• About Us
  • Advertising
  • Digital Magazine
  • Supplements
  • Media Pack
  • Privacy Policy
  • Contact us
CXO Insight Middle East
  • News
  • Opinion
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
    • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CXO50 Oman
    • CXO50
    • ICT Awards
      • Dubai 2025
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2024
    • All events
  • Digital Magazine
  • GITEX GLOBAL
No Result
View All Result
CXO Insight Middle East
  • News
  • Opinion
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
    • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CXO50 Oman
    • CXO50
    • ICT Awards
      • Dubai 2025
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2024
    • All events
  • Digital Magazine
  • GITEX GLOBAL
No Result
View All Result
CXO Insight Middle East
No Result
View All Result

Tenable research finds rampant cloud misconfigurations exposing critical data and secrets

by CXO Staff
July 4, 2025
in Future, News, Tech

9 percent of publicly exposed cloud storage holds sensitive data, 97 percent classified as restricted or confidential

Tenable research finds rampant cloud misconfigurations exposing critical data and secrets

Tenable released its 2025 Cloud Security Risk Report, which revealed that 9 percent of publicly accessible cloud storage contains sensitive data. Ninety-seven percent of such data is restricted or confidential, creating easy and prime targets for threat actors.

Cloud environments face dramatically increased risk due to exposed sensitive data, misconfigurations, underlying vulnerabilities and poorly stored secrets – such as passwords, API keys and credentials. The 2025 Cloud Security Risk Report provides a deep dive into the most prominent cloud security issues impacting data, identity, workload and AI resources and offers practical mitigation strategies to help organisations proactively reduce risk and close critical gaps.

Key Findings From The Report Include:

  • Secrets found in diverse cloud resources, putting organisations at risk: Over half of organisations (54 percent) store at least one secret directly in Amazon Web Services (AWS) Elastic Container Service (ECS) task definitions, creating a direct attack path. Similar issues were found among organisations using Google Cloud Platform (GCP) Cloud Run (52 percent) and Microsoft Azure Logic Apps workflows (31 percent). Alarmingly, 3.5 percent of all AWS Elastic Compute Cloud (EC2) instances contain secrets in user data — major risk given how widely EC2 is used.
  • Cloud workload security is improving, but toxic combinations persist: While the number of organisations with a “toxic cloud trilogy” – a workload that is publicly exposed, critically vulnerable, and highly privileged – has decreased from 38 percent to 29 percent, this dangerous combination still represents a significant and common risk.
  • Using Identity Providers (IdPs) alone doesn’t eliminate risk: While 83 percent of AWS organisations are exercising best practices in using IdP services to manage their cloud identities, overly permissive defaults, excessive entitlements, and standing permissions still expose them to identity-based threats.

“Despite the security incidents we have witnessed over the past few years, organisations continue to leave critical cloud assets, from sensitive data to secrets, exposed through avoidable misconfigurations,” said Ari Eitan, Director of Cloud Security Research, Tenable.

“The path for attackers is often simple: exploit public access, steal embedded secrets or abuse overprivileged identities. To close these gaps, security teams need full visibility across their environments and the ability to prioritise and automate remediation before threats escalate. The cloud demands continuous, proactive risk management, and not reactive patchwork.”

The report reflects findings by the Tenable Cloud Research team based on telemetry from workloads across diverse public cloud and enterprise environments, analysed from October 2024 through March 2025.

Tags: cloud misconfigurationscritical datareportTenable
ShareTweet

Related Posts

Beyond vision: Ericsson’s Petra Schirren on an execution-first strategy for the Gulf’s digital future
Future

Beyond vision: Ericsson’s Petra Schirren on an execution-first strategy for the Gulf’s digital future

Across the Gulf, the race to become a global leader in digital infrastructure is accelerating. With bold national visions, strategic...

July 25, 2025
SentinelOne solutions join new AWS Marketplace AI Agents and Tools category
Future

SentinelOne solutions join new AWS Marketplace AI Agents and Tools category

SentinelOne announced the availability of Singularity Cloud Security and Singularity AI SIEM. This includes Purple AI, the industry’s most advanced...

July 25, 2025

Discussion about this post

Latest Issue

Beyond vision: Ericsson’s Petra Schirren on an execution-first strategy for the Gulf’s digital future

Beyond vision: Ericsson’s Petra Schirren on an execution-first strategy for the Gulf’s digital future

July 25, 2025
SentinelOne solutions join new AWS Marketplace AI Agents and Tools category

SentinelOne solutions join new AWS Marketplace AI Agents and Tools category

July 25, 2025
UAE’s EDGE, Pavo Group launch new JV in defence technology

UAE’s EDGE, Pavo Group launch new JV in defence technology

July 24, 2025

The most trusted source of strategic intelligence for IT decision makers in the Middle East.

About

  • About Us
  • Advertising
  • Digital Magazine
  • Supplements
  • Media Pack
  • Contact Us

Policies

  • Privacy Policy
© 2025 – CXO Insight Middle East. All Rights Reserved.
Facebook-f X-twitter Linkedin
Separated they live in Bookmarksgrove right at the coast of the Semantics, a large language ocean. A small river named Duden.

About

  • About Us
  • Site Map
  • Contact Us
  • Career

Policies

  • Help Center
  • Privacy Policy
  • Cookie Setting
  • Term Of Use

Join Our Newsletter

© 2024 – CXO Insight Middle East. All Rights Reserved.

Facebook-f Twitter Youtube Instagram

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Join our mailing list
Sign up here to get the latest news, updates and special offers delivered directly to your inbox.
No Result
View All Result
  • News
  • Opinions
  • Business
    • Industries
      • Transport
      • Retail
      • Government
      • Real Estate
      • Education
      • Energy
      • Banking and Finance
  • Channel
  • Future
    • Tech
    • Gadgets
    • Science
    • Space
    • Sustainability
  • Events
    • Channel Insights Summit 2025
    • Insight Innovation Summit
    • CX50 Oman
    • CXO50
    • ICT Awards
      • Dubai
      • Saudi Arabia
    • Cyber Strategists Summit
    • Cloud Connect 2025
    • Channel Awards 2023
    • All events
  • Videos
  • GITEX GLOBAL
  • Digital Magazine

© 2025 - CXO Insight Middle East. All Rights Reserved.