Cloud adoption lies at the heart of digital transformation, providing the agility and flexibility they need to stay competitive in a rapidly changing marketplace. Competing in a digital-first economy requires developing personalized customer experiences, embracing a more prominent work-from-anywhere (WFA) strategy, streamlining workflows, and optimizing distributed operations for greater efficiency and scalability, writes Vince Hwang, on the 2025 State of Cloud Security Report, sponsored by Fortinet and produced by Cybersecurity Insiders.
However, while the power of the cloud certainly enables enterprises to quickly adapt to today’s evolving demands, it also introduces unique challenges that security teams must recognize and manage. These include safeguarding sensitive data, ensuring regulatory compliance, and maintaining visibility and control across increasingly complex hybrid and multi-cloud environments.
The release provides a comprehensive analysis of the latest trends, challenges, and strategies shaping cloud security. Based on insights from over 800 cybersecurity professionals across industries and geographies, this report reveals what’s driving hybrid and multi-cloud adoption, the evolving challenges organizations face, and actionable steps for securing these dynamic environments.
Many navigating the challenges of cloud adoption recognize the importance of safeguarding their cloud-based initiatives. As a result, they are significantly increasing their cloud security investments in the coming year. They are channeling their resources to address critical security gaps, ensure compliance, and overcome technical complexities. This blog examines some key findings from the report, including how businesses worldwide are harnessing the cloud and how their security teams respond to cloud-related threats. It highlights the challenges companies face as they navigate their cloud adoption journey.
Adoption trends: hybrid and multi-cloud
Cloud adoption continues to redefine IT operations, with hybrid and multi-cloud models emerging as the leading strategies for most organizations. According to the report, 82 per cent of surveyed organizations now leverage cloud to achieve greater scalability, flexibility, and resilience. To that end, hybrid cloud adoption has risen to 54 per cent, enabling organizations to integrate their on-premises systems with public cloud platforms. This approach lets organizations optimize the deployment of their applications based on their needs, striking a balance between control and compliance. For instance, IT teams can use public clouds for customer-facing applications while keeping sensitive data safe in their private environments.
Challenges
While cloud adoption offers substantial benefits, it also brings significant security challenges, with 61 per cent of respondents reporting that security and compliance concerns are their top barriers to cloud adoption. Misconfigurations, regulatory non-compliance, and data breaches are among the most pressing issues identified, especially as hybrid and multi-cloud environments expand. For instance, healthcare providers migrating patient records to the cloud must comply with HIPAA regulations while safeguarding sensitive information.
Compounding these challenges is the cybersecurity skills gap. A staggering 76 per cent of organizations report a shortage of cloud security expertise and people resources, limiting their ability to deploy and manage comprehensive security solutions. This shortage not only underscores the need for targeted training and upskilling to bridge the gap but also to rethink cloud deployment strategies to reduce complexity and increase security effectiveness.
This is even more critical when considering another critical weakness highlighted by the report: real-time threat detection. Only 36pc of respondents expressed confidence in their ability to detect and respond to threats in their cloud environments. This lack of confidence highlights vulnerabilities in current architectures, especially in complex hybrid and multi-cloud setups.
Unified platforms
The report emphasizes implementing a unified cloud security platform strategy to tackle these challenges. An overwhelming 97pc of respondents prefer centralized solutions that simplify policy management, enhance visibility, and ensure consistent enforcement across diverse environments. On average, cloud security accounts for 35pc of overall IT security spending, reflecting the growing importance of protecting hybrid and multi-cloud environments. But with cloud security now a top priority, 63pc plan to increase their budgets in the next 12 months.
