AI posture management, ADR, and CTEM: what teams need now

TL;DR: The 2025 Latio Cloud Security Market Report says teams are moving beyond one-size-fits-all CNAPPs toward AST, CTEM, and CADR, with 65% prioritising AI posture management and 53% prioritising application detection and response, according to Cyera. The governance signal is clear: posture confidence is no longer enough when runtime exposure spans data, apps, and workloads.

NHIMG editorial — based on content published by Cyera: 2025 Latio Cloud Security Market Report

By the numbers:

• Practitioners’ top priorities for 2026 include AI Posture Management at 65%, Application Detection & Response at 53%, Access Management at 47%, and Remediation Assistants at 35%.
• 70% of organisations grant AI systems more access than they would give a human employee performing the exact same job.
• Only 13% of organisations feel extremely prepared for the reality of agentic AI despite the majority racing toward autonomous adoption.

Questions worth separating out

Q: How should security teams decide between posture, exposure, and runtime controls?

A: Use posture controls to validate baseline configuration, exposure management to identify reachable risk, and runtime controls to detect active misuse.

Q: Why do AI systems need access management, not just cloud security monitoring?

A: Because AI systems can read data, invoke tools, and influence workflows, which means their access scope directly shapes business risk.

Q: What breaks when cloud security tools only focus on scan-time posture?

A: You miss the moment when an approved configuration becomes risky during live execution.

Practitioner guidance

• Separate posture, exposure, and runtime ownership Assign different operational owners for scan-time configuration, continuous exposure management, and live detection so each control failure has a clear response path.
• Review AI system access as non-human identity entitlement Document what data, APIs, and automation rights each AI system can touch, then compare that scope to the minimum access needed for its task.
• Add runtime telemetry to cloud response playbooks Link application and workload alerts to actions that can revoke tokens, isolate workloads, or halt risky execution before the session expands into broader impact.

What's in the full report

Cyera's full report covers the operational detail this post intentionally leaves for the source:

• The survey breakdown behind practitioners’ 2026 priorities, including how teams ranked AI posture management, application detection, access management, and remediation assistants.
• A buyer’s guide that maps posture-first, runtime-first, and CTEM-centric approaches to different team sizes and architectures.
• Specific guidance on why agent-based protection matters across network, OS, container, API, and application layers.
• The vendor’s own framing of unified data and AI security capabilities across cloud, SaaS, and on-prem environments.

👉 Read Cyera's 2025 Latio Cloud Security Market Report on cloud security priorities →

AI posture management, ADR, and CTEM: what teams need now?

Explore further

View Full Forum →  |  NHI Foundation Course →