Sprawling Towards Exposure
Investigating Cloud Permission Risks for CISOs in Southeast Asia
Cloud environments now handle the majority of enterprise workloads, but this shift has introduced a critical vulnerability: excessive permissions. As organisations adopt multi-cloud infrastructure at speed, many are accumulating access rights faster than they can audit or remove them.
According to a survey of 150 cybersecurity leaders across Southeast Asia, 68% agree that excessive and unused cloud permissions represent a top-three cloud security concern. Yet only 10% currently prioritise cloud exposures using risk-based scoring.
This report examines the scale of permission sprawl in multi-cloud environments, its root causes in rapid cloud adoption, and the growing importance of exposure management as a strategic approach to reduce cloud risk.
Through survey data and commentary from expert security leaders, the report highlights how organisations currently view and manage permission sprawl, their prioritisation approaches, and the gaps between current practice and effective exposure management.
Featuring contributing insights from:
-
Ben Mudie, Field CTO, Asia Pacific & Japan, Tenable
-
Steven Sim, Advisor to ISACA Singapore Cyber & OT SIGs, Chair of OT ISAC Advisory Committee and Member of ISACA Emerging Trend Working Group & Emerging Technology Advisory Group
-
Justin Ong, APAC Chief Information SecurityOfficer, Panasonic Asia Pacific
-
Pasi Koistinen, Chief Information SecurityOfficer, Coinhako
-
David Lee, Head of Security, Resilience& Protection for APAC, Aberdeen Investments
.png?width=352&name=Malaysia%20(2).png)
