As we move into 2025, it becomes even more evident that the rapidly evolving nature of cloud native security will continue to be a moving target. That is largely because securing containers, service accounts and service mesh tends to evolve as rapidly as the technological advances that they deliver. Consequently, as cloud native security continues to mature, its focus will naturally change to address new threat landscapes and radical changes in the ecosystem. So, it’s no surprise that the focus of cloud native security has changed from broad security strategies—such as zero trust and software supply chain security—to more specific concerns about how AI impacts all aspects of cloud native security. (More on that later).
How have security challenges for cloud native changed?
To better understand the current state of cloud native security and machine identity management, Venafi sponsored conducted an independent survey of 800 security and IT leaders in large organizations across the U.S., U.K., France, and Germany. Following on a similar survey in 2023, the report examines the top threats and challenges impacting the state of cloud native security at organizations today, including their approach to cloud native security, challenges faced, ownership among security and development teams, and the foundational role machine identities play within cloud native security.
The survey results revealed that at least one thing has not changed over the past year. Cloud native security incidents remain a constant. 86% of organizations had a security incident related to their cloud native environment within the last year. The one aspect that has changed is that it appears the impact of cloud native security incidents has become a bit more pronounced for organizations.
- 53% of organizations had to delay an application launch or slow down production time.
- 45% suffered outages or disruption to their application service.
- 30% said attackers could gain unauthorized access to data, networks and systems.
By comparison, in 2023, 33% of teams reported application delays, and 27% reported outages. These numbers have jumped by as much as 20% year over year, indicating a significant rise in the concern over cloud native security challenges.
Where have we seen the biggest changes in cloud native incidents?
Machine identity threats are playing a much bigger role in the threat landscape. Of the organizations that experienced cloud security incidents, most were hit by threats that leveraged machine identities.
Top incidents
- 56% experienced a security incident related to machine identities using service accounts in the last year.
- 53% reported issues with certificate management, highlighting the need for improved security governance.
- 48% faced challenges in secrets management, essential for safeguarding API keys and passwords.
And these machine identity issues are just the beginning. Many have also encountered difficulties with containers, microservices architecture, service meshes, batch scripts and Kubernetes infrastructure. Perhaps more alarmingly, 9% of respondents experienced security incidents across all mentioned categories.
Learn more about top cloud security threats that involve certificates and secrets.
Dramatic rise in concerns over service account threats
No wonder service accounts were the top cause of cloud native security incidents. Research revealed that in 2024, service accounts were used by 99% of organizations, with 87% reporting a surge in their usage over the past year. In fact, 45% of teams not only increased their reliance on service accounts but also diversified the cloud providers they work with, while 32% ramped up their service account usage but stuck with using a single provider.
Why is the issue so widespread? As organizations lean more on service accounts, they use a patchwork of methods to secure access tokens, which only adds to machine identity security complexity. Shockingly, 83% of teams recognize this challenge.
Top service account security threats
- 47% concerned about attackers harvesting sensitive data for lateral access.
- 45% worry that long-lived tokens may allow long-term unauthorized access.
- 43% fear attackers will use service account tokens to access Kubernetes APIs and deploy malicious containers.
Concerns over AI threats overtake those of software supply chain
It's no surprise that the biggest shift in concerns about cloud native security now centers specifically on the implications of AI in the software supply chain. Truly, it seems that concerns about AI poisoning have taken over in 2024.
- 77% are concerned about AI poisoning, whereby AI data inputs/outputs are manipulated for malicious purposes.
- 75% are worried about model theft.
- 73% are concerned about the use of AI-led social engineering.
- A further 72% are worried about provenance in the AI supply chain.
With 77% of IT security leaders believing that AI poisoning attacks will become the new software supply chain attack, it appears AI threats are part of a broader ongoing issue. By comparison, in 2023, 70% were worried about software supply chain attacks being their biggest security blind spot. Including AI factors, 84% of teams still say software supply chain attacks continue to be a clear and present danger.
Conclusion
Machine identities are critical to secure sensitive cloud native resources that can be accessed from anywhere on the Internet. To properly implement the latest advances in technology, organizations need to establish the identity of cloud native machines such as service accounts, certificates and secrets. To function securely, all these interconnected cloud native machines must be able to rapidly verify their identities with each other. Yet, the management of this proliferation of machine identities can be challenging in cloud native environments and organizations may have trouble keeping up with today’s rapid pace of continual innovation.
Discover how your cloud native security stacks up.