Skip to main content

CYBERSTATS

Security Intelligence

Back to Home

7% of cybersecurity intrusions investigated resulted from actors gaining access through improperly configured application and infrastructure assets.

Google Cloud
May 27, 2026
Misconfiguration

7% of cybersecurity intrusions investigated resulted from actors gaining access through improperly configured application and infrastructure assets. — This cybersecurity statistic was published by Google Cloud in May 2026. It covers topics including Misconfiguration. The original data appears in Cloud Threat Horizons Report H1 2026. For the full methodology and detailed findings, refer to the original report.

Source

View Original Report

Published on 3/10/2026

Share or Copy this stat

Frequently Asked Questions

What does this statistic say?

7% of cybersecurity intrusions investigated resulted from actors gaining access through improperly configured application and infrastructure assets. This data was published by Google Cloud and covers Misconfiguration.

Where does this data come from?

This statistic comes from Cloud Threat Horizons Report H1 2026, published by Google Cloud on May 27, 2026. You can view the original report at https://cloud.google.com/security/report/resources/cloud-threat-horizons-report-h1-2026.

What cybersecurity topics does this cover?

This statistic relates to Misconfiguration. Browse more statistics on Misconfiguration or from Google Cloud.

Want More Statistics Like This?

Get the latest cybersecurity stats delivered to your inbox every week

Related Statistics

75% of sensitive data exposures begin with compromised identities or misconfigured permissions.

Netwrix6/15/2026
Data SecurityIdentity CompromiseMisconfiguration

An automotive parts marketplace database with over 7.7 million records was exposed via a misconfigured Elasticsearch instance in January 2026

PCA Cyber Security5/27/2026
Automotive CybersecurityAftermarketMisconfiguration

Initial access by threat actors using misconfiguration, which accounted for 29.4% of incidents in the first half of 2025, dropped to 21% in H2 2025.

Google Cloud5/27/2026
Initial AccessMisconfiguration

Misconfigurations or gaps in security coverage materially enable attacks in over 90% of incidents.

Palo Alto Unit 422/22/2026
MisconfigurationGaps In Security Coverage

Server security misconfigurations: 34.9% in the financial services industry (versus 27.9% average in other industries).

Cobalt9/30/2025
Financial servicesPen testVulnerabilities

Nearly 7 in 10 retail & consumer goods organizations had APIs with misconfigured authorizations or data exposure issues. These retail & consumer goods APIs averaged 15 vulnerabilities per API.

BreachLock8/11/2025
APIsMisconfigurationData exposure

Browse by Topic

MisconfigurationMore from Google Cloud

Stay Ahead of Cyber Threats

Join 1,000+ security professionals getting weekly insights