The proliferation of hybrid and multi-cloud environments has fundamentally transformed enterprise IT, but a new report highlights a pressing consequence: a staggering 90% of IT and security leaders surveyed globally experienced at least one cyberattack within their cloud or SaaS environments in the past year.
The data, compiled from over 1,600 cybersecurity executives across ten countries and three regions (Americas, APAC, EMEA), underscores the scale and frequency of cloud-based threats facing modern organizations.
Hybrid and Multi-Cloud Adoption Drives Complex Threat Landscape
Cloud adoption continues to rise, with 89% of respondents now leveraging multiple cloud platforms for data storage, applications, and services.
Such distributed architectures have enabled greater scalability and innovation but have also vastly expanded the attack surface.
The study, based on telemetry from Rubrik and Wakefield Research, reveals that security leaders now grapple with unprecedented challenges: securing sensitive data systemwide, overcoming a lack of centralized visibility and management, and addressing a growing array of attack vectors that far outstrip the risks faced in traditional on-premises environments.
The attack methods themselves have evolved rapidly in parallel with this digital transformation.
Over the past year, nearly 80% of observed incidents stemmed from identity-based attacks, a sharp departure from legacy malware-based approaches.
Threat actors are increasingly bypassing conventional perimeter defenses by abusing valid credentials, orchestrating social engineering campaigns, and leveraging compromised accounts for lateral movement within cloud ecosystems.
CrowdStrike’s 2025 Global Threat Report notes that in 2024, the frequency of cloud intrusions increased by 26%, and average breakout time for interactive eCrime intrusions-the period from initial compromise to broader system control-dropped to a mere 48 minutes.
Identity-Based Attacks and Ransomware Dominate Latest Threat Vectors
Financial and operational impacts are severe. Of those experiencing ransomware attacks in 2024, 86% admitted to paying extortion demands in order to recover encrypted data or halt attacks, despite a noted decline compared to prior years.
Alarmingly, nearly three-quarters of affected organizations reported that attackers were able to access and damage their critical backup and recovery resources, while 35% confirmed that their backup strategies were completely compromised during the incident.
This crisis is exacerbated by ongoing misconceptions regarding cloud-native security.
Many organizations mistakenly assume that cloud service providers are solely responsible for safeguarding data, leading to gaps in backup and disaster recovery planning.
The report draws attention to stark disparities in backup maturity between on-premises and cloud workloads, citing real-world incidents such as the 2017 GitLab database loss-where insufficient cloud backup protocols led to significant and unrecoverable data loss.
Strategic recommendations emerging from the study include adopting a Zero Trust security model-where no user or device is inherently trusted-combined with robust automation for threat detection, response, and data backup.
Security leaders are urged to inventory and classify all sensitive data, establish clear policy enforcement and recovery procedures, and leverage automation to manage vulnerabilities, access controls, and behavioral anomaly detection at scale.
Ultimately, as organizations continue their hybrid and multi-cloud journeys, the imperative is clear: only those who proactively address cloud-specific security risks will mitigate exposure to the sophisticated and persistent adversaries now targeting digital infrastructures worldwide.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant updates
