AWS showed the lowest rate for assets with both critical and easily exploitable issues at 0.02%.

Assets hosted by cloud providers other than AWS, Google, and Azure showed approximately 10 times higher rates of critical vulnerabilities compared to AWS, Google Cloud, and Azure.

70% of Security and IT leaders report their organization is actively considering repatriating data from public to private cloud due to security concerns.

80% of respondents said they would be willing to spent more time compelting comprehensive identity verification processes in banking and financial services.

28.2% of fintech companies that experienced publicly reported breaches had multiple incidents.

Fourth-party exposures accounted for an additional 11.9% of breaches on fintech companies, which is more than double the global average.

Just 37% of consumers said they more strongly believe that most social media accounts are authentic compared to last year.

41.8% of breaches impacting top fintech companies originated from third-party vendors.

18.4% of fintech companies experienced publicly reported breaches.

Alternative cloud and hosting providers showed rates ten times higher than AWS for assets with both critical and easily exploitable issues

Assets hosted by AWS and Google Cloud showed 0.04% with critical vulnerabilities.

46% say that a key challenge in securing and managing hybrid cloud infrastructure is lack of clean, high-quality data to support secure AI workload deployment (46%).

47% say that a challenge in securing and managing hybrid cloud is the lack of comprehensive insight and visibility across their environments, including lateral movement in East-West traffic.

70% of Security and IT leaders now view the public cloud as a greater risk than any other environment.

The breach rate has surged to 55% during the past year. This represents a 17% year-on-year (YoY) rise in breach rates.

Nine out of ten (91%) Security and IT leaders concede to making compromises in securing and managing their hybrid cloud infrastructure.

38% of assets hosted by Google Cloud were vulnerable to at least one security issue or misconfiguration. This rate for Google Cloud was over 2.5x more than assets hosted by AWS.

47% of organizations claim to have implemented Shift Left security strategies.

Critical vulnerabilities (CVSS 9.0 or higher) were detected on assets hosted by all cloud providers, though uncommon.

31% report difficulty in effectively integrating Shift Left security tools into their development workflows, making tool integration a major barrier.