2022 State of Public Cloud Security Report


The 2022 State of the Public Cloud Security Report is a study compiled by the Orca Research Pod, a team of twelve researchers who analyzed workload, configuration, and identity data captured from billions of cloud assets on AWS, Azure and Google Cloud scanned by the Orca Cloud Security Platform.


This study shows that while many organizations list cloud security as one of their top IT priorities, there are still many basic security practices that are not being followed. In the rush to move resources to the cloud, organizations struggle to keep up with ever-expanding cloud attack surfaces and increasing multi-cloud complexity. The current shortage of cybersecurity skilled staff is further worsening the situation.


Some key findings include:

  • The average attack path only needs 3 steps to reach a crown jewel asset
  • 78% of identified attack paths use known vulnerabilities (CVEs) as an initial access attack vector
  • 70% of organizations have a Kubernetes API server that is publicly accessible


To read the full study and get recommendations on what actions you can take to reduce your attack surface, download the report today.

You might also be interested in…