Can “Excess Access” produce a cyber threat?