News DeskDubai, UAE – The rapid adoption of enterprise artificial intelligence is dramatically expanding cloud security risks, with nearly all organisations reporting attacks on their AI systems over the past year, according to a new report by cybersecurity firm Palo Alto Networks.
In its State of Cloud Security Report 2025, released on Tuesday, the company said 99 per cent of surveyed organisations had experienced at least one attack targeting AI-driven systems, underscoring how cloud infrastructure has become a prime target as businesses race to deploy AI workloads.
The report, based on a survey of more than 2,800 security executives and practitioners across 10 countries, highlights how the rise of generative AI and automated coding practices is outpacing the ability of security teams to manage risk.
According to the findings, 99 per cent of respondents now use GenAI-assisted “vibe coding”, which accelerates software development but also increases the volume of insecure code entering production environments. While more than half of teams ship code weekly, only 18 per cent are able to fix vulnerabilities at the same speed, allowing security gaps to accumulate rapidly across cloud systems.
“As organisations aggressively scale cloud investments to power AI initiatives, they are inadvertently opening the door to sophisticated new attack vectors,” said Elad Koren, Vice President of Product Management at Palo Alto Networks’ Cortex Division. “Traditional approaches to cloud security are proving inadequate against machine-speed threats.”
The report identifies application programming interfaces (APIs) as a major emerging risk. API-related attacks surged by 41 per cent over the past year, driven by the heavy reliance of agentic AI systems on interconnected services. Identity and access management weaknesses were also flagged, with 53 per cent of respondents citing overly permissive access controls as a leading challenge.
Lateral movement within cloud environments remains another concern, as 28 per cent of organisations reported unrestricted network access between workloads, enabling attackers to expand breaches once initial access is gained.
Tool sprawl is further compounding the problem. On average, organisations manage 17 cloud security tools from five different vendors, creating fragmented visibility and slowing incident response. As a result, 97 per cent of respondents said consolidating their cloud security tools is now a priority, while 30 per cent reported that resolving incidents can take more than a full day due to disconnected workflows between cloud and security operations centre (SOC) teams.
The study found strong support for closer integration between cloud security and SOC functions, with 89 per cent of organisations agreeing that the two must be fully unified to effectively counter modern threats.
Palo Alto Networks said the findings point to the need for end-to-end, AI-driven security platforms that combine proactive risk reduction with rapid incident response. As attackers increasingly weaponise AI, the company warned that static tools and siloed security approaches will leave cloud environments exposed.
The full State of Cloud Security Report 2025 is available on the Palo Alto Networks website
https://www.paloaltonetworks.com/state-of-cloud-native-security
