Best Practices & Trends from Cloud to Workloads

Read full article here: https://www.p0.dev/blog/trends-in-cloud-security-from-cloud-to-workloads/?source=nhimg

As cloud adoption accelerates, identity security has emerged as the new perimeter, spanning not only human users but also the rapidly growing population of non-human identities (NHIs) such as service accounts, APIs, cloud agents, and workload identities. In a recent expert roundtable, leading voices in cloud security, including Kat Traxler (Vectra AI), James Berthoty (Latio Tech), Rami McCarthy, and Srajan Gupta (Dave), explored the evolving threat landscape and the governance strategies required to address it.

Key Trends in Cloud Identity Security

• Explosive NHI Growth – For every human identity, there are now up to 50 NHIs, dramatically increasing attack surfaces and misconfiguration risks.

• Identity Fragmentation – Identities span SaaS platforms, cloud services, and Kubernetes clusters, often managed in silos without unified tooling, leaving blind spots for CISOs.

• Emerging Attack Vectors – Research revealed vulnerabilities in cloud provider–managed service agents that, when exploited, can perform privileged operations without direct resource access.

Core Governance Challenges

• Lifecycle Management Gaps – Stale and unused service accounts become prime targets for attackers.

• Least Privilege at Scale – Enforcing least privilege without disrupting workloads remains a complex balancing act.

• Tooling Fragmentation – Vendors typically address narrow identity slices, forcing teams to stitch together incomplete solutions.

Best Practices from Industry Leaders

1. Inventory All Identities – Map human and non-human identities, including service accounts and API keys.

2. Adopt Just-in-Time (JIT) Access – Eliminate standing privileges by granting time-bound access only when required.

3. Implement Permission Boundaries – Restrict identity scope to reduce breach blast radius.

4. Enforce Continuous Lifecycle Management – Regularly review and decommission unused or overprivileged accounts.

5. Use “Ratchets & Levers” – Combine long-term improvements (ratchets) with quick wins (levers) for compounding security gains.

6. Reduce Blast Radius by Design – Leverage segmentation, resource boundaries, and JIT for breach containment.

7. Automate at Scale – Deploy continuous monitoring and automated remediation to handle identity risks in large environments.

Strategic Takeaways

The panel agreed that identity governance is no longer a one-time project, it’s an ongoing discipline requiring cross-team collaboration, automation, and adaptive policy enforcement. Perfect least privilege may be unattainable, but incremental improvements can dramatically reduce risk exposure. Future-proofing cloud security means integrating NHI management into zero trust frameworks and bridging governance gaps across all workloads.

Bottom Line

The next phase of cloud security will be won by organizations that treat identity, human and non-human, as the true control plane. Those that master lifecycle automation, least privilege enforcement, and cross-platform governance will have the resilience needed to defend against the next wave of identity-based attacks.