Cyber magazine july 2026 | Page 23

THE CYBER INTERVIEW
He recalls an instance when a key published in Github was stolen in three seconds.
“ I don’ t think people realise that everything is under surveillance on the internet,” Chet emphasies. These stolen credentials and stolen API keys are leading causes of data breaches as criminals are“ not hacking into things, they are logging into them”.
The exploding threat of machine identities Data from the Sophos State of identity Report highlights the growing problem of non-human identities( NHI), which Chet predicts will be the biggest security challenge in the next couple of years. Enter agentic AI. Chet says that“ some of our customers who use our identity threat detection service have ratios like a 100 machine identities for every one human identity”.
This means NHI growth has been massive and greatly outnumbers humans in the ecosystem, thereby opening the door to a range of new threats.
Chet recalls the biggest cybercriminal hits of 2025 and early 2026, many of them the result of NHI based attacks – specifically, Salesforce tokens stolen by organised cybercriminals gangs like Scattered Spider and Shiny Hunters.
So what’ s the solution? According to Chet, the saving grace is automating the key rotation and doing it every five minutes while monitoring for anomalous behaviour. When asked about the link between
cybermagazine. com 23