Sixty-nine percent of organizations reported identity and access-related cloud security incidents in the past twelve months, showing how cloud risk is increasingly driven by interconnected weaknesses rather than single flaws.
That figure comes from the 2026 Cloud Security Report by Fortinet and Cybersecurity Insiders, published today and based on a late-2025 survey of 1,163 IT and cybersecurity professionals worldwide.
The report finds that cloud breaches often follow an exposure chain: a misconfiguration creates access, an overprivileged identity facilitates movement, and sensitive data becomes the focal point. While 77% of respondents ranked identity as their top cloud risk, configuration, identity, and data security continue to be handled in silos, which restricts shared context and prolongs response times.
This fragmentation shows up clearly in incident patterns. Respondents reported experiencing identity and access security incidents (69%), configuration and posture issues (65%), data exposure and privacy events (54%) and workload and runtime security incidents (42%). According to the report, these risks are often individually deprioritized until attackers connect them.
“Cloud adoption across IaaS, PaaS, and SaaS has become increasingly fragmented,” Diana Kelley, Chief Information Security Officer (CISO) at Noma Security told Expert Insights. She noted that attackers are “operating at machine speed, using automation to outpace defenders who are still constrained by siloed controls and incomplete context.”
Automation and AI Lag Behind Attacker Speed
Despite broad interest in automation, most organizations are still stuck at the alerting stage. Thirty-seven percent said their cloud security automation is primarily alert-focused, while only 11% have fully autonomous remediation. Another 42% rely on basic automation or recommendations without action.
Artificial Intelligence (AI) adoption remains early, as shown in the image below:
AI-Driven Cloud Threat Detection. Credit: Fortinet.
“Defenders are expending finite resources against adversaries whose AI automation is driving attack costs toward zero,” Ram Varadarajan, CEO at Acalvio, told Expert Insights, adding that the gap “is not going to be closed by adding more disconnected defensive security tools.”
These pressures are reshaping strategy. If starting over today:
- 64% would choose a unified security platform.
- 27% would prefer a best-of-breed approach.
- 9% are unsure.
When evaluating platforms, organizations prioritized coverage and depth across cloud environments (79%), integration and orchestration (72%), and automation and compliance (68%), ahead of cost.
“Cloud security challenges today are no longer driven by a lack of investment,” Shane Barney, CISO at Keeper Security told Expert Insights. “They are driven by structural complexity.”
For CISOs and security leaders, the report’s message is clear: closing the cloud complexity gap requires unified visibility across identity, configuration, and data, and automation that teams can trust to act, not just alert.
