Cloud security teams are in turmoil as attack surfaces expand at an alarming rate

Cloud security teams are scrambling to keep pace with expanding attack surfaces, new research shows, largely due to the rapid adoption of enterprise AI solutions.

In a survey of more than 2,800 security executives and practitioners by Palo Alto Networks, 99% said they had experienced an attack against AI applications and services in the past year.

Meanwhile, the firm warned generative AI-assisted vibe coding is in use by 99% of respondents - but is generating insecure code faster than security teams can review it.

Of the 52% of teams that ship code weekly, only 18% say they can keep up with fixing the vulnerabilities the technology creates.

“As organizations aggressively scale cloud investments to power AI initiatives, they are inadvertently opening the door to sophisticated new attack vectors," said Elad Koren, vice president of product management at the firm's Cortex security platform.

Notably, Palo Alto warned attacks are getting faster, with breaches that took an average of 44 days in 2021 now taking as little as 25 minutes.

"The speed, scale, and sophistication we’ve observed over the past couple of years is incredible," said Haider Pasha, vice president and chief security officer, EMEA, at Palo Alto Networks.

Attackers are increasingly exploiting the foundational layers of the cloud, targeting API infrastructure, identity, and lateral network movement. API attacks, for example, are up by 41%, making them a primary entry point for sophisticated threats.

The top challenges for cloud security teams

Meanwhile, 53% of respondents cited lenient identity and access management (IAM) practices as a top challenge, saying that insufficient access controls are now a leading vector for credential theft and data exfiltration.

These findings align closely with a recent study from Okta, which also highlighted growing concerns about identity security.

An August survey from the firm found 85% of security leaders now view IAM as a critical security focus, marking an increase on the year prior.

Elsewhere, long-running issues with tool sprawl are adding insult to injury for cloud and security practitioners. Disparate tools are creating dangerous blind spots, the company noted, with respondents now managing an average of 17 cloud tools from an array of vendors.

The resulting fragmented data and context gaps are prompting 97% of respondents to prioritize consolidating their cloud security footprint.

SOC teams are struggling

Security operations center (SOC) staff are also struggling amidst a surge in cloud-related attacks, Palo Alto found. A key factor here lies in disjointed workflows and isolated data sources between cloud and SOC teams, the study noted.

This lack of alignment is stalling remediation efforts, with nearly one-third (30%) of respondents revealing they take more than a full day to resolve an incident.

To cope, researchers said cloud and SOC teams must merge, with 89% of organizations believing cloud and application security must be fully integrated with the SOC to be effective.

"Our research confirms that traditional approaches to cloud security are inadequate, leaving security teams to fight machine-speed threats with fragmented tools and slow, manual fix cycles," said Koren.

"Teams need more than just dashboards highlighting risks they can never burn down; they must transform with an agentic-first platform that spans code to cloud to SOC to finally operate faster than the adversary.”

FOLLOW US ON SOCIAL MEDIA

Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.

You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.