy AI. Not because AI itself is inherently insecure. But because too many organizations are still thinking about AI security at the model layer, while the real enterprise risk sits in the action layer: the APIs, MCP servers, internal services, and shadow integrations that AI agents can reach, invoke, and manipulate. That is the part most companies still do not see.

The real challenge for MSPs isn’t growth, it’s scaling effectively. As MSPs increase their client base and expand their service portfolios, managing multiple tools, consoles and vendors becomes progressively more complex, impacting operational efficiency and margins. In many cases, this isn’t the result of poor decision-making, but rather the evolution of the business.

As organizations manage sensitive data across endpoints, cloud platforms, and a growing number of SaaS applications, having clear visibility into where data lives and how it moves has become increasingly important. For companies operating in highly sensitive and IP driven environments, the ability to understand data access and respond quickly to risk is essential.

Sure, they would vastly prefer targeting organizations in the opponent’s supply chain (which is why new requirements like CMMC are absolutely crucial), but every organization that is affiliated with or operates in the adversary’s territory becomes a target no matter how large or small.