AI Has Turned Cloud Risk Into a Race and Human Defenders are Losing

Cloud security used to be framed as a posture problem: find the critical vulnerabilities, fix the most severe misconfigurations, and reduce the visible attack surface. That model is no longer enough. The defining change is not that artificial intelligence has created a completely new class of attacks. The change is that AI helps attackers move faster, connect more weak posture findings, and operationalize attack paths that would previously have required far more skill, time, and specialization. 

The result is a dangerous asymmetry. An unskilled attacker can now behave like a more capable one. They can use AI to accelerate reconnaissance, summarize stolen or public data, reason across cloud services, improve phishing and social engineering, generate scripts, and identify where a supplier, identity, workload, or misconfiguration may become the first step toward a breach. The UK National Cyber Security Centre assessed that AI will “almost certainly increase the volume and heighten the impact of cyberattacks” and that it lowers the barrier for novice cyber criminals, hackers-for-hire, and hacktivists to conduct more effective access and information-gathering operations. 

This is especially concerning in cloud environments because cloud risk is rarely a single catastrophic flaw. It is usually a chain. A moderate vulnerability, an overprivileged identity, an exposed secret, a permissive storage bucket, a supplier integration, and a noisy alert queue can become a breach path when combined correctly. Attack-path modeling has long shown that vulnerabilities of different risk levels can be chained together to reach a critical asset. AI gives threat actors a way to perform that same kind of reasoning at scale. 

The Data does not lie: Threat actors are using AI 

Google Threat Intelligence has observed threat actors using generative AI across multiple phases of the attack lifecycle, including reconnaissance, vulnerability research, payload development, malicious scripting, and evasion support. Google’s conclusion is important and balanced: generative AI has not yet produced breakthrough attacker capabilities by itself, but it does help adversaries move faster and at higher volume. In cloud security, that is enough to change the defender’s operating model. 

The speed gap is already visible. CrowdStrike reported that attacks by AI-enabled adversaries increased 89%, while the average eCrime breakout time dropped to 29 minutes and the fastest observed breakout time was just 27 seconds. CrowdStrike also reported that 82% of detections were malware-free, underscoring the shift toward identity abuse, hands-on-keyboard activity, legitimate tools, and cloud-native movement rather than traditional malware-centric attacks. If an organization’s average response cycle is measured in hours, but attacker progression is measured in minutes or seconds, the defender is not operating in the same time domain. 

 Alert volume makes the problem worse. Cloud security teams already face a flood of vulnerability, identity, and misconfiguration findings. Unit 42 reported that organizations saw nearly five times as many daily cloud-based alerts at the end of 2024 as at the start, with total cloud alerts increasing 388% and high-severity alerts increasing 235%. Orca Security’s cloud alert fatigue research found that 59% of respondents received more than 500 public cloud security alerts per day, while 38% received more than 1,000; more than half said they had missed critical alerts because prioritization was ineffective. 

For defenders, noise is a burden. For AI-augmented attackers, noise is cover. Attackers can deliberately exploit alert fatigue by probing broadly, blending into normal cloud activity, and chaining together findings that appear individually manageable. A vulnerability that would not top a CVSS-based list may still matter if it sits near a privileged identity, a production workload, a sensitive data store, or a trusted supplier path. In that environment, flat severity scoring becomes dangerous because it treats risk as an isolated object rather than a business-impact chain. 

The Supply Chain Impact 

Supply-chain exposure further expands the blast radius. Cloud environments are deeply connected to SaaS providers, CI/CD systems, managed service providers, identity platforms, APIs, and third-party integrations. ENISA warned that supply-chain attacks were increasing in both number and sophistication, estimating a fourfold increase in 2021 compared with 2020 and noting that half of analyzed attacks were attributed to advanced persistent threat actors. AI makes this more concerning because an attacker does not need to breach every supplier directly. They can use AI-assisted reconnaissance to identify which supplier relationships, tokens, build systems, support access paths, or integrations create the most efficient route into the cloud. 

This means cloud risk is no longer just about what is vulnerable. It is about what is reachable, exploitable, valuable, and connected. A supplier compromise can become an identity compromise. An identity compromise can become access to a cloud control plane. A cloud control-plane foothold can become data exposure, persistence, and lateral movement across environments. AI helps attackers evaluate those paths faster than human analysts can manually triage thousands of alerts. 

Machine-speed Cloud Security 

Cloud security teams must shift their capabilities to be able to respond from human-speed review to AI-speed prioritization and response. This does not mean removing humans from security decisions. It means reserving human judgment for the decisions that matter most, while automation continuously correlates exposures, identities, runtime signals, business context, attack paths, and supplier relationships. The objective is not to patch everything first. It is to understand which combination of findings creates a real path to business impact and then reduce that path before the attacker completes it. 

AI-speed response is further needed to identify AI-enabled attacks in progress. AI-enabled threat actors execute a flurry of activity across the cloud to gain access to crown jewels, and it takes humans hours to figure this out. AI-enabled Cloud Security that leverages intelligent simulation knows what the threat actor’s goal is, and can anticipate the assets that are at risk, and then stop the attacker at machine speed to prevent the breach. 

What can security teams do? 

Security teams need to look for solutions that have three main attributes to stop AI-enabled attacks: 

1. AI Red Team: Runs continuously against a digital model of your cloud, executing intelligent attack simulations that mirror real agentic threat actors, not generic templates or periodic pen tests. The attacks need to align to the customer’s specific cloud architecture and security controls to be effective in presenting cloud breaches. The result is that weaponized threats are identified to reduce cloud exposures and the attack rehearsals pre-train the SOC to stop live AI-based attacks in progress in your cloud, right now. 
2. Non-disruptive, continuous simulations: A live digital model of the cloud, updated in real time as IAM roles, security groups and workloads change, gives the AI Red Team a safe, accurate environment to simulate adversarial behavior without touching production.  
3. Business-value driven prioritization: Every exposure, identity risk, and simulated attack path is weighted by the business value of the asset at risk, not flat CVSS scores.    

Summary 

A modern cloud defense model should answer three questions in near real time. First, which findings are connected to business-critical assets? Second, which identities, suppliers, or workloads create the shortest path to those assets? Third, which active signals suggest that an attacker is moving from alert to breach? These questions cannot be answered reliably with isolated vulnerability scores or static dashboards. They require context, correlation, and speed. 

AI-enabled attacks are not a future scenario. They are already changing attacker economics. They make weaker actors more capable, capable actors faster, and cloud attack paths easier to discover and exploit. The uncomfortable truth is that a six-hour human response window may have been acceptable when attackers moved more slowly. In an AI-augmented attack, six hours can be the difference between a noisy alert and a material breach. 

This blog is written by Asaf Shahar, VP, Product, Skyhawk Security. He has over 25 years of experience as a solution architect, sales engineer, and then, moving to product management. He has overseen the transformation of Skyhawk Security to an AI-based Cloud Security Platform delivering preemptive exposure management to fight AI-based attacks.