A new report from Datadog reveals that organizations in Australia and New Zealand are adopting more advanced cloud security strategies, yet remain highly vulnerable to identity-based attacks due to an over-reliance on long-lived access credentials, according to Security Brief Australia.The 2025 State of Cloud Security report found that a majority of cloud identities have active keys older than one year, including 59% of AWS IAM users and 55% of Google Cloud service accounts, creating a significant attack surface. According to Datadog's ANZ regional vice president Roz Gregory, "identity-based attacks are one of the most common methods of cyberattack" in the region, with long-lived credentials often being the weak point.The data shows a concerning upward trend in access keys older than three years, which are frequently unused but still pose a risk. On a positive note, the report indicates a shift towards modern practices, with 40% of organizations now implementing data perimeters for protection, and widespread adoption of centrally managed multi-account structures to enforce standardized security policies.Experts emphasize that moving beyond simple credential rotation to enforce stricter access controls, remove unused roles, and apply the principle of least privilege is essential for mitigating these persistent threats.
Cloud Security, Identity
Report highlights persistent credential management flaw

(Adobe Stock)
An In-Depth Guide to Cloud Security
Get essential knowledge and practical strategies to fortify your cloud security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



