According to 2025 State of Cloud Security Report by Fortinet produced by Cybersecurity Insiders, cloud adoption lies at the heart of digital transformation, providing organisations with the agility and flexibility they need to stay competitive in today’s rapidly changing marketplace. Competing in a digital-first economy requires developing personalised customer experiences, embracing a more prominent work-from-anywhere (WFA) strategy, streamlining workflows, and optimising distributed operations for greater efficiency and scalability.

However, while the power of the cloud certainly enables enterprises to quickly adapt to today’s evolving demands, it also introduces unique challenges that security teams must recognise and manage. These include safeguarding sensitive data, ensuring regulatory compliance, and maintaining visibility and control across increasingly complex hybrid and multi-cloud environments.

Key findings from this report include:

  • Hybrid and multi-cloud strategies on the rise: Over 78 per cent of respondents utilise two or more cloud providers, underscoring the growing importance of multi-cloud approaches to enhance resilience and leverage specialised capabilities. 54 per cent of organisations have adopted hybrid cloud models, integrating on-prem and public cloud environments to optimise flexibility and control.
  • Security and compliance top concerns: Security and compliance issues are the primary barriers to cloud adoption, cited by 61 per cent of organisations striving to meet regulatory requirements and protect sensitive data.
  • Skills gap in cloud security expertise: 76 per cent of organisations report a shortage of expertise in cloud security, highlighting the need for automation, targeted upskilling, and resource optimisation.
  • Low confidence in real-time threat detection: The survey data highlights that 64 per cent of respondents lack confidence in their organisation’s ability to handle real-time threat detection.
  • Unified cloud security platforms: The survey shows 97 per cent of respondents prefer unified cloud security platforms with centralised dashboards to simplify policy configuration, ensure consistency, and enhance visibility across an organisation’s cloud footprint.
  • Rapid adoption of cloud security posture management (CSPM) and cloud-native application protection platforms (CNAPP): To address misconfigurations and compliance gaps, 67 per cent of respondents are implementing CSPM and 62 per cent CNAPP solutions to protect cloud environments.

The report also underscored the growing complexity of today’s hybrid and multi-cloud environments and the urgent need for proactive strategies to address their evolving challenges.

Best practices for a more resilient security posture include:

  • Adopting unified platforms to simplify policy management and ensure consistency across environments.
  • Investing in training to bridge the cybersecurity skills gap.
  • Leveraging a cloud-native application protection platform that combines advanced tools like workload protection, configuration management, runtime defense to secure containers, and integrated solutions to enhance threat detection and remediate issues.
  • Using end-to-end encryption and automated risk remediation to improve data protection.

Commenting on the report, Vivek Srivastava, country manager, India and SAARC, Fortinet, said, “The report highlights organisations navigating the challenges of cloud adoption and recognises the importance of safeguarding their cloud-based initiatives. As a result, they are significantly increasing their cloud security investments in the coming year. Chief information security officers (CISOs) are prioritising their efforts to address critical security gaps, ensure compliance, and overcome technical complexities. Fortinet’s industry-leading solutions provide the tools with critical capabilities today’s organisations need, to protect their cloud infrastructures effectively by integrating artificial intelligence (AI)-driven threat detection and zero-trust architectures which are the next wave of cloud security solutions.”