Prowler’s State of Cloud Security Report 2025 reveals that as cloud infrastructure increases in complexity, security teams are having difficulty keeping pace. Most organizations currently operate in hybrid (64%) or multi-cloud (55%) environments, highlighting how the technical complexity of these environments could present challenges for organizations with underdeveloped cloud security management. 

While 96% of security professionals report confidence in their organization’s end-to-end cloud security, the 4% who lack confidence indicate notable challenges persist in spite of the surface-level confidence. 79% are concerned about unauthorized cloud services circumventing security measures, and 71% are concerned their organization’s current tools cannot cover their entire cloud environment. 

Nicole Carignan, Senior Vice President, Security & AI Strategy, and Field CISO at Darktrace, comments, “Visibility is the most important factor in cloud security for organizations to be able to effectively manage IAM and compliance. You cannot protect what you cannot see.”

The report found that organizations utilizing AI to monitor and manage cloud security (79%) are finding success in areas such as: 

• Threat detection/response abilities (38%)
• Data protection (42%)
• Human augmentation (44%) 

“AI-driven solutions can provide dynamic visibility into an organization’s multi-cloud environments providing full visibility in real time all the time to enable a cloud-native approach to threat detection and response,” Carignan explains. “Additionally, AI-driven security solutions can detect vulnerabilities with precision in real-time, allowing businesses to respond quickly and prevent disruption to business operations. Identity is not limited to the cloud either. It is important to have extended visibility, detection and response across domains to understand the full scope of a potential incident or misuse of identities.”

Among the security professionals that are lacking confidence in their organization’s ability to manage cloud security, 68% cite high operationalization expenses as a hurdle. Additionally, budget constraints impede vulnerability management for 35% of organizations. So how can organizations struggling with limited budgets manage cloud security concerns? 

Carignan states, “Faced with limited resources, organizations need to ensure their technology is helping to augment the expertise and skills that they do have. Organizations should seek integrated solutions purpose built for cloud data rather than trying to retrofit on-prem tools. With the right implementation, AI can significantly enhance visibility and threat detection across multi-cloud, hybrid, and on-premise environments. AI-powered agentless cloud solutions can reduce the complexity and costs associated with installing and maintaining agents on cloud resources. They reduce the performance impact on cloud workloads, and can streamline security deployment across large, dynamic environments.”