Cloud AI workloads exposing enterprises to risk

Seven in 10 AI workloads across major cloud platforms have at least one critical vulnerability, new research from exposure management company Tenable suggests.

The company’s latest Cloud Security Risk Report found that cloud workloads supporting AI initiatives are significantly more vulnerable than traditional workloads.

The report found that 70% of AI workloads across Amazon Web Services, Microsoft Azure and Google Cloud Platform contain at least one unremediated critical vulnerability, compared to 50% of non‍-‍AI workloads.

For example, 77% of organisations using Google’s Vertex AI Workbench have at least one notebook instance configured with an overprivileged default service account, a misconfiguration that could enable attackers to infiltrate and laterally move across cloud environments.

AI workloads are also becoming an increasingly attractive target for threat actors, the report found, exposing Australian organisations to risk as they continue to accelerate AI adoption.

But beyond AI workloads, the report does demonstrate some progress with managing cloud risks. Workloads dubbed “toxic cloud trilogies” — those publicly exposed to the internet, having unpatched critical vulnerabilities, and with over‍-‍permissioned identity and access management roles — reduced to 29% of organisations surveyed. This represents a nine percentage point improvement from 2024.

Tenable has attributed the decline to improved risk prioritisation practices and wider use of cloud-native security tooling. Meanwhile, 83% of AWS users have configured at least one identity provider, a best practice for securing human and service identities.

But credential abuse remains the most common initial access vector in cloud attacks, being involved in 22% of breaches, the report found. The report asserts that this demonstrates that adopting identity providers is not on its own sufficient, and must be accompanied by strong enforcement of multi‍-‍factor authentication and least‍-‍privilege principles.

Tenable Director of Cloud Security Research Ari Eitan said these findings paint a mixed picture.

“Organisations have made real strides in tackling toxic cloud risks, but the rise of AI workloads introduces a fresh wave of complexity,” he said. “AI’s data‍-‍intensive nature, combined with persistent misconfigurations and vulnerabilities, demands a new level of diligence. Exposure management gives security teams the context they need to protect what matters most, including the crown jewels hidden inside AI environments.”

The Tenable Cloud Security Risk Report 2025 can be downloaded here.

Image credit: iStock.com/MF3d