Notifications

Clear all

AWS data security risks in 2025: what governance teams should fix

Last Post

RSS

NHI Mgmt Group

(@nhi-mgmt-group)

Member Moderator

Joined: 1 year ago

Posts: 8151

Topic starter 24/06/2026 8:55 pm

TL;DR: The 2025 telemetry highlights the top 10 recurring AWS data security risks, showing how sensitive data is stored, accessed, and exposed at scale in cloud environments, according to Cyera. The pattern is clear: cloud security teams need tighter identity, access, and data governance, not just better discovery.

NHIMG editorial — based on content published by Cyera: Top 10 Notable Data Security Risks in AWS Environments

By the numbers:

72% of organisations have experienced or suspect they have experienced a breach of non-human identities , 46% confirmed, 26% suspected.

Questions worth separating out

Q: How should security teams reduce AWS data exposure without slowing cloud operations?

A: Start by reducing broad access paths to sensitive data, then recertify the remaining permissions against real workload and business use.

Q: Why do AWS environments create so much data security risk?

A: AWS environments combine scale, speed, and many identity types, which makes it easy for permissions to expand faster than governance can track them.

Q: What do security teams get wrong about data discovery in cloud environments?

A: They often assume that finding sensitive data is the same as securing it.

Practitioner guidance

Map data to every reachable identity path Build an access graph for sensitive AWS stores that includes humans, roles, service accounts, automation, and third-party integrations.
Tighten broad roles before expanding discovery scope If AWS roles still have wide permissions, reduce entitlement scope first.
Recertify cloud entitlements against actual data use Review whether AWS permissions still match current workload behaviour, vendor access, and business need.

What's in the full report

Cyera's full report covers the operational detail this post intentionally leaves for the source:

The exact list of the top 10 AWS risk patterns identified in Cyera's telemetry.
The underlying exposure mechanisms behind each risk, including where identity and data controls diverge.
Implementation detail on how Cyera frames remediation across AWS data environments.
The research context behind the telemetry and how the findings were derived.

👉 Read Cyera's report on the top 10 AWS data security risks →

AWS data security risks in 2025: what governance teams should fix?

Explore further

View Full Forum → | NHI Foundation Course →

Quote

Topic Tags

Forum Statistics

9 Forums

9,443 Topics

15.4 K Posts

23 Online

135 Members

Latest Post: Identity security and business growth: are your controls keeping up? Our newest member: Alex Recent Posts Unread Posts Tags

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed

#1 Authority in NHI Education, Research and Advisory, empowering organizations to tackle the critical risks posed by Non-Human Identities (NHIs), including AI Agents.

Get in Touch

Quick Links

FAQ

NHI 101 Articles

Legal & Policies