You are responsible for an application that started as a monolith and is being split into microservices behind an API gateway. The system handles customer account data and internal service-to-service requests, and your team has already seen one incident where a compromised service token was reused laterally. You need to explain how the architecture choice changes the security and infrastructure risks you must manage.