The text discusses the increasing exploitation of excess permissions in critical systems by threat actors as a leverage point for cyberattacks. It highlights how organizations moving to public clouds often enable a liberal approach to access rights, leading to unnecessary shadow privileges that can be easily exploited by attackers. The article also explains why cloud over-permissioning happens and the challenges faced in gaining visibility into effective permissions across multiple cloud providers. Finally, it introduces Veza as a solution to discover, understand, and normalize permissions, helping organizations uncover and remediate the sprawl of effective permissions and reduce their attack surface.