Fortinet’s 2025 State of Cloud Security Report offers a thorough exploration of the current trends, challenges, and strategies shaping cloud security today. As organisations increasingly adopt cloud technologies to support digital transformation, the report provides a critical lens into how these advancements are transforming businesses while introducing new complexities to the cybersecurity landscape.

Cloud adoption has become an integral part of digital transformation efforts, enabling organisations to remain competitive in a rapidly evolving digital economy. The flexibility and scalability of the cloud allow businesses to streamline workflows, embrace work-from-anywhere strategies, optimise distributed operations, and create personalised customer experiences. However, this progress comes with significant challenges for security teams, including safeguarding sensitive data, meeting regulatory compliance, and maintaining visibility across hybrid and multi-cloud environments.

The report, produced by Cybersecurity Insiders and sponsored by Fortinet, is based on insights from over 800 cybersecurity professionals across various industries and regions. It highlights key drivers of hybrid and multi-cloud adoption, examines the challenges businesses face, and offers actionable steps for securing these complex environments. The findings underline the importance of addressing security gaps, ensuring compliance, and simplifying cloud security strategies as organisations continue to invest heavily in cloud-based systems.

Cloud adoption is reshaping IT operations globally, with hybrid and multi-cloud strategies emerging as preferred approaches. These models enable organisations to harness the benefits of cloud technology while addressing operational needs. Hybrid cloud adoption, which combines on-premises infrastructure with public cloud platforms, has grown significantly, offering a balance between control and scalability. Businesses can utilise public clouds for customer-facing applications while safeguarding sensitive data in private cloud environments, ensuring compliance with regulatory requirements and meeting unique organisational demands.

Despite the clear benefits of cloud adoption, organisations face substantial challenges in ensuring security and compliance. Security concerns are among the most significant barriers to cloud adoption, with misconfigurations, data breaches, and regulatory non-compliance posing critical risks. Industries such as healthcare, where sensitive data like patient records must be protected while adhering to strict regulatory frameworks, illustrate the complexity of these challenges. Furthermore, the growing complexity of hybrid and multi-cloud environments amplifies the need for robust security measures to address evolving threats.

Adding to these challenges is a significant skills gap in cloud security expertise. Many organisations report a lack of qualified professionals capable of managing and securing cloud environments effectively. This shortage underscores the importance of targeted training initiatives to upskill teams and bridge the gap between security needs and available resources. Addressing this gap is vital for organisations to deploy comprehensive security solutions that safeguard their cloud infrastructure.

The report also identifies a critical vulnerability in organisations’ ability to detect and respond to real-time threats within their cloud environments. Many businesses lack confidence in their existing threat detection capabilities, leaving them exposed to potential breaches. This highlights the need for advanced monitoring tools that provide real-time insights into security risks. Strengthening threat detection and response mechanisms is essential for ensuring the security of hybrid and multi-cloud setups, where maintaining visibility and control can be particularly challenging.

In response to these challenges, organisations are significantly increasing their investments in cloud security. This trend reflects a growing recognition of the need to address critical security gaps, improve compliance, and simplify the management of multi-cloud environments. By channelling resources into innovative security solutions, businesses are positioning themselves to meet the demands of a rapidly changing threat landscape while optimising their cloud adoption strategies.

The 2025 State of Cloud Security Report serves as a valuable guide for organisations navigating the complexities of cloud adoption. While the challenges are substantial, the opportunities for innovation, efficiency, and growth are equally compelling. By prioritising security, compliance, and workforce development, businesses can build resilient cloud infrastructures that support long-term success. Fortinet’s findings emphasise the importance of proactive strategies and robust investments to ensure that cloud-based initiatives remain secure, sustainable, and transformative.