editorially independent. We may make money when you click on links
to our partners.
Learn More
Exposure management company Tenable has released its “State of Cloud and AI Security 2025” report, warning that the rapid adoption of hybrid, multi-cloud, and AI systems is outpacing existing security strategies, creating blind spots that leave organizations at risk.
Disjointed visibility in complex, fragmented systems posing security risks
The State of Cloud and AI Security 2025 survey polled over 1,000 security and IT professionals worldwide to see how organizations are adjusting their strategies to manage risk in complex cloud and AI environments.
Developed in collaboration with the Cloud Security Alliance, Tenable’s report found that 82% of businesses now operate in hybrid environments, with 63% using more than one cloud provider and managing an average of 2.7 environments.
AI adoption is also rising quickly, with more than half of organizations deploying AI for business needs. Alarmingly, 34% of these AI workloads have already resulted in cloud data breaches.
“The report confirms what we’re seeing every day in the field. AI workloads are reshaping cloud environments, introducing new risks that traditional tools weren’t built to handle,” said Liat Hayun, vice president of product and research at Tenable.
According to the report, the shift is creating fragmented systems that leave major blind spots for security teams and organizations. Tenable warned that these gaps can manifest into disjointed visibility, inconsistent identity governance, and weaknesses in risk monitoring that attackers can exploit.
“As AI-driven workloads add more layers of complexity, identity has become one of the biggest sources of weakness in this environment, with inconsistent governance and excessive permissions regularly cited as drivers of cloud breaches,” the report stated.
The need for adaptive and future-proof defense
The report also noted that while many organizations have adopted security solutions to protect their cloud infrastructure, these tools often operate in silos. As a result, risk control remains limited, with critical gaps in visibility and monitoring.
In response, Jim Reavis, co-founder and CEO of the Cloud Security Alliance, urged organizations to develop dynamic, future-proof defenses that can keep pace with the rapid advances in both cloud and AI.
“We’re in the middle of the fastest evolution in cloud computing history. Unfortunately, as our research made clear, many security strategies are already behind the curve,” said Reavis.
“The risks of standing still are growing by the day. Organizations need to rethink their approach and build adaptive, future-ready defenses that are capable of evolving as fast as the technology they safeguard, he added.”
In August, Tenable expanded its Tenable One exposure management platform with the launch of its AI Exposure solution. Read more about how it helps users manage and control security risks emerging from generative AI.