SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Nam lam x george harb x reuben ko
#
Storage
#
Data Protection
#
Hybrid Cloud

Cloud security day warns of human & identity risks

Wed, 1st Apr 2026
Author image
By Joseph Gabriel Lagonsin, News Editor

Australian and New Zealand security leaders are using World Cloud Security Day to reassess the human and architectural weaknesses exposed by rapid cloud adoption.

Vendors and security strategists say organisations in the region now face faster, more industrialised attacks across increasingly complex cloud environments.

Identity, human error and security platform design have emerged as central themes this year. Commentators point to growing pressure on smaller security teams, expanding multi-cloud estates, and new forms of automated attack that blur the line between performance problems and outright breaches.

Identity at the centre

Nam Lam, group vice president for Australia and New Zealand at SailPoint, said many organisations have focused on moving to cloud services without examining the underlying security foundations closely enough.

He argues that identity now shapes much of the risk surface, as attackers increasingly rely on compromised credentials and unused or over-provisioned accounts rather than trying to break through network defences directly.

"World Cloud Security Day arrives each year as a timely prompt to look beyond the surface. Most organisations in Australia and New Zealand have made significant progress on cloud adoption. Fewer have asked hard enough questions about the quality of the security underpinning it.

"Identity sits at the heart of cloud security. The threat landscape has shifted considerably. Attackers are less likely to break through defences than to walk in through legitimate access points, using compromised credentials or exploiting over-provisioned accounts that have not been reviewed in months. Securing the cloud is ultimately about controlling who and what can access it, under what circumstances, and with what level of ongoing oversight. That requires security infrastructure that operates at the speed and scale of the cloud itself. Yet for many organisations, the platforms they rely on are not keeping pace.

"Cloud security has become a crowded market, with many solutions available. It is important to look beyond simply having a solution in place and consider whether it truly addresses the evolving challenges of cloud environments.

"The most important questions are rarely about features. They are about architecture, specifically whether the platforms organisations rely on are purpose-built for the cloud or simply adapted from legacy systems. A security platform that cannot update itself automatically, scale without manual intervention, or maintain consistent visibility across a multi-cloud environment is not closing the gap. It is part of it.

"World Cloud Security Day is a good occasion to ask whether your cloud security solution is genuinely suited to the environment you operate today and whether it provides deep enterprise resilience."

Lam's comments emphasise architectural fit and automation across multi-cloud estates rather than incremental feature additions to existing security tools.

Human error and shrinking teams

Alongside architectural concerns, George Harb, vice president for Australia and New Zealand at OpenText, highlights human error as a leading cause of cloud incidents despite advances in AI-driven defence tools.

"Although cloud security tooling and AI-driven defences continue to advance rapidly, human error remains one of the greatest contributors to cloud security incidents. For businesses, that means real financial consequences, including outages, regulatory penalties, lost customer trust, and the cost of remediating preventable mistakes. Between January and June last year, the Office of the Australian Information Commissioner reported that 37 per cent of all data breaches were caused by human error.

"Cloud configurations, identity permissions, API integrations and DevOps pipelines all rely on precise human decision-making, yet these are the areas where errors most often occur. The risk is rising as teams shrink and workloads grow. ISACA's State of Privacy survey shows privacy teams are getting smaller, with median staffing dropping from eight to five in the past year, and nearly half of organisations report shortages in technical roles. Fewer people managing more complexity increases the likelihood of misconfigurations and oversights in fast-moving cloud environments.

"It's no surprise that 35 per cent of digital trust professionals say insider threats and human error are the risks most likely to keep them up at night this year, according to ISACA's Tech Trends & Priority Pulse poll 2026. When security teams are stretched thin, burnout rises and incident response slows, while routine but critical work such as reviewing logs or validating access controls gets pushed down the list. This is precisely where many breaches begin.

"As cloud adoption accelerates, this World Cloud Security Day is a timely reminder that strengthening human resilience must be a priority.

"The organisations making the most progress are pairing technological investment with practical, skills-building exercises that reflect real-world risks. For example, they can run quarterly misconfiguration simulations that require teams to find and fix common but dangerous issues, such as an exposed S3 bucket, an overly permissive IAM role, or an open firewall rule. This builds muscle memory for the scenarios most likely to cause damage. Another option is shadow-mode exercises, in which junior staff review real production access-change tickets, helping them learn to spot suspicious patterns and permission creep early.

"These applied, hands-on activities matter far more than traditional checkbox training. They give teams the intuition and confidence to navigate complex cloud environments, even when workloads are high and headcount is tight.

"At the end of the day, cloud security rarely fails because the technology is inadequate. It fails because the people operating it do not have the bandwidth, support, or continuous practice they need. Strengthening that human layer through realistic drills, simplified access governance, and the right decision-support tools is the most effective way to reduce preventable breaches in the year ahead."

Harb links staff reductions and skills gaps to measurable increases in preventable configuration mistakes and slower incident response.

'Stealth impact' attacks

Reuben Koh, security technology and strategy director for Asia Pacific and Japan at Akamai Technologies, points to what he describes as a new wave of "stealth impact" attacks that gradually degrade performance and drive up cloud and AI costs.

"This World Cloud Security Day, the message is clear for Australian organisations: security and resilience must be embedded as foundational elements of any AI and cloud strategy, never an afterthought.

"In the past year, cyberattacks have increasingly focused on 'stealth impact', quietly degrading performance, inflating cloud and AI costs, and eroding revenue over time. This includes tactics such as the mass creation of fake accounts, bot-driven transaction abuse, and the exploitation of AI chatbots to exhaust costly tokens.

"At the same time, illegal data scraping is on the rise. AI agents are being used to harvest content from digital media and healthcare organisations, resulting in direct revenue loss and increasing the risk of downstream fraud.

"Attacks that once took weeks can now unfold in hours, with threat actors increasingly sharing tools and AI models to scale their operations globally.

"This shift is compounded by a growing imbalance between machine-speed attacks and human-speed defence. While larger enterprises are investing in AI-driven security capabilities, many organisations, particularly mid-sized businesses, continue to face challenges around visibility, skills shortages, and fragmented security environments.

"As cyberattacks become more industrialised, organisations must ensure their defences evolve in tandem, becoming faster, smarter, and capable of matching the speed and scale of the threats they face. Static defence models are no longer viable.

"Australian organisations must take strategic steps to build resilience. Comprehensive observability is essential: they must be able to discover, inventory, monitor and manage all internal and external traffic, including APIs and AI models, to maintain full visibility into what enters and leaves their environments. AI agents should be treated as insider threats. Their rapid adoption introduces a new layer of risk, and they often operate with privileged access across systems. If compromised or manipulated, they can move laterally at scale. Implementing zero-trust principles, microsegmentation and strong isolation controls is critical. Organisations also need novel security defences. Legacy tools are not equipped to address emerging threats such as prompt injection and AI-driven abuse. They must identify gaps in their current posture and invest in specialised, AI-augmented defences that operate at machine speed.

"With Australia now one of the most targeted regions, particularly across healthcare, financial services, retail and media, the implications for local organisations are significant. Beyond immediate operational disruption and financial loss, they must also navigate heightened regulatory scrutiny, potential erosion of customer trust, and the risk of long-term brand damage.

"Those who invest early in resilience will be best placed not only to withstand escalating cyber threats but to adapt to the evolving threat landscape and turn that capability into a long-term competitive advantage."

Koh's remarks underline a shift from one-off breach events to continuous, automated abuse targeting costs, data and trust across AI-enabled services.

Related stories
Automotive microcontroller market set to hit USD $15.1bn
Vodafone & Google Cloud launch AI & security tools
ISACA launches AI risk certification amid governance gap
Turning security into a story: How managed service providers use reporting to drive retention and revenue
Barracuda spots 7 million device code phishing attacks

Top stories

AI tools widen cyber attack threat, Flashpoint warns
AI flaws & supply-chain risks top new pentesting report
Exclusive: Google Cloud on the road to autonomous SecOps
Zapier expands AI governance controls for enterprise users
Avatier launches offline card after Stryker cyberattack