Bengaluru: Misconfigured cloud storage and exposed credentials are putting Indian businesses at serious risk of cyber threats, according to a new report by cybersecurity firm Tenable. The 2025 Cloud Security Risk Report reveals that critical vulnerabilities in cloud infrastructure are widespread across Indian organisations.
The report, based on an analysis of global cloud environments, found that 9% of all cloud storage resources contain sensitive or restricted information. In high-volume data environments, even this relatively small percentage can result in millions of confidential records being exposed. Moreover, nearly one in ten publicly accessible storage buckets was found to hold sensitive data, increasing the risk of breaches due to weak access controls and common misconfigurations.
In addition to storage misconfigurations, the research highlights a critical security gap in workload management. Tenable found that 54% of organisations using AWS ECS task definitions have embedded secrets, such as passwords or API keys, which could be exploited to gain unauthorised access to cloud systems. Furthermore, 3.5% of AWS EC2 instances were found to contain embedded credentials, posing a threat of privilege escalation and system compromise.
Tenable’s analysis comes at a time when cloud adoption is rapidly increasing in India’s enterprise and government sectors. As regulatory bodies like the Securities Exchange Board of India (SEBI) and the Reserve Bank of India (RBI) tighten cybersecurity compliance requirements, these security gaps could lead to potential legal and financial consequences for non-compliant organisations.
Also Read: Agora, WIZ.AI Collaborate to Build Scalable AI Agent Solutions for Enterprises
