Cloud Security Risks and Organizational Adaptation
Misconfigured cloud services continue to pose significant security risks for enterprises, with a recent Qualys report revealing that a large percentage of virtual machines across AWS, GCP, and Azure have improperly configured resources. Security experts highlight that while organizations often enable some cloud security features, critical controls such as logging, monitoring, and multi-factor authentication are frequently neglected, increasing the likelihood of breaches. The report also notes that 28% of surveyed professionals experienced a cloud or SaaS-related breach in the past year, and 24% identified misconfiguration as the top risk to their cloud environments.
As cloud adoption accelerates, organizations are restructuring IT teams to address these evolving security challenges. There is a marked increase in demand for specialized roles such as cloud security architects, system administrators, data architects, and governance/compliance managers. These roles are essential for designing secure cloud infrastructures, managing configurations, ensuring regulatory compliance, and responding to incidents, reflecting a broader industry trend toward prioritizing cloud security and governance as core business objectives.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
Qualys report highlights widespread cloud misconfiguration risk
A Qualys report found persistent misconfiguration problems across major cloud platforms, including AWS, GCP, and Azure, and said 28% of surveyed professionals experienced a cloud- or SaaS-related breach in the past year. The report emphasized common issues such as missing MFA, weak logging and monitoring, and improper network configurations, especially among smaller organizations.
Foundry's 2025 CIO Cloud Computing Survey reports faster cloud migration
Foundry's 2025 CIO Cloud Computing Survey found that 70% of IT decision-makers said their organizations accelerated cloud migration over the past year, with many citing productivity, AI/ML, security, and governance as key drivers. The survey also showed organizations expanding hiring for cloud, security, governance, and FinOps roles to support these efforts.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Strategic Shifts in Enterprise Cybersecurity Preparedness and Cloud Risk Management
Enterprise organizations are increasingly recognizing the convergence of cyber and operational risks, particularly as reliance on cloud infrastructure grows. Recent high-profile outages, such as the AWS US East 1 incident, have demonstrated that disruptions—whether caused by technical failures or cyberattacks—can have similar operational and reputational impacts. Security leaders are urged to prioritize preparedness, scenario planning, and governance to address these challenges, as traditional backup architectures may not be sufficient to mitigate the cascading effects of cloud service failures. The growing adoption of hybrid and multi-cloud environments, driven by business needs and AI integration, further complicates risk management, requiring organizations to adapt their security strategies to address the unique challenges posed by cloud diversity and complexity. Surveys and expert commentary highlight that a majority of organizations now depend on hybrid or multi-cloud strategies, with a significant portion planning further cloud adoption. This shift necessitates a holistic approach to cloud risk, emphasizing the importance of resilience, compliance, and proactive risk mitigation. Security teams must navigate the increased attack surface and operational dependencies introduced by cloud environments, ensuring that both technical and organizational measures are in place to manage and contain cloud-related risks effectively. The evolving landscape underscores the need for continuous adaptation of cybersecurity strategies to safeguard critical business functions in an era of ubiquitous cloud reliance.
Mar 21, 2026
Compromised Credentials and Misconfigurations as Leading Causes of Cloud Security Incidents
A recent Amazon Web Services (AWS) report, produced in collaboration with Vanson Bourne, highlights that compromised credentials and misconfigurations are among the top causes of security incidents in public cloud environments. The report, based on a survey of 2,800 technology and security firms across 13 countries, found that vulnerability exploitation accounted for 24% of cloud security incidents, while compromised credentials were responsible for 20%. Physical theft and misconfigurations followed at 19% and 16%, respectively. The findings emphasize that as organizations rapidly migrate applications and data to the cloud, human factors and operational errors remain significant contributors to breaches, with nearly 80% of organizations reporting a data breach in the past year, whether on-premises or in the cloud. Experts cited in the report stress the critical need for identity-aware security strategies, such as microsegmentation, to limit attackers' ability to exploit valid accounts and move laterally within compromised networks. The convergence of cloud persistence, token replay attacks, and traditional malware techniques has increased the risk landscape, making it essential for organizations to address identity security debt and implement robust controls to protect cloud environments. The report also notes that while confidence in cloud adoption is high, cybersecurity and privacy concerns remain the primary barriers for many organizations, underscoring the importance of continuous vigilance and proactive security measures in cloud operations.
Mar 21, 2026
Common Security Challenges and Best Practices in Cloud and Hybrid Environments
Organizations increasingly face complex security challenges as they migrate data and operations to public cloud services such as AWS, Azure, and Google Cloud Platform. One company experienced a near-miss incident when a developer accidentally exposed a customer database on AWS S3, highlighting the critical importance of default encryption and strict access controls. Security teams learned that enabling server-side encryption in AWS, Storage Service Encryption in Azure, and Cloud Storage encryption in GCP is essential for protecting sensitive data at rest and in transit. The principle of least privilege proved vital, with careful management of IAM roles in AWS, RBAC policies in Azure, and Cloud IAM in GCP preventing unnecessary access. Automated security monitoring, using tools like AWS CloudTrail, Azure Monitor, and GCP Cloud Audit Logs, is necessary to detect and respond to suspicious activity or configuration changes in real time. In another case, a company discovered the risks of an unplanned hybrid cloud environment, where data was scattered across AWS, a private data center, and Google Cloud due to decentralized adoption by different departments. The lack of visibility into data locations created a significant security blind spot, prompting the implementation of a unified dashboard to track all assets. The disappearance of the traditional network perimeter in hybrid environments led to the adoption of single sign-on (SSO) and multi-factor authentication (MFA) across all platforms, ensuring secure access regardless of location. Both experiences underscored the need for coordinated security strategies and cross-departmental collaboration to manage cloud and hybrid environments effectively. Security teams must recognize that identity management is now the primary defense, requiring robust authentication and authorization mechanisms. The stories also illustrate the importance of rapid incident response and the value of learning from near-miss events to strengthen future defenses. Regular audits, continuous monitoring, and proactive policy enforcement are necessary to maintain security in dynamic cloud and hybrid infrastructures. Organizations are advised to treat cloud security as an ongoing process, adapting to new threats and technologies as they emerge. The lessons learned from these incidents are applicable to any organization leveraging cloud services, regardless of size or industry. Ultimately, a combination of technical controls, organizational policies, and user education forms the foundation of effective cloud and hybrid security. By prioritizing visibility, access management, and automated monitoring, companies can reduce the risk of data breaches and maintain customer trust. These best practices are essential for safeguarding sensitive information in today's interconnected digital landscape.
Mar 21, 2026