Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Navigating today’s cloud security challenges

Issue 1 2025 Information Security, Infrastructure

By Vincent Hwang, VP, Cloud Security, Fortinet

Cloud adoption lies at the heart of digital transformation, providing organisations with the agility and flexibility they need to stay competitive in today’s rapidly changing marketplace. Competing in a digital-first economy requires developing personalised customer experiences, embracing a more prominent work-from-anywhere (WFA) strategy, streamlining workflows, and optimising distributed operations for greater efficiency and scalability.

However, while the power of the cloud certainly enables enterprises to quickly adapt to today’s evolving demands, it also introduces unique challenges that security teams must recognise and manage. These include safeguarding sensitive data, ensuring regulatory compliance, and maintaining visibility and control across increasingly complex hybrid and multi-cloud environments.

The release of the 2025 State of Cloud Security Report, sponsored by Fortinet and produced by Cybersecurity Insiders, provides a comprehensive analysis of the latest trends, challenges, and strategies shaping cloud security. Based on insights from over 800 cybersecurity professionals across industries and geographies, this report reveals what is driving hybrid and multi-cloud adoption, the evolving challenges organisations face, and actionable steps for securing these dynamic environments.

Many organisations navigating the challenges of cloud adoption recognise the importance of safeguarding their cloud-based initiatives. As a result, they are significantly increasing their cloud security investments in the coming year. They are channelling their resources to address critical security gaps, ensure compliance, and overcome technical complexities.

This article examines some key findings from the report, including how businesses worldwide are harnessing the cloud and how their security teams respond to cloud-related threats. It highlights the challenges companies face as they navigate their cloud adoption journey.

Hybrid and multi-cloud dominate

Cloud adoption continues to redefine IT operations, with hybrid and multi-cloud models emerging as the leading strategies for most organisations. According to the report, 82% of surveyed organisations now leverage cloud environments to achieve greater scalability, flexibility, and resilience. 

To that end, hybrid cloud adoption has risen to 54%, enabling organisations to integrate their on-premises systems with public cloud platforms. This approach lets organisations optimise the deployment of their applications based on their needs, striking a balance between control and compliance. For instance, IT teams can use public clouds for customer-facing applications, while keeping sensitive data safe in their private environments.

Cloud security challenges

While cloud adoption offers substantial benefits, it also brings significant security challenges, with 61% of respondents reporting that security and compliance concerns are their top barriers to cloud adoption. Misconfiguration, regulatory non-compliance, and data breaches are among the most pressing issues identified, especially as hybrid and multi-cloud environments expand. Compounding these challenges is the cybersecurity skills gap. A staggering 76% of organisations report a shortage of cloud security expertise and people resources, limiting their ability to deploy and manage comprehensive security solutions. This shortage not only underscores the need for targeted training and upskilling to bridge the gap, but also to rethink cloud deployment strategies to reduce complexity and increase security effectiveness.

This is even more critical when considering another critical weakness highlighted by the 2025 Cloud Security Report: real-time threat detection. Only 36% of respondents expressed confidence in their organisation’s ability to detect and respond to threats in their cloud environments. This lack of confidence highlights vulnerabilities in current architectures, especially in complex hybrid and multi-cloud setups.

Unified cloud security platforms

The State of Cloud Security Report emphasises implementing a unified cloud security platform strategy to tackle these challenges. An overwhelming 97% of respondents prefer centralised solutions that simplify policy management, enhance visibility, and ensure consistent enforcement across diverse environments.

As a result, organisations are urged to invest in acquiring and deploying a unified cloud platform. An ideal platform, like that offered by Fortinet, should deliver comprehensive 360-degree defence-in-depth protection and comprehensive visibility to help organisations fully understand their cloud environment, better operationalise their environment, and increase security effectiveness—all while reducing complexity.

Additionally, it should offer integrated capabilities like Cloud Security Posture Management (CSPM), Code Security, and Cloud Infrastructure Entitlement Management, such as those provided in Fortinet’s Lacework FortiCNAPP Cloud Native Application Protection Platforms (CNAPP) solution. While traditional stand-alone CSPM tools can identify misconfigurations, such as exposed storage buckets, they lack the ability to actively protect or provide the full visibility and context to amplify weak signals to identify complex threats that may exist within the cloud environment.

Increasing investment in cloud security

On average, cloud security currently accounts for 35% of overall IT security spending, reflecting the growing importance of protecting hybrid and multi-cloud environments, but with cloud security now a top priority for organisations, 63% plan to increase their budgets in the next 12 months.

Organisations should evaluate their approaches to cloud security investments, particularly those with ‘cloud minimum spend’ commitment obligations. They should consider flexible daily-usage licencing programmes that offer a broad catalogue of solutions, empowering them to readily deploy what they need, quickly scale up, down, in, or out as required, and only pay for actual usage. Additionally, an ideal programme should readily allow you to draw down your cloud spend commitment obligations at the same time.

Building a resilient cloud security posture

The report underscores the growing complexity of today’s hybrid and multi-cloud environments, and the urgent need for proactive strategies to address their evolving challenges. Critical steps include: 

• Adopting unified platforms to simplify policy management and ensure consistency across environments. 

• Investing in training to bridge the cybersecurity skills gap. 

• Leveraging a cloud-native application protection platform that combines advanced tools like workload protection, configuration management, runtime defence to secure containers, and integrated solutions to enhance threat detection and remediate issues. 

• Using end-to-end encryption and automated risk remediation to improve data protection.  

In addition, emerging trends—like the integration of AI-driven threat detection, the rise of edge computing, and the increasing emphasis on zero-trust architectures—are set to shape the next wave of cloud security solutions.

Download the report at www.fortinet.com/resources/reports/cloud-security




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
Identity is a cyber issue
Access Control & Identity Management Information Security
Identity and access management telemetry has emerged as the most common source of early threat detection, responsible for seven of the top 10 indicators of compromise leading to security investigations.

Read more...
Identity and authentication
Technews Publishing SMART Security Solutions Access Control & Identity Management Information Security Security Services & Risk Management
Identity authentication is a crucial aspect of both physical security and cybersecurity. SMART Security Solutions obtained insights into the topic and the latest developments from three companies.

Read more...
From QR code to compromise
Information Security News & Events
A new attack vector involves threat actors using fraudulent QR codes emailed in PDF attachments to bypass companies' phishing security measures by requiring users to scan the code with their mobile phones.

Read more...
Organisations fear AI-driven cyberattacks, but lack key defences
Kaspersky Information Security News & Events Training & Education
A recent Kaspersky study reveals that businesses are increasingly worried about the growing use of artificial intelligence in cyberattacks, with 56% of surveyed companies in South Africa reporting a rise in cyber incidents over the past year.

Read more...
Threats, opportunities and the need for post-quantum cryptography
AI & Data Analytics Infrastructure
The opportunities offered by quantum computing are equalled by the threats this advanced computer science introduces. The evolution of quantum computing jeopardises the security of any data available in the digital space.

Read more...
Vodacom Business unveils new cybersecurity report
Information Security IoT & Automation
Cybersecurity as an Imperative for Growth offers insights into the state of cybersecurity in South Africa, the importance of security frameworks in digital resilience and the latest attack methods adopted by cyberattackers.

Read more...
Smart surveillance and cyber resilience
Axis Communications SA Surveillance Information Security Government and Parastatal (Industry) Facilities & Building Management
South Africa’s critical infrastructure sector has to step up its game regarding cybersecurity and the evolving risk landscape. The sector has become a prime target for cybercriminals on top of physical threat actors, and the consequences of an incident can be far-reaching.

Read more...
NIS2 compliance amplifies skills shortages and resource strain
Information Security Security Services & Risk Management
A new Censuswide survey, commissioned by Veeam Software reveals the significant impact on businesses as they adapt to this key cybersecurity directive, with 95% of EMEA businesses siphoning other budgets to try and meet compliance deadline.

Read more...
Axis introduces ACS Edge and cloud storage
Axis Communications SA Surveillance Infrastructure Products & Solutions
Axis Communications has launched two new solutions within the AXIS Camera Station ecosystem, AXIS Camera Station Edge (ACS Edge) and AXIS Camera Station Cloud Storage (ACS Cloud Storage).

Read more...











SMART Security Business Directory



Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.