Jakarta, INTI - AI driven digital transformation is bringing significant consequences for cloud security. The latest State of Cloud Security Report 2025 released by Palo Alto Networks reveals emerging risk patterns that substantially expand the cyberattack surface in global cloud environments.
The report indicates that cybercriminals are no longer focusing solely on conventional security gaps. Instead, they are increasingly targeting the fundamental layers of the cloud that underpin AI operations. Key targets include API infrastructure, identity systems, and lateral network movement pathways, reflecting organizations’ growing reliance on AI-based services.
One of the most notable findings is a 41% surge in attacks targeting APIs. Serving as the main connectors between applications and AI agents, APIs have become favored entry points for attackers. The massive reliance of AI on APIs means that even minor vulnerabilities can escalate into major security incidents.
Meanwhile, digital identities remain a critical weak point. According to the survey, 53% of respondents acknowledged that poor management of Identity and Access Management (IAM) is a major cloud security challenge. Lax access controls increase the risk of credential theft and account takeover, particularly in complex multi-cloud environments.
Weak Digital Identities and Fragmented Security Tools
Threats are also rising through lateral movement across cloud workloads. About 28% of organizations reported that unrestricted network access allows attackers to move easily from one system to another, enabling minor incidents to quickly escalate into large-scale data breaches.
The complexity is further compounded by the overuse of security tools. On average, organizations now operate 17 cloud security tools from five different vendors, creating data fragmentation and visibility blind spots. As a result, incident detection and response processes are slow and uncoordinated.
“Threats are now moving at machine speed, while many organizations still rely on fragmented and reactive security approaches,” said Elad Koren, Vice President of Product Management, Cortex, Palo Alto Networks. He added that traditional cloud security models are no longer adequate to defend against increasingly adaptive and automated AI-driven attacks.
AI-Driven Threats Necessitate SOC Integration
The report emphasizes that integrating cloud security with a Security Operations Center (SOC) is no longer optional but a strategic necessity. About 89% of organizations believe that cloud and application protection must be directly linked to the SOC to enable real-time threat response. As the threat landscape continues to evolve, cloud security is entering a new phase, where speed, end-to-end integration, and AI-driven automation are essential to defend against next-generation cyberattacks.
Conclusion
The rise of AI-driven threats is reshaping cloud security, making API vulnerabilities, weak identity management, and fragmented security tools critical challenges. Organizations must integrate cloud security with SOCs and leverage AI-based automation to ensure faster, comprehensive, and proactive protection against next-generation cyberattacks.
Read more: AI Expert Says Humanity Has More Time Before Potential AI Catastrophe