Over 78% of organizations use two or more cloud providers, up from 71% last year, reflecting the growing need for resilience and specialized services. These figures come from Fortinet’s 2025 State of Cloud Security Report, released today.
Growing Adoption of Multi-Cloud Strategies
The report reveals significant trends and challenges shaping the evolving cloud security landscape. Based on feedback from 873 cybersecurity professionals, it highlights key strategies organizations are adopting to protect complex cloud environments.
Notably, 78% of respondents said that they use two or more cloud providers, up from 71% last year, indicating increased adoption of multi-cloud strategies. Meanwhile, 54% have implemented hybrid cloud models, combining on-premises and public cloud infrastructures for greater control and flexibility.
Commenting on the figures, Rom Carmel, CEO at Apono, emphasized the importance of collaboration between IT security and engineering teams to enforce security guardrails.
“The adoption of cloud creates a situation where engineering and operation teams are the ones creating and maintaining infrastructure, and with that, directly affecting the cloud posture constantly,” Carmel explained.
Security and Compliance Concerns Persist
Security and compliance remain top concerns, cited by 61% of organizations, as regulatory demands and data protection challenges grow. Skills shortages further complicate cloud security management, with 76% of respondents reporting a lack of expertise in areas such as configuration management and threat detection.
Low confidence in real-time threat detection is another critical issue, with 64% expressing doubts about their ability to detect and respond to threats promptly.
Amit Zimerman, co-founder and chief product officer at Oasis Security, stressed the need for strategic tools, stating “Organizations should focus on leveraging modern tools that offer comprehensive analytics, capable of processing large volumes of data to identify and prioritize vulnerabilities.”
Read more on cloud security: Google Cloud to Mandate Multifactor Authentication by 2025
The survey also indicated a strong preference for unified cloud security platforms, with 97% favoring centralized dashboards that simplify policy management and threat visibility across cloud services. Adoption of Cloud Security Posture Management (CSPM) and Cloud-Native Application Protection Platforms (CNAPP) are rising, chosen by 67% and 62% of respondents, respectively, as key tools to mitigate misconfigurations and compliance risks.
Furthermore, 63% of organizations plan to increase their cloud security budgets in the coming year.
“Ensuring organizations select the correct vendors – via multiple facets including cost, functionality, usability, compatibility and security– has become increasingly important,” said Patrick Tiquet, vice president of security & architecture at Keeper Security.
“Cloud security analysts must conduct thorough assessments of vendor security controls, negotiate robust service-level agreements and implement monitoring mechanisms to ensure compliance with security standards and mitigate the risks associated with third-party cloud providers.”