Latest news with #StateofCloudSecurityReport
Techday NZ
30-07-2025
- Business
- Techday NZ
AI adoption in cloud security rises as firms seek data protection
Research from Prowler has shown that artificial intelligence is becoming increasingly important in the field of cloud security, based on insights from over 650 cloud security professionals worldwide. The company's State of Cloud Security Report indicates a growing reliance on AI-driven technologies as organisations seek to address vulnerabilities and fill gaps left by traditional security systems. Adoption rates The report found that 79% of surveyed cloud security teams are now using AI technologies to monitor and manage their environments. This figure suggests a widespread move towards automated systems, with organisations seeking solutions to keep pace with expanding cloud infrastructure and increasing demands on compliance. The adoption of AI in cloud security is being propelled by several factors, notably the ongoing cybersecurity skills gap. Data referenced in the report from an external 2024 ISC2 Cybersecurity Workforce Study estimates a global shortfall of 4.8 million cybersecurity professionals. Nearly half of respondents using AI (44%) cited human augmentation, or the ability to support and improve analyst decision-making, as a primary benefit. Improved data protection was noted by 42% of respondents, and 38% reported enhancements in threat detection and response capabilities using AI systems. Challenges and trust issues Despite high adoption rates, the report highlights that only 42% of cloud teams saw actual improvements in data protection, and just 38% observed real progress in threat detection, suggesting that the benefits of AI are being realised unevenly across organisations. The figures indicate that while there is optimism regarding AI, measurable improvements are still in the process of being confirmed. Prowler's findings also reveal that confidence in AI is tempered by a cautious outlook on its future impact. Only 27% of professionals believe that AI and machine learning-driven analytics will have the most significant effect on cloud security over the next three years. The survey suggests that this cautious optimism is linked to the early stage of adoption and organisations' need for clearer, evidence-based outcomes from AI-based tools. "The pace at which cloud infrastructure is expanding is limiting the ability of many security teams to keep up. That's not just a challenge, it's a significant risk. The data shows a clear evolution and highlights the positives when adopting AI into how cloud security is being approached," said Toni de la Fuente, founder & CEO of Prowler. "Security professionals are not just using AI, they're relying on it to extend the reach and accuracy of their teams. As cloud environments grow more fragmented and real-time visibility becomes harder to maintain, AI's role in augmenting human effort and improving response times has become pivotal." According to the report, the primary uses for AI within cloud security teams relate to the scale and complexity of modern cloud environments, which are often fragmented and require real-time monitoring that traditional systems struggle to deliver. AI tools are being used to automate monitoring, manage compliance requirements, and provide what many professionals describe as 'human augmentation' for overstretched teams. Frameworks and transparency The report concludes that, as AI technology matures, its position as a fundamental element of the security stack is being solidified across diverse sectors with substantial cloud footprints. The analysis also suggests that organisations will only fully realise the benefits of automation and advanced analytics when integrating AI with transparent and adaptable security frameworks tailored for hybrid and multi-cloud systems. Survey data in the report suggests that ongoing challenges for AI adoption include building greater trust through demonstrating real-world efficiencies, resilience and responsiveness. Only then are organisations likely to report higher confidence in AI's influence on core cloud security operations. Follow us on: Share on:
Business Wire
05-06-2025
- Business
- Business Wire
Orca Security Report Reveals Majority of Organizations Introducing Vulnerable AI Packages into Cloud Environments
PORTLAND, Ore.--(BUSINESS WIRE)-- Orca Security, a pioneer of agentless cloud security, today released the 2025 State of Cloud Security Report, providing critical insight into cloud security risks identified by the Orca Cloud Security Platform. Among the key findings, 84% of organizations now use AI in the cloud, and 62% of organizations have at least one vulnerable AI package. Compiled by the Orca Research Pod, the State of Cloud Security Report identifies consistent sources of risk from billions of cloud assets in AWS, Azure, Google Cloud, Oracle Cloud, Alibaba Cloud and hundreds of thousands of code repositories scanned by the Orca Cloud Security platform. Leveraging unique insights into current and emerging cloud risks, the report reveals the most common yet dangerous risk hotspots and how to mitigate them. 'As the cloud increasingly functions as an accelerator for innovation and growth, cloud security is entering a pivotal moment,' said Gil Geron, CEO and Co-Founder, Orca Security. 'While multi-cloud architectures offer outstanding flexibility and growth, it also makes it harder to maintain consistent visibility and coverage across environments. Add AI adoption to the mix, with organizations rushing to run vulnerable packages in the cloud, and you have a uniquely difficult environment for security professionals. Report Key Findings The Orca Security 2025 State of Cloud Security Report finds that: More cloud innovation brings greater cloud risk: As cloud adoption and cloud-native technologies expand, so too does the volume and severity of cloud risks. Nearly a third of cloud assets are neglected today, and each asset contains on average 115 vulnerabilities. Both are two data points among many others illustrating this troubling trend. Attack surfaces are expanding—and risks are increasingly interconnected: 76% of organizations have at least one public-facing asset that enables lateral movement, turning a single risk into an opportunity for broader compromise. Security teams not only need to defend a growing attack surface, but increasingly interconnected risks. To illustrate, 36% of organizations have at least one cloud asset supporting more than 100 attack paths—giving attackers a direct route to endanger high-value assets. Risks span the entire application pipeline: Cloud security risks aren't confined to runtime environments—they often originate earlier in the application development lifecycle. 85% of organizations have plaintext secrets embedded in their source code repositories. If a repository is exposed, attackers can extract the secrets to access systems, exfiltrate data, and more. Innovation is expanding attack surfaces—and the scale of cloud risks: 84% of organizations are now using AI in the cloud, introducing new risks, including AI-related CVEs that enable remote code execution. Kubernetes adoption adds further complexity—93% of organizations have at least one privileged service account, increasing the potential of a breach. Combined with growing multi-cloud adoption, these trends are reshaping the nature and scale of cloud security challenges. 'The 2025 State of Cloud Security Report shows how the increased software development productivity that comes with using cloud services creates challenges of scale for security teams. Traditional exposures, like neglected cloud assets and exposed sensitive data, continue to grow. At the same time, new challenges are emerging—from the rapid rise of non-human identities to a growing number of AI-related vulnerabilities. The report sheds light on how security teams need to address the expanding attack surfaces for effective cloud security,' said Melinda Marks, Practice Director, Cybersecurity, Enterprise Strategy Group. Additional Resources About Orca Security Orca enables organizations to make cloud security a strategic advantage. With the most comprehensive coverage and visibility across multi-cloud environments, the agentless-first Orca Platform unites teams to eliminate complexities, vulnerabilities and risks. Backed by Temasek, CapitalG, ICONIQ Capital, Redpoint Ventures and others, Orca is trusted by hundreds of organizations, including SAP, Gannett, Autodesk, Unity, Lemonade and Digital Turbine. Connect your first account in minutes: or book a personalized demo.
