Cloud Threat Horizons Report -- H1 2026
Google Cloud, Tuesday, March 10th, 2026
The Google Cloud Threat Horizons Report provides decision-makers with strategic intelligence on threats to not just Google Cloud, but all cloud service providers. The report focuses on recommendations for mitigating risks and improving cloud security for leaders and practitioners.
The report is informed by Google Cloud's Office of the CISO, Google Threat Intelligence Group (GTIG), Mandiant Consulting, and various Google Cloud intelligence, security, and product teams.
Executive summary
From rapid exploitation to forensic readiness
The cloud threat landscape is rapidly shifting. Google Cloud Security observed the window between vulnerability disclosure to active exploitation collapse from weeks to days in the second half of 2025. This activity, along with AI-assisted attempts to probe targets for information and continued threat actor emphasis on data-focused theft, indicates that organizations should be turning to more automatic defenses.
Recognizing our commitment to shared fate in cloud security, this edition of our Cloud Threat Horizons report highlights current threat trends and provides actionable recommendations specific to Google Cloud and for all platforms. A more concise companion report providing tailored recommendations for directors will be available on the Board of Directors Insights Hub.