The industry speaks: World Cloud Security Day 2026

Identity sits at the heart of cloud security. The threat landscape has shifted considerably – attackers are less likely to break through defences than to walk in through legitimate access points, using compromised credentials or exploiting over-provisioned accounts that have not been reviewed in months. Securing the cloud is ultimately about controlling who and what can access it, under what circumstances, and with what level of ongoing oversight. That requires a security infrastructure that operates at the speed and scale of the cloud itself. Yet for many organisations, the platforms they rely on to manage that are not keeping pace.

Cloud security has become a crowded market, with many solutions available. It is important to look beyond simply having a solution in place and consider whether it truly addresses the evolving challenges of cloud environments.

The most important questions are rarely about features. They are about architecture, and specifically whether the platforms organisations rely on to secure their cloud environments are purpose-built for the cloud or simply adapted from legacy systems. A security platform that cannot update itself automatically, scale without manual intervention, or maintain consistent visibility across a multi-cloud environment is not closing the gap. It is part of it.

World Cloud Security Day is a good occasion to ask whether your cloud security solution is genuinely suitable for the environment you are operating in today, and if it provides deep enterprise resilience.

Giri Jayaprakash
Client partner at Adactin

World Cloud Security Day is increasingly prompting a rethink of where cloud risk truly sits. While security discussions have traditionally focused on infrastructure and perimeter controls, industry attention has shifted towards a different reality: most cloud incidents now begin with valid access, not technical exploits. Modern cloud environments are governed by a control plane made up of identities, permissions, APIs, and automation, and it is this layer, rather than the underlying infrastructure, that has become the most attractive target. The perimeter hasn’t failed; it has largely ceased to exist.

VIEW ALL

Indeed, today, a growing area of concern is identity and permission drift at scale. As organisations adopt automation, CI/CD pipelines, and infrastructure‑as‑code, cloud environments evolve continuously. Identities, particularly non‑human ones such as service accounts and automated workloads, are created rapidly to support agility, while governance processes often remain periodic and manual. Over time, access accumulates incrementally, creating environments that may appear compliant during reviews but are operationally exposed in day‑to‑day use. This gap between cloud speed and governance speed is increasingly recognised as a systemic risk rather than an isolated misconfiguration issue.

Paul Davis
Area vice president, sales, APAC, at ClickHouse

As cloud environments scale, the volume of security telemetry scales with them: access logs, network flows, configuration changes, all growing exponentially. Most of the traditional security tooling organisations rely on was built around batch-oriented, sampled data, and these platforms actually encourage teams to reduce what they ingest to keep costs manageable, which means the granular, high-cardinality detail where real threats tend to surface gets aggregated away long before a security analyst ever sees it.

Reuben Koh
Security technology and strategy director of Asia-Pacific and Japan at Akamai Technologies

In the past year, cyber attacks have been increasingly focused on “stealth impact”, quietly degrading performance, inflating cloud and AI costs, and eroding revenue over time. This includes tactics such as mass creation of fake accounts, bot-driven abuse of transactions, and the exploitation of AI chatbots to exhaust costly tokens.

At the same time, illegal data scraping is on the rise. AI agents are being used to harvest content from digital media and healthcare organisations, resulting in direct revenue loss and increasing the risk of downstream fraud.

Attacks that once took weeks can now unfold in hours, with threat actors increasingly sharing tools and AI models to scale their operations globally.

This shift is compounded by a growing imbalance between machine-speed attacks and human-speed defence. While larger enterprises are investing in AI-driven security capabilities, many organisations, particularly mid-sized businesses, continue to face challenges around visibility, skills shortages, and fragmented security environments.

As cyber attacks become increasingly industrialised, organisations must ensure their defences evolve in tandem, becoming faster, smarter, and capable of matching the speed and scale of threats they face. Static defence models are no longer viable.

George Harb
Vice president, Australia and New Zealand, at OpenText

Cloud configurations, identity permissions, API integrations and DevOps pipelines all rely on precise human decision making, yet these are the areas where errors most often occur. The risk is rising as teams shrink and workloads grow. ISACA’s State of Privacy survey shows privacy teams are getting smaller, with median staffing dropping from eight to five in the past year, and nearly half of organisations report shortages in technical roles. Fewer people managing more complexity increases the likelihood of misconfigurations and oversights in fast‑moving cloud environments.

It’s no surprise that 35 per cent of digital trust professionals say insider threats and human errors are the risks most likely to keep them up at night this year, according to ISACA’s Tech Trends & Priority Pulse poll 2026. When security teams are stretched thin, burnout rises, and incident response slows – and routine but critical work, like reviewing logs or validating access controls, gets pushed down the list. This is precisely where many breaches begin.

As cloud adoption accelerates, this World Cloud Security Day is a timely reminder that strengthening human resilience must be a priority.

Volker Rath
Field CISO at Cloudflare

World Cloud Security Day is a day that often surfaces familiar advice: strengthen identity and access management, adopt zero trust and build layered security. While these are all important, many of the suggestions we hear today are stuck in a scenario that no longer exists.

Technologies and trends such as AI, the rise of citizen developers, increasing complexity in software supply chains, and quantum computing are fundamentally reshaping the scale and speed of cyber risk.

Security must now be automated, adaptive, and deeply integrated into how organisations build and operate. This means moving towards a “no-excuses, no-exceptions, no-manual-management” approach to security, where protection is built in by default, and defining a new shared responsibility for managing threats across all players in the ecosystem.

It also means using AI as a central defence tool. Organisations can use it to identify vulnerabilities in code, detect anomalous behaviour that traditional tools miss, or gain better visibility across increasingly complex environments, including software supply chains.

And while we need to focus on these immediate threats, we cannot ignore what’s coming next, with quantum computing and its potential to break today’s encryption standards.

All that said, we also don’t need to panic. AI hasn’t changed the target of attackers, and many of the best practices we hear every year still serve us well today. Most of us are already on the right path. We just need to continue the security transformation process, focusing strongly on sensitive data and identities.


Anthony Daniel
Managing director, Australia, New Zealand and the Pacific Islands, at WatchGuard Technologies

This World Cloud Security Day, Australian organisations need to address a critical misconception: that moving to the cloud means moving to something inherently secure. The assumption has been that if the platform is protected, the data is too, but that’s no longer where most attacks begin.

Attackers are no longer focused on breaking into the cloud itself but are instead targeting the ways in which it is accessed, exploiting compromised credentials, unsecured devices and misconfigured services to gain entry, after which the cloud becomes part of the attack surface rather than a layer of defence.

This shift is reflected in WatchGuard’s Threat Lab data, which shows that in Q4 2025, more than 96,000 network attacks targeting Australian organisations were blocked, more than ten times the volume of malware detections, highlighting the scale of persistent probing of internet-facing systems and cloud-connected environments where attackers are actively searching for weaknesses in identity controls and configuration.

What this underscores is that cloud security cannot be approached in isolation, but instead needs to form part of a broader and more integrated strategy that brings together visibility across identity, endpoint and network activity, alongside continuous verification of access to critical systems, with a zero-trust model playing a central role in ensuring that every request is assessed in real time regardless of where it originates.

The organisations that will stay ahead are those that recognise the cloud is no longer a defined boundary and instead focus on securing the pathways into it.

Heng Mok
Head of CISOs in residence – APJ at Zscaler

World Cloud Security Day serves as a timely reminder that, as Australian organisations rapidly scale their cloud environments and experiment with innovations like agentic AI, security guardrails must also keep pace. Agentic AI brings clear advantages through its autonomy and ability to retain context, but those same traits open the door to new risks in the cloud. We’re already seeing cyber adversaries use AI‑driven systems to probe for weaknesses far faster than traditional tooling can detect, while local businesses adopting AI for automation may inadvertently expose data if comprehensive controls aren’t in place.

That’s why applying zero-trust principles is essential. AI agents, like any powerful user, need clearly defined access boundaries, segmentation and ongoing behavioural oversight. Techniques such as validator agents and scoped permissions help keep systems resilient and prevent misuse.

On World Cloud Security Day, the message for Australian organisations is simple: innovation must be matched with modern, cloud‑ready security that can adapt and operate at the speed of business innovation. With the right guardrails in place, we can safely unlock the benefits of AI while protecting what matters most.

Vijay Chaudhari
Principal solutions engineer APJ at Saviynt

On this World Cloud Security Day, cloud security must be recognised as a core business priority, not just a technical function. As organisations accelerate cloud adoption, they are expanding their attack surface and introducing new risks across data, applications, and infrastructure. At the same time, cyber threats are becoming more sophisticated, and the impact of breaches continues to escalate across financial, regulatory, and reputational dimensions. This shift requires moving beyond fragmented, reactive controls towards a converged security approach in which identity serves as the central control plane, delivering consistent visibility, governance, and enforcement across the entire cloud environment, including strong privileged access management to control and monitor high-risk access.

A key driver of this transformation is the rapid rise of AI agents. These non-human identities operate autonomously, often with elevated access and limited oversight, which creates a significant security gap. Without proper governance, they can become invisible entry points for attackers, enabling the misuse of privileges, lateral movement, and data exposure. Organisations must therefore treat AI agents as first-class identities, applying the same life cycle management, ownership accountability, and least-privilege principles enforced for human users, while ensuring privileged access is tightly controlled through just-in-time access, session monitoring, and real-time policy enforcement.

Addressing this challenge requires an identity security approach designed for a converged platform that brings together governance, posture management, privileged access management, and real-time access enforcement. This includes discovering AI agents and machine identities, centralised visibility into access relationships, automated provisioning and deprovisioning, continuous certification, and risk-based access controls. By embedding these capabilities into a unified identity-centric framework aligned with zero-trust principles, organisations can scale innovation securely while maintaining control, reducing risk, and ensuring that both human and non-human identities are governed with the same level of precision and accountability.

James Maude
Field chief technology officer at BeyondTrust

World Cloud Security Day is a useful reminder to recognise how much cloud risk now comes down to everyday access decisions and overlooked misconfigurations. Many incidents don’t involve sophisticated zero-day exploits. Instead, credentials, permissions, or tokens are misused in ways no one expected. In the cloud, one compromised identity can lead to a breach at machine speed and hyperscale.

This is why reducing standing privilege and tightening access isn’t about slowing teams down; it’s about limiting how far a mistake or compromise can spread. As cloud environments grow more complex, clarity over who (or what) can do what matters more than adding yet another security layer. Getting the basics of identity and access right still pays the biggest dividends.

Morey Haber
Chief security advisor at BeyondTrust

World Cloud Security Day is a reminder that the cloud did not eliminate risk. It restructured it, and identity is now the control plane poised as the most significant attack vector that needs attention. Simple identity misconfigurations, excessive privileges, and faults in joiner, mover, and leaver processes are vulnerabilities hiding in plain sight. Unfortunately, organisations still treat cloud and identity security as a tooling problem. It is not. It is an authentication, authorisation, and remote access problem.

Every workload, API, AI agent, and machine identity expands the attack surface, and if you do not have visibility into operations, you cannot defend it. This requires intelligence and protection to analyse settings, identify faults, map paths to privileged access, and implement concepts such as least privilege and just-in-time access. Solutions in the cloud are truly moving fast. Threat actors are moving faster, and your identity security strategy must be a priority, or you will be left behind and vulnerable.

Guy Brown
Senior enterprise security architect APJ at Fastly

As cloud environments grow more distributed, the “complexity tax” – the accumulated risk of managing disconnected security tools spread across infrastructure – has become a measurable liability.

For World Cloud Security Day 2026, the priority must shift from layering on point solutions to consolidating security where traffic actually flows. For most organisations, that means the edge: the one place where real-time visibility across the entire attack surface becomes possible, and where global policies can be enforced consistently.