More than 78% of organizations use two or more cloud providers, compared to 71% last year, reflecting the growing need for flexibility and specialized services. These numbers come from Fortinet's State of Cloud Security 2025 report, which was released today.
The adoption of multi-cloud strategies is increasing
The report reveals important trends and challenges shaping the evolving cloud security landscape. Based on feedback from 873 cybersecurity professionals, it highlights key strategies organizations are adopting to protect complex cloud environments.
Notably, 78% of respondents said they use two or more cloud providers, compared to 71% last year, indicating increased adoption of multi-cloud strategies. Meanwhile, 54% have implemented hybrid cloud models, combining on-premises and public cloud infrastructures for greater control and flexibility.
Commenting on these numbers, Rom Carmel, CEO of Apono, emphasized the importance of collaboration between IT security and engineering teams to enforce security guardrails.
“Cloud adoption creates a situation where engineering and operational teams are the ones creating and maintaining the infrastructure and, therefore, directly impact the cloud posture on an ongoing basis,” Carmel explained.
Security and compliance concerns remain
Security and compliance remain top concerns, cited by 61% of organizations, with increasing regulatory requirements and data protection challenges. The skills shortage increases the complexity of cloud security management, with 76% of respondents reporting a lack of experience in areas such as configuration management and threat detection.
Low confidence in real-time threat detection is a critical issue, with 64% expressing doubt about their ability to detect and respond to threats immediately.
Amit Zimmerman, co-founder and chief product officer at Oasis Security, stressed the need for strategic tools, saying: “Organizations should focus on leveraging modern tools that provide comprehensive analytics, capable of processing large amounts of data to identify and prioritize vulnerabilities.” .
Read more about cloud security: Google Cloud will mandate multi-factor authentication by 2025
The survey also indicated a strong preference for unified cloud security platforms, with 97% of respondents preferring centralized dashboards that simplify policy management and threat visibility across cloud services. Adoption of cloud security posture management (CSPM) and cloud native application protection platforms (CNAPP) is on the rise, with 67% and 62% of respondents, respectively, choosing them as key tools for mitigating misconfigurations and compliance risks.
Furthermore, 63% of organizations plan to increase their cloud security budgets in the next year.
“Ensuring organizations choose the right vendors – across multiple aspects including cost, functionality, ease of use, compatibility and security – has become increasingly important,” said Patrick Tickett, vice president of security and engineering at Keeper Security.
“Cloud security analysts must conduct comprehensive assessments of vendor security controls, negotiate robust service level agreements and implement monitoring mechanisms to ensure compliance with security standards and mitigate risks associated with third-party cloud providers.”
