- CIOsurge
- Posts
- 🔐 The Credentials No One Owns Are Your Biggest Risk
🔐 The Credentials No One Owns Are Your Biggest Risk
Non-Human Identity Risks Emerge, Salesforce Tightens Data Access, FinOps Clarifies Multicloud Commitments
Aimply Team & Zack Tembi
December 22, 2025
Non-Human Identity Risks Emerge, Salesforce Tightens Data Access, FinOps Clarifies Multicloud Commitments
Powered by Single Fin
Welcome to this week’s edition of CIOsurge!
This week:
From my conversation with Michael Silva, one of the clearest gaps in enterprise security is non-human identity. Service accounts, API keys, and automation now power critical workflows, yet visibility and controls have not kept pace with their growth.
Salesforce’s move to tighten and monetize data access is a reminder that data gravity is commercial as much as technical. When systems of record control APIs and AI pipelines, integration cost and flexibility become board-level concerns.
Meanwhile, FinOps is maturing. With FOCUS 1.3 adding clarity around contracts and shared spend, CIOs finally have a path to stop debating billing math and start making deliberate decisions about where to invest, renegotiate, or constrain usage.
Let’s make this week a game-changer.
Stay sharp. Stay ahead.
🥂 You’re Invited, AI and Identity Forum
I’m hosting a CIOsurge Technology Executive Forum in NYC on AI, identity, and the new attack surface. No presentations, no sales pitches, just a good room of senior IT leaders comparing notes on AI-native security, non-human identity exposure, and what defending at machine speed actually requires.
If this is already on your 2026 roadmap, I’d love to have you there. Space is limited and registration is subject to approval.
📅 Date: Thursday, January 22, 2026 | 5:00 PM - 8:00 PM
📌 Location: Bar Jamon, New York, NY | 125 E 17th St, New York, NY 10003
🔗 Link: Request an invitation here
💡 Guest Expert Insights: Michael Silva
🔐 The Credentials No One Owns Are Your Biggest Risk
I recently spoke with Michael Silva, Field CTO at Astrix Security, Marine veteran, and longtime practitioner across MSPs, Cisco, and cloud security startups. One theme he kept coming back to was how uneven security investment has been over the last decade.
Most organizations poured time and money into protecting humans. Phishing, MFA, awareness training, and user behavior got real attention. Meanwhile, service accounts, API keys, and other programmatic access paths multiplied quietly, often without strong visibility or consistent controls.
That imbalance mattered less when automation was limited. It matters a lot now. As non-human identities power more critical systems and workflows, they have become one of the most attractive and least understood attack surfaces in the enterprise.
🔒 Salesforce tightens data access, raising integration costs for CIOs
Salesforce’s higher API fees for its Connector program are rippling through the ecosystem, pushing integration vendors to absorb costs or pass them on. Analysts warn CIOs could face double-digit spend increases, reduced tool choice, and tighter control over how Salesforce data is accessed for analytics and AI workloads.
This is a reminder that data gravity isn’t just technical—it’s commercial. When your system of record controls APIs, integrations, and AI access under one pricing framework, flexibility erodes quickly. What looks like a partner pricing change upstream can land as a material budget and architecture problem downstream.
For CIOs, the immediate work is defensive: map integrations, model exposure, and lock in pricing protections where possible. Longer term, this should force a hard look at data portability and architectural optionality. If AI strategy depends on open data movement, vendor control points like this need to be treated as first-order risk, not contract fine print.
- Zack Tembi
💸 FinOps adds contract and allocation clarity to multicloud billing
The FinOps Foundation updated FOCUS to version 1.3, adding support for contractual commitments and negotiated agreements, better shared-cost allocation across workloads, and metadata that shows how fresh and complete spend/usage data is. The goal is to make multiprovider cost tracking more consistent as enterprises expand cloud, SaaS, and AI usage.
This matters because the hardest conversations aren’t about “why is the bill high,” they’re about “what are we contractually locked into,” “who owns shared spend,” and “is the data current enough to act on.” FOCUS 1.3 is aimed directly at those pain points—especially in hybrid/multicloud shops where finance, procurement, and engineering are all looking at different versions of the truth.
The CIO move here is to treat this as a governance upgrade, not a tooling tweak. If you can normalize commitment data and shared allocations across providers, you can stop debating the math and start debating the decisions: which workloads deserve premium spend, where to renegotiate, and where to enforce guardrails before AI and SaaS consumption turns into another black box.
- Zack Tembi
🗞️ At A Glance
💡 CIO Spotlights
Tenable taps ex-Microsoft leader Vlad Korsunsky as CTO to steer AI security
Vlad Korsunsky joins Tenable as CTO, setting the company’s technology direction while also leading its Israel Innovation Center.
A former Microsoft CVP, Korsunsky brings deep experience in cloud, enterprise, and AI security, including exposure management at global scale.
His mandate centers on expanding the Tenable One platform and advancing AI-led security as enterprise risk grows.
Leidos taps Ted Tanner as AI-focused CTO to power next growth phase
Leidos appointed Theodore “Ted” Tanner Jr. as chief technology officer, effective Jan. 5, 2026, succeeding longtime CTO Jim Carlini.
Tanner brings deep AI and defense experience from BigBear.ai, with prior roles at Apple, Microsoft, and IBM Watson Health.
His mandate aligns with Leidos’ NorthStar 2030 strategy, using AI to drive outcomes across defense, cyber, health, and infrastructure.
Reply