Jakarta, Thekabarnews.com – In the previous year, 99% of businesses have assaulted their AI apps and services. The number of unsafe codes is growing too quickly for security teams to keep up. The State of Cloud Security Report 2025 from global cybersecurity company Palo Alto Networks states that the rapid adoption of artificial intelligence (AI) by businesses is causing a significant increase in cloud security vulnerabilities.

The paper says that using AI on a massive scale has made the cloud attack surface much bigger. As a result, cloud infrastructure becomes a potential target for cyberattacks. Up to 99% of people who answered said they had at least one assault on their AI systems in the past year.

As more and more AI workloads are hosted in the cloud, the hazards grow even more. This is because generative AI is becoming more widespread in software development, which is often called vibe coding. The survey indicates that 99% of businesses currently utilize GenAI for coding assistance. However, the pace at which companies write code has surpassed their capacity to address security vulnerabilities.

Only 18% of the development teams that release code every week can fix security holes at the same rate, and they make up 52% of all teams. This leads to the accumulation of unfixed security holes in cloud settings.

“As organizations aggressively scale cloud investments to power AI initiatives, they are inadvertently opening the door to sophisticated new attack vectors. Our research confirms that traditional approaches to cloud security are inadequate, leaving security teams to fight machine-speed threats with fragmented tools and slow, manual fix cycles,” stated Elad Koren, Vice President of Product Management, Cortex.

Koren says that old ways of securing the cloud are no longer enough to protect against threats that move at machine speed. Security teams often have a hard time responding quickly because they use many different tools and cumbersome, manual processes to fix problems.

Table Of Content

APIs and identity management become vulnerabilities
Tool fragmentation makes incident response harder
Security must adapt to evolving attacks

“Teams need more than just dashboards highlighting risks they can never burn down; they must transform with an agentic-first platform that spans code to cloud to SOC to finally operate faster than the adversary,” she said.

APIs and identity management become vulnerabilities

The research is based on a survey of more than 2,800 cybersecurity professionals and executives from 10 countries. It shows that AI adoption has led to some significant changes in cloud risk.

Attacks against Application Programming Interfaces (APIs) went up by 41%. This increase shows how much agent-based AI systems depend on APIs to work. Because of this rising reliance, APIs have become a main way for advanced cyber threats to get in.

At the same time, 53% of those who answered said that poor identity and access management (IAM) practices were a major problem. Poor access controls are now one of the main reasons why credentials are stolen and data is exfiltrated.

Lateral migration within cloud networks is still a big worry. About 28% of those who answered said that uncontrolled network access between cloud workloads is an increasing problem. Such behavior lets attackers roam freely between environments. It allows them to turn modest breaches into bigger ones.

Tool fragmentation makes incident response harder

The report also says that using security products from different vendors makes managing cloud security more complicated. Most businesses use 17 cloud security technologies from five different suppliers. The disparity can lead to blind spots and make it harder to respond to incidents quickly.

Because of this, 97% of people who answered claimed that combining cloud security products is now their top priority. When cloud security teams and Security Operations Centers (SOC) do not operate together, it takes longer to resolve problems. In fact, 30% of teams need more than a full day to fix a single security event.

The majority of respondents (89%) believe that effective cloud and application security requires proper integration with SOC operations.

Security must adapt to evolving attacks

The report says that security plans that rely on static visibility and separate tools are no longer good enough. This is because cybercriminals are using AI more and more as a weapon.

In the future, enterprises should use an integrated, end-to-end defensive strategy. This includes both proactive risk reduction and a quick incident response. It should cover everything from software development to cloud operations and SOC functions.

The paper says that if these improvements do not happen, the speed of AI-driven innovation might continue. Consequently, enterprises could remain at risk of cloud security breaches that are getting harder to stop.