The State of Cloud Security Report 2025 from Palo Alto Networks reveals a sobering reality: cyberattacks have nearly tripled in just one year, surging from 2.3 million to 9 million daily incidents. What took hackers 44 days to accomplish in 2021 now takes as little as 25 minutes with AI assistance. This dramatic acceleration is reshaping how organizations defend their digital infrastructure.
The Cloud Has Reached Critical Mass
Enterprise cloud adoption has hit a tipping point. The report found that 61% of organizations now operate at significant scale in the cloud, with 23% running fully cloud-native environments. On average, companies place 51% of their workloads in public cloud infrastructure, and most juggle six different cloud providers simultaneously. This multicloud reality has become the new normal, bringing unprecedented complexity.
Development Speed Creates Security Gaps
Code is moving faster than security teams can keep up. Over half of surveyed organizations deploy new or updated code weekly, with 17% releasing daily or more frequently. Making matters more challenging, 99% now use generative AI tools for software development, dramatically accelerating code production. The problem? 85% of respondents report that security measures hinder their release schedules, and 82% need more than a week to fix security issues once they are discovered.
APIs Become Prime Targets
API attacks have surged 41% year-over-year, representing the steepest increase of any threat vector. This explosion stems partly from the rapid adoption of AI agents and the proliferation of ungoverned interfaces. Compounding this, 99% of organizations experienced at least one attack on an AI system in the past year, with 47% reporting data theft through assistants or plugins.
The Identity Crisis
Fragmented cloud environments topped the list of security challenges, cited by 60% of organizations. Close behind, 53% pointed to lenient identity and access management as a critical weakness. The report reveals that sensitive data now scatters across multiple locations, with roughly equal portions residing in on-premises infrastructure, public cloud, and SaaS applications.
Response Times Lag Behind Attack Speed
While 74% of organizations can detect and contain threats within 24 hours, resolution remains painfully slow. One-third of teams need a full day or more to close an incident, with 9% requiring up to a month. Security analysts spend half their time just collecting and correlating data—a bottleneck that benefits attackers operating at machine speed.
The report surveyed 2,800 security professionals across 10 countries, painting a clear picture: organizations must unify their security operations, reduce tool sprawl, and embrace automation to keep pace with the velocity of modern threats. With 89% of respondents agreeing that cloud security should integrate with security operations centers, the industry recognizes that fragmented defenses are no longer viable.
