Comms Business – Rapid growth of cloud and AI creating new layers of complexity and risk

The rapid growth of hybrid, multi cloud and AI systems has outpaced cloud security strategies, creating new layers of complexity and risk, according to Tenable’s State of Cloud and AI Security 2025 report.

According to the study, 82 per cent of organisations now operate hybrid environments spanning on premises and cloud, and 63 per cent use more than one cloud provider, managing an average of 2.7 environments. 

The report found that, with each IT environment bringing its own tools, policies and shared responsibility models, the cloud and AI workload sprawl creates complex and fragmented systems that leave major blind spots for security teams. The result is disjointed visibility, inconsistent identity governance and gaps in risk monitoring that attackers can exploit. 

As AI-driven workloads add more layers of complexity, the survey added that identity has become one of the biggest sources of weakness in this environment, with inconsistent governance and excessive permissions regularly cited as drivers of cloud breaches. 

Tenable concluded that this shift is driven by cost pressures, regulatory requirements, and performance needs and, in some cases, has led organisations to move their cloud-based workloads back on premises for greater control. While the report shows that many organisations have adopted solutions such as unified security monitoring (58 per cent), cloud security posture management (57 per cent) and extended detection and response (54 per cent), the shift toward broader visibility across hybrid and cloud environments remains nascent.  

The report revealed that many tools still operate in silos, limiting their ability to unify risk control. Consequently, few organisations have the consistent policy enforcement, identity management and risk monitoring needed to secure such a diverse IT landscape. 

The State of Cloud and AI Security 2025 research, commissioned by Tenable and developed in collaboration with the Cloud Security Alliance, surveyed more than 1,000 IT and security professionals to understand how organisations are adapting their strategies to manage risk across increasingly complex cloud and AI driven infrastructures. 

“The report confirms what we’re seeing every day in the field. AI workloads are reshaping cloud environments, introducing new risks that traditional tools weren’t built to handle,” said Liat Hayun, VP of product and research at Tenable. 

Jim Reavis, co-founder and CEO, Cloud Security Alliance, said, “We’re in the middle of the fastest evolution in cloud computing history. Unfortunately, as our research made clear, many security strategies are already behind the curve. The risks of standing still are growing by the day. Organisations need to rethink their approach and build adaptive, future-ready defences that are capable of evolving as fast as the technology they safeguard.”