, a leader in cloud infrastructure management, has released a report detailing a critical issue in cloud security. The study shows that security professionals are overwhelmed, spending 80% of their time tackling preventable security misconfigurations in cloud environments.

The report notes an average of 500 security alerts bombarding cloud security systems every week. With data breaches in the cloud averaging costs over $4 million, the industry faces a dire situation that restricts professionals from focusing on proactive security measures to enhance their organization’s defenses.

Human Error

Human error is identified as the primary cause in 55% of cloud security incidents, with the report pointing out that more than 60% of cloud and DevOps engineers are relatively inexperienced, possibly leading to unknowingly compromised systems.

Chafik Belhaoues, co-founder & CEO of Brainboard, expressed: “This statistic makes it abundantly clear that relying solely on human vigilance in a complex cloud environment can lead to severe consequences.

“The fact is, organizations simply cannot afford to wait to be hacked before taking action, and taking a reactive approach is extremely expensive and unsustainable, especially with modern and sophisticated attack systems.

“The only way to remedy that is to adopt a proactive approach to security in a way that helps engineers build secure-by-design systems.”

Proactive Security in the Cloud

Chafik also highlighted strategies for enhancing security proactively.

He added: “The first big step to implementing proactive security for cloud architectures is to have an internal approved and secure library of building blocks that engineers can build with.

“Secondly, having a short security feedback loop that is close to users, such as ‘security shift left’, helps them build secure-by-design patterns.

“Finally, you can limit the blast radius by building isolated small cloud infrastructures. This reduces the impact to only the scoped environments or stacks.”

For more guidance on bolstering your cloud security, visit