We've curated 19 cybersecurity statistics about Cloud to help you understand how threats like data breaches and misconfigurations are affecting cloud environments in 2025, along with best practices for securing your digital assets in the cloud.
Showing 1-20 of 262 results
89% of leaders say cloud investments have made it easier to use AI.
70% of CEOs stated they arrived at their current cloud environment by accident rather than by design.
The cloud computing industry has grown into a more than $700 billion sector as of 2025.
Organizations have increased cloud spending by over 30% on average over the past year.
75% of leaders express concern about the geopolitical risks of storing and managing data in global cloud environments.
84% of leaders intentionally use multiple clouds.
91% of organizations say their cloud infrastructure provides the flexibility to adapt to new regulations.
44% of true-positive security alerts from cloud security tools in Q3 2025 were driven by identity-related weaknesses.
52% of all confirmed identity-based alerts were due to identity-related privilege escalation.
99% of cloud identities were found to be over-privileged, creating significant security risks.
33% of raw CSPM alerts were identity-related, contributing to the operational burden on security teams.
As of October 2025, there are over 14,700 Jenkins servers exposed to the internet that remain vulnerable to CVE-2024-23897.
71% of critical vulnerability alerts in Q3 2025 originated from just four legacy CVEs.
46% of organizations cite cloud and SaaS data sprawl as a top challenge. ).
27% of cloud storage is abandoned (unused data that inflates costs and widens the attack surface).
59% of applications run in the cloud today, rising to 75% within the next year.
56% said the public cloud was best positioned to deliver security as opposed to 37% that chose on-premises and 7% that responded neither model.
51% said the public cloud was best positioned to meet regulations vs 41% that responded on-premises.
81% agree that their primary cloud provider’s native security and compliance capabilities exceed what their team could deliver independently.
Around eight in ten organizations report at least one data breach in the past year, both in on-premises infrastructure (78%) or in the public cloud (79%).