TL;DR: 80% of organisations store sensitive data in the cloud, 53% experienced a cloud infrastructure cyberattack in the prior 12 months, and 49% saw unplanned remediation costs after an attack, according to Netwrix’s 2022 survey of 720 IT professionals. The governance gap is not cloud adoption itself, but the fact that data, access, and detection controls are still maturing unevenly.
NHIMG editorial — based on content published by Netwrix: 2022 Cloud Data Security Report
By the numbers:
- 80% of organizations store sensitive data in the cloud
- 53% of respondents experienced a cyberattack on their cloud infrastructure within the last 12 months
- 49% of IT pros said that an attack led to unplanned expenses to fix security gaps
Questions worth separating out
Q: How should teams reduce cloud data exposure without slowing cloud adoption?
A: Start by linking sensitive datasets to the identities and roles that can reach them.
Q: Why do cloud incidents so often become expensive remediation events?
A: Cloud incidents spread cost because the same identity or misconfiguration can affect multiple services, regions, or accounts at once.
Q: What do security teams get wrong about cloud data protection?
A: They often focus on where data is stored and miss which identities can actually move it.
Practitioner guidance
- Inventory cloud identities tied to sensitive data Build a single view of human accounts, service accounts, API keys, and tokens that can reach cloud data stores or management planes.
- Reduce standing privilege in cloud roles Review cloud roles for overbroad access to storage, backups, and admin functions, then remove permissions that are not needed for current business use.
- Correlate identity and storage telemetry Join authentication logs, role assumption events, object access logs, and alerting into one investigation path so suspicious access can be traced before data leaves the environment.
What's in the full report
Netwrix's full report covers the operational detail this post intentionally leaves for the source:
- Regional and vertical breakdowns for cloud security challenges across the UK, France, manufacturing, education, healthcare, and finance.
- Survey detail on how cloud security measures affect detection time and which controls practitioners reported as most effective.
- Appendix material on budgeting and the distribution of cloud security obstacles across respondents.
- Full consequence analysis for breaches that led to unplanned expenses and control remediation.
👉 Read Netwrix's 2022 cloud data security report →
Cloud data security gaps: what 2022 survey results mean for teams?
Explore further
Cloud data security is really identity security with a storage problem attached. The report’s numbers show that sensitive data is already widely resident in cloud platforms, which means the practical control surface is no longer just storage configuration. It is the combination of who can reach the data, which machine identities can move it, and how quickly those paths are detected. Practitioners should treat cloud data security as an identity governance problem first, not a file-system problem.
A few things that frame the scale:
- 70% of organisations grant AI systems more access than they would give a human employee performing the exact same job, according to The 2026 Infrastructure Identity Survey.
- Only 44% of organisations have implemented any policies to manage their AI agents, despite 92% agreeing that governing AI agents is critical to enterprise security.
A question worth separating out:
Q: How can organisations tell whether cloud security controls are working?
A: Look for evidence that access is shrinking, not just that alerts are increasing. Fewer broad roles, fewer unmanaged service credentials, and faster correlation between identity events and data access are stronger signs of control health. If investigation still requires manual stitching across tools, the programme is not yet operationally mature.
👉 Read our full editorial: Cloud data security remains weak as cloud adoption keeps expanding