CloudTech is part of the TechForge Publications seriesView AllAI NewsDeveloperIoT NewsMarketing TechTechHQTech Wire AsiaTelecomsView AllAI NewsDeveloperIoT NewsMarketing TechTechHQTech Wire AsiaTelecomsTechForge SearchNewsCategoriesCloud in ActionCloud MigrationCloud ROI & CostInternal Change ManagementMissteps & LessonsSME & Startup CloudEditorial DeskAnnouncements & AnalysisForecasts & TrendsMigrations: Behind the ScenesTechEx EventsFeaturesInterviewsPodcastsSponsored ContentVideosWebinarsFuture of CloudAI & CloudCloud EthicsEdge & Distributed CloudOpen CloudQuantum & CloudServerless ArchitectureSustainable CloudIndustry PerspectivesEducation & ResearchFinanceHealthcare & Life SciencesLegal & HRMedia, Gaming & CreativePublic SectorRetail & ConsumerMarket IntelligenceCloud StartupsEarnings & Market ShareEvent CoverageMergers & AcquisitionsVendor Roadmaps & LeadershipSecurity, Privacy & TrustCloud CybersecurityCyber Security & Cloud ExpoEncryption & Data PrivacyGovernance, Risk & ComplianceIdentity & AccessStrategy & Decision-MakingChoosing a Cloud StrategyFinOps & BudgetsLock-In & ExitMulti- & Hybrid CloudProcurement & ContractsSkills & HiringTechnology StackBig VendorsContainers & KubernetesDatabases & Data PlatformsInfrastructure as CodeObservability & MonitoringXaaS ModelsEventsResourcesOn-demand WebinarsExclusive VideosPodcastsAll ResourcesMoreAdvertiseAbout UsContact Us SearchNewsCategoriesCloud in ActionCloud MigrationCloud ROI & CostInternal Change ManagementMissteps & LessonsSME & Startup CloudEditorial DeskAnnouncements & AnalysisForecasts & TrendsMigrations: Behind the ScenesTechEx EventsFeaturesInterviewsPodcastsSponsored ContentVideosWebinarsFuture of CloudAI & CloudCloud EthicsEdge & Distributed CloudOpen CloudQuantum & CloudServerless ArchitectureSustainable CloudIndustry PerspectivesEducation & ResearchFinanceHealthcare & Life SciencesLegal & HRMedia, Gaming & CreativePublic SectorRetail & ConsumerMarket IntelligenceCloud StartupsEarnings & Market ShareEvent CoverageMergers & AcquisitionsVendor Roadmaps & LeadershipSecurity, Privacy & TrustCloud CybersecurityCyber Security & Cloud ExpoEncryption & Data PrivacyGovernance, Risk & ComplianceIdentity & AccessStrategy & Decision-MakingChoosing a Cloud StrategyFinOps & BudgetsLock-In & ExitMulti- & Hybrid CloudProcurement & ContractsSkills & HiringTechnology StackBig VendorsContainers & KubernetesDatabases & Data PlatformsInfrastructure as CodeObservability & MonitoringXaaS ModelsEventsResourcesOn-demand WebinarsExclusive VideosPodcastsAll ResourcesMoreAdvertiseAbout UsContact Us Subscribe Subscribe SearchNewsCategoriesCloud in ActionCloud MigrationCloud ROI & CostInternal Change ManagementMissteps & LessonsSME & Startup CloudEditorial DeskAnnouncements & AnalysisForecasts & TrendsMigrations: Behind the ScenesTechEx EventsFeaturesInterviewsPodcastsSponsored ContentVideosWebinarsFuture of CloudAI & CloudCloud EthicsEdge & Distributed CloudOpen CloudQuantum & CloudServerless ArchitectureSustainable CloudIndustry PerspectivesEducation & ResearchFinanceHealthcare & Life SciencesLegal & HRMedia, Gaming & CreativePublic SectorRetail & ConsumerMarket IntelligenceCloud StartupsEarnings & Market ShareEvent CoverageMergers & AcquisitionsVendor Roadmaps & LeadershipSecurity, Privacy & TrustCloud CybersecurityCyber Security & Cloud ExpoEncryption & Data PrivacyGovernance, Risk & ComplianceIdentity & AccessStrategy & Decision-MakingChoosing a Cloud StrategyFinOps & BudgetsLock-In & ExitMulti- & Hybrid CloudProcurement & ContractsSkills & HiringTechnology StackBig VendorsContainers & KubernetesDatabases & Data PlatformsInfrastructure as CodeObservability & MonitoringXaaS ModelsEventsResourcesOn-demand WebinarsExclusive VideosPodcastsAll ResourcesMoreAdvertiseAbout UsContact Us Hamburger Toggle Menu AI & Cloud, Cloud Cybersecurity, Cyber Security & Cloud Expo, Security, Privacy & TrustRed Hat’s 2026 report exposes the cloud-native security execution gap–and how to close itDashveenjit Kaur1st April 2026 Share this story: Tags:cloud-native securitycybersecurityOpenShiftRed Hatzero trustCategories::AI & CloudCloud CybersecurityCyber Security & Cloud ExpoSecurity, Privacy & TrustAlmost every organisation running cloud-native systems has been hit by a security incident in the past year.The causes are less dramatic than the frequency suggests, according to Red Hat’s 2026 State of Cloud-Native Security Report, published on March 24.It states that 97% of organisations reported at least one cloud-native security incident over the previous 12 months.As per the report’s findings, misconfigured infrastructure or services were the most commonly reported incident type at 78%, followed by known vulnerabilities and unauthorised access.
These are not sophisticated, hard-to-anticipate attacks but execution failures – recurring and costly.The report’s sharpest finding is the distance between how prepared organisations believe they are and what their security programmes can actually demonstrate.According to the 2026 report, 56% of respondents described their day-to-day security posture as proactive.Yet only 39% reported having a mature, well-defined cloud-native security strategy, and around 22% had no defined strategy at all.
That means roughly six in ten organisations are operating on confidence not structure.The practical consequences are evident in the uneven adoption of basic controls.As per the report, identity and access management had approximately 75% adoption – one of the strongest figures in the survey.Container image signing, however, had been implemented by only about half of organisations, and runtime protection remained inconsistent, with many teams defaulting to out-of-the-box settings not deliberately defined policies.Based on Red Hat’s data, organisations with a well-defined strategy reported 61% confidence in securing their software supply chain, considerably higher than less mature peers, and were far more likely to have deployed advanced guardrails in their environments.Security slows deliveryAccording to the report, 74% of organisations delayed or slowed application deployments in the past 12 months due to security concerns.
Of those that reported downstream effects – a figure that reached 92%– 52% said remediation demands had consumed more time than planned, 43% reported lower developer productivity, and 32% said incidents had damaged customer trust.That pattern – security as a brake on delivery – is what Red Hat’s prescription is designed to break.The report argues that embedding security earlier and more consistently into development pipelines reduces the remediation burden downstream, not adding friction at the point of deployment.AI’s governance problemThe 2026 edition of the report introduces a dimension that previous versions did not have to contend with at scale: the security implications of generative AI inside cloud environments.According to the report, 58% of organisations now identify AI adoption as a core driver of their security planning.The concern levels are near-universal; 96% of respondents expressed worries about generative AI in cloud settings, with the main fears centring on exposure of sensitive data, shadow AI tools deployed without approval, and the integration of insecure third-party AI services.The governance response has not kept pace.
As per the report, 59% of organisations lack documented internal AI use policies or governance frameworks, leaving the majority managing an expanding and fast-moving set of AI tools without agreed-on rules for data handling, access, or oversight.Red Hat has been working to extend zero-trust principles into the AI agent layer, specifically to address this.In January 2026, the company made its Zero Trust Workload Identity Manager generally available on OpenShift, providing cryptographically verifiable identities to workloads using the open SPIFFE and SPIRE standards.Red Hat’s own technical documentation on the release shows the tool extends the same identity and access controls applied to human-driven processes to AI agents operating at runtime – covering agent-to-agent and agent-to-tool interactions that traditional perimeter security does not reach.Anjali Telang, senior principal product manager for OpenShift Security and Identity at Red Hat, described the rationale: “Zero trust means you trust no one, you always verify, and then you base that verification on an identity.With AI, we want to bring in the same trust that we already have built into the system, making sure that trust translates to AI workloads and AI agents.”According to Red Hat’s emerging technologies team, writing in February 2026, agentic AI systems introduce what NIST 800-207 defines as a transaction boundary problem – where authentication typically happens only between the client and the agent platform, with no explicit trust established in subsequent downstream calls.
Most security breaches in recent years have exploited exactly those hidden trust assumptions between components.Based on the 2026 report, organisations are changing security investment away from point tools and toward platform consolidation and integrating security directly into development workflows.The declared priorities for the next one to two years include DevSecOps automation, cited by over 60% of respondents, to move from manual review gates to security embedded as code inside CI/CD pipelines.Software supply chain security followed at 56%, and runtime protection expansion at 54%.Regulatory pressure is reinforcing those priorities.
According to the report, 64% of organisations said they expect the EU Cyber Resilience Act to be a primary factor in shaping security investment decisions – a figure that suggests compliance has moved from a trailing consideration to a boardroom driver.Red Hat’s overall recommendation in the report is to establish a defined strategy, build guardrails and automation into platforms not layering them on top, prioritise supply chain integrity, and introduce AI governance now.The data makes a clear case that cloud-native security’s primary problem in 2026 is the gap between the security posture organisations believe they have and the one their processes and governance structures sustain.()See also: Cloud demand shifts toward AI as enterprise use deepensWant to learn more about Cloud Computing from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London.The comprehensive event is part of TechEx and is co-located with other leading technology events, click here for more information.CloudTech News is powered by TechForge Media.Explore other upcoming enterprise technology events and webinars here.About the Author Dashveenjit KaurJournalist Dashveenjit is an experienced tech and business journalist with a determination to find and produce stories for online and print daily.
She is also an experienced parliament reporter with occasional pursuits in the lifestyle and art industries.Related Cloud costs rise as AI moves into core business systems1st April 2026 Tata SD-WAN for DC connectivity in the AI age31st March 2026 Amazon’s retail stores are starting to run like cloud systems30th March 2026 Oracle introduces “agentic cloud apps” into enterprise workflows26th March 2026 Cloud costs rise as AI moves into core business systems1st April 2026 Tata SD-WAN for DC connectivity in the AI age31st March 2026 Amazon’s retail stores are starting to run like cloud systems30th March 2026 Oracle introduces “agentic cloud apps” into enterprise workflows26th March 2026 Join our CommunitySubscribe now to get all our premium content and latest tech news delivered straight to your inbox Click here Popular Cloud ROI & Cost, Interviews, Sponsored Content, Sustainable CloudRipple effect: Xylem’s sustainable water solutions for Europe’s data centres 20446 view(s)Cloud Computing, XaaS ModelsConcern over cloud storage security remains says Spiceworks – but good news for OneDrive 12601 view(s)Big Vendors, Cloud Computing, Cloud Cybersecurity, Market Intelligence, Security, Privacy & Trust10 real-life cloud security failures and what we can learn from them 5901 view(s)Big Vendors, Cloud Computing, Market Intelligence5 of the best: cloud technology training platforms 5842 view(s)Cloud ROI & Cost, Interviews, Sponsored Content, Sustainable CloudRipple effect: Xylem’s sustainable water solutions for Europe’s data centres 20446 view(s)Cloud Computing, XaaS ModelsConcern over cloud storage security remains says Spiceworks – but good news for OneDrive 12601 view(s)Big Vendors, Cloud Computing, Cloud Cybersecurity, Market Intelligence, Security, Privacy & Trust10 real-life cloud security failures and what we can learn from them 5901 view(s)Big Vendors, Cloud Computing, Market Intelligence5 of the best: cloud technology training platforms 5842 view(s) See all Latest View All Latest AI & Cloud30th March 2026Amazon’s retail stores are starting to run like cloud systems AI & Cloud26th March 2026Oracle introduces “agentic cloud apps” into enterprise workflows Cloud Cybersecurity25th March 2026Best hybrid mesh firewalls: Check Point, Fortinet, and Cisco compared AI & Cloud30th March 2026Amazon’s retail stores are starting to run like cloud systems AI & Cloud26th March 2026Oracle introduces “agentic cloud apps” into enterprise workflows Cloud Cybersecurity25th March 2026Best hybrid mesh firewalls: Check Point, Fortinet, and Cisco compared SubscribeAll our premium content and latest tech news delivered straight to your inbox Subscribe ExploreAbout UsContact UsNewsletterPrivacy PolicyCookie PolicyAbout UsContact UsNewsletterPrivacy PolicyCookie PolicyReach Our AudienceAdvertisePost a Press ReleaseContact UsAdvertisePost a Press ReleaseContact UsCategoriesCloud in ActionEditorial DeskFeaturesFuture of CloudIndustry PerspectivesMarket IntelligenceSecurity, Privacy & TrustTechnology StackStrategy & Decision-MakingAll CategoriesCloud in ActionEditorial DeskFeaturesFuture of CloudIndustry PerspectivesMarket IntelligenceSecurity, Privacy & TrustTechnology StackStrategy & Decision-MakingAll CategoriesOther PublicationsExplore AllAI NewsDeveloperIoT NewsMarketing TechTechHQTech Wire AsiaTelecomsExplore AllAI NewsDeveloperIoT NewsMarketing TechTechHQTech Wire AsiaTelecomsCloudTech News is part of TechForge SubscribeAll our premium content and latest tech news delivered straight to your inbox
Read More
