Cloud security in 2025 is defined by contradiction: persistent threats and low confidence on one side, maturing strategies and accelerating automation on the other. While the fundamentals of cloud risk remain stubbornly familiar unauthorized access, data leakage, and phishing—security teams today are grappling with a deeper, more structural challenge: how to defend sprawling, fast-moving, multi cloud environments with tools and processes built for a different era.
To better understand how security leaders are responding, we conducted our annual cloud security survey, gathering insights from over 500 cybersecurity professionals across Europe. We asked where their strategies are evolving, where confidence is breaking down, and which technologies including automation and AI—they see as essential for navigating the complexity of modern cloud environments.
This 2025 Cloud Security Report is the result of that effort.
Key findings include:
1. Cloud threats are evolving—but defenses aren’t keeping pace. Security teams identify advanced threats like ransomware (74%) and zero-day vulnerabilities (63%) as their most pressing concerns, highlighting a dangerous escalation in attacker sophistication and urgency. At the same time, foundational threats persist, with unauthorized access (64%), data breaches (62%), and phishing attacks (60%) continuing to dominate actual security incidents. This blend of surging advanced threats and stubbornly recurring risks underscores why organizations must urgently enhance their defenses—especially around identity controls, workload security, and real-time visibility across cloud environments.
2. Detection and response are fragmented and it’s slowing teams down. Only 21% of organizations feel highly confident in their visibility across workloads, and just 25% trust their tools to detect advanced threats. Root cause analysis is now the most time-consuming part of incident response (34%), and 97% report difficulty executing a unified response across providers—a direct result of both architectural fragmentation and operational overhead.
3. Operational friction is limiting both compliance and automation. Compliance efforts are held back by tool sprawl (63%), limited automation (58%), and friction integrating with DevOps pipelines (37%). Although automation is seen as the most impactful improvement to incident response (36%), only 52% of organizations currently prioritize it— exposing a gap between awareness and action.
4. Security priorities are shifting toward unified control. Top strategic priorities include data security (83%), identity and access management (77%), and threat detection (72%). Together, they reflect a shift toward embedded policy enforcement and real-time visibility— moving security from reactive posture to foundational architecture.
5. AI is no longer aspirational—it’s operational. Security teams are no longer experimenting with AI—they’re implementing it. The top use cases include threat detection (75%), anomaly analysis (70%), and automated response (62%). As cloud complexity scales, AI is emerging not just as a force multiplier, but as a necessary control layer for scalable, intelligent defense.
The data reveals a clear trajectory: security leaders are moving away from disconnected tools and manual workflows toward integrated platforms that converge detection, policy enforcement, and automated response.
What’s emerging is not just a smarter toolset, but a cloud security strategy engineered for speed, scale, and continuous control.
The following chapters unpack these trends systematically. Chapter I explores where and how cloud risk is accumulating. Chapter II examines why current detection strategies fall short in delivering effective responses. Chapter III evaluates compliance challenges in the face of operational friction, and Chapter IV highlights the strategic shift toward integrated, intelligent defense.
