Notifications
Clear all
Topic starter
12/06/2026 9:19 pm
TL;DR: Cloud data security fails most often when exposed storage, overprivileged service accounts, and missing telemetry let sensitive data sit reachable until attackers or insiders find it, according to Orca Security. The governance problem is not just encryption, it is continuous visibility, identity control, and drift management across cloud storage and compute.
NHIMG editorial — based on content published by Orca Security: cloud data security controls and exposure risks
By the numbers:
- The 2024 Verizon DBIR identified misconfiguration as a contributing factor in 15% of all cloud breach incidents analyzed.
Questions worth separating out
Q: How should security teams reduce cloud data exposure from misconfigured storage?
A: Start with continuous configuration monitoring on storage, snapshots, and backup locations, then block public access and unsafe sharing by default.
Q: Why do non-human identities increase cloud data risk?
A: Non-human identities often have broad, persistent access to storage and analytics services, which makes them easy to overlook in human-focused access reviews.
Q: What do teams get wrong about cloud data security monitoring?
A: They often collect logs without correlating identity, object access, and data movement.
Practitioner guidance
- Inventory sensitive data across cloud services Scan storage, backup, warehouse, and analytics services for regulated or high-value data, then maintain a living map of where each dataset resides and which identities can reach it.
- Separate human and non-human access reviews Review service accounts, instance profiles, and workload roles on their own schedule so broad read permissions do not hide inside human-centric access recertification cycles.
- Turn on object-level cloud telemetry Enable CloudTrail data events, Blob access logs, and equivalent object-level logging so you can trace reads, writes, and cross-account access against sensitive datasets.
What's in the full article
Orca Security's full article covers the operational detail this post intentionally leaves for the source:
- Step-by-step best practices for identifying all sensitive data across S3, Azure Blob Storage, GCP Cloud Storage, RDS, and warehouse platforms.
- Specific control mappings for encryption, access limiting, masking, compliance automation, and incident response in cloud environments.
- Implementation detail on how Orca correlates DSPM findings with CSPM exposure states and remediation priorities.
- Cloud security solution examples for combining detection, posture management, and SIEM workflows in one programme.
👉 Read Orca Security's analysis of cloud data security controls and exposure risks →
Cloud data security gaps: are your IAM and CSPM controls keeping up?
Explore further
12/06/2026 11:18 pm
Cloud data security is an identity problem before it is a storage problem. The article's own examples show that exposure usually begins when an identity can read too much, not when encryption fails. That means cloud data governance has to treat IAM, NHI lifecycle, and storage configuration as one control plane. Practitioners should judge cloud security by whether access paths are still explainable, not just whether data is encrypted.
A few things that frame the scale:
- The average organisation believes more than 1 in 5 of their non-human identities are insufficiently secured, according to The 2024 ESG Report: Managing Non-Human Identities.
- Two-thirds of enterprises have endured a successful cyberattack resulting from compromised non-human identities, with a quarter encountering multiple attacks.
A question worth separating out:
Q: Who is accountable when cloud data is exposed through a shared account or snapshot?
A: Accountability sits with the organisation operating the cloud resource, even when the provider supplies the platform. Teams that own the data, the identity policy, and the logging settings must prove why exposure was possible and what prevented earlier detection. Shared responsibility does not mean shared ambiguity.
👉 Read our full editorial: Cloud data security gaps are driven by misconfigurations and identity risk
