Despite the increase in cloud adoption, there`s a notable decrease in confidence in handling cloud threats in real-time. The skills shortage is also a major challenge with 95% being moderately to extremely concerned and 76% being directly impacted.
These were two of the findings of Fortinet’s latest “2025 State of Cloud Security Report,” produced by Cybersecurity Insiders. The report highlights trends and challenges organizations face in the cloud security landscape.
Based on insights from over 800 cybersecurity professionals, it also serves as a guide on strengthening organizations’ cloud security posture while adopting innovation in their cloud services.
Vincent Hwang, Vice President of cloud security at Fortinet, notes that these challenges can be mitigated with automation and training existing staff, when hiring external resources is not always an option.
Key Findings
Strategies Vary in Cloud Deployment
Among those surveyed, 54% preferred hybrid, 28% opted for multi-cloud, and only 18% chose single-cloud setups. Understandably, organizations are increasingly adopting hybrid and multi-cloud strategies over single-cloud deployments. Notably, 78% of organizations now utilize two or more cloud providers, reflecting the growing trend toward multi-cloud adoption. Single-cloud solutions remain more practical for smaller businesses where flexibility and management costs are less critical.
Challenges Faced in the Cloud
When adopting cloud technologies, 61% of organizations consider meeting security and regulatory requirements their foremost concern. 54% responded that they face organizational and operational challenges and 51% face resource constraints.
63% responded that protecting data security and privacy was the most significant operational challenge, making it the top concern. This finding mirrors that in multi-cloud environments, challenges in ensuring data protection and privacy were recorded as 58%, also making it a primary concern.
Main Security Skills Needed
Cloud and application security skills are the first on the list, at 65%. Identity and access management follow second at 61%, and technical and advanced security skills are the third leading skills at 58%.
Adoption of Unified Cloud Security Platforms
A staggering 97% of respondents value a centralized cloud security platform in their organization. They agree that having a platform with a single dashboard for unified security configurations in their entire cloud footprint is very helpful!
Expert Insights
Rom Carmel, CEO at Apono, highlights the importance of security teams working together. “The adoption of the cloud created a situation where engineering and operation teams are the ones creating and maintaining infrastructure, and with that, they are constantly directly affecting the cloud posture. Therefore, IT security teams must work closely with these engineering teams to build processes to enforce security guardrails constantly as part of managing a dynamic environment.”
Visibility is the most crucial factor in Cloud Security, adds Nicole Carignan, Vice President of Strategic Cyber AI, at Darktrace. “For organizations to effectively manage IAM and compliance. You cannot protect what you cannot see. AI-driven solutions can provide dynamic visibility into an organization’s multi-cloud environments, providing full visibility in real-time and enabling a cloud-native approach to threat detection and response.”
Amit Zimerman, Co-Founder and Chief Product officer at Oasis Security says that, “Cloud security is a multifaceted challenge that requires both strategic planning and operational excellence. Organizations should focus on leveraging modern tools that offer comprehensive analytics, capable of processing large volumes of data to identify and prioritize vulnerabilities.”
Conclusion
Adopting cloud technologies is becoming ever more complex and requires careful management. Despite the challenges, the benefits are significant, leading to increased interest from organizations. As cloud adoption grows, the threat landscape increases, and addressing security concerns becomes essential.
Dilki Rathnayake is a cybersecurity content writer and the Managing Editor at Information Security Buzz, with a BSc in Cybersecurity and Digital Forensics. She is skilled in computer network security and Linux system administration. Dilki has also led awareness programs and volunteered for communities promoting best practices for online safety.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.