As organisations develop and deploy more cloud applications security has become a priority – but also more complicated as hybrid or multi-cloud models gain in popularity, expanding the attack surface and increasing complexity.

Security teams often struggle to manage and secure their various private and public cloud workloads and environments. And although multi-cloud adoption has many benefits, dealing with multiple tools adds management complexity and makes it difficult or nigh impossible to apply consistent security policies across all cloud environments.

Worse, the level of security complexity often grows over time as organisations continue to add cloud services, leading to even more management challenges and costs.

The 2024 Cloud Security Report, conducted by Cybersecurity Insiders and sponsored by Fortinet, looks to gain insights into the challenges organisations face in protecting their cloud environments and the strategies they prioritise.

The report is based on a comprehensive survey of 927 cybersecurity professionals worldwide and offers insights into the current trends driving cloud security.

In 2024, the majority of organisations (78%) are opting for hybrid and multi-cloud strategies. Of those organisations, 43% use a hybrid of cloud and on-premises infrastructure, and 35% have a multi-cloud strategy.

These numbers represent only a slight increase from two years ago when 39% of organisations were using hybrid cloud and 33% multi-cloud.

“After years of rapid adoption, cloud growth has slowed as the market matured,” says Gary Peel, Cloud BDM for Fortinet in Africa. “At this point, the hype appears to have found its equilibrium and the benefits of cloud computing are well understood. Organisations with IT needs that can benefit from cloud flexibility and agility, or that require services unique to cloud environments are able to move forward with their projects.

“Most organisations also recognise that security needs to be included in their cloud strategies,” Peel adds. “The cybersecurity challenges associated with the cloud and the need for enhanced security measures in cloud environments have become more critical in the face of new AI-based threats. In fact, 78% of organisations report being very or extremely concerned about cloud security. Security is clearly a priority, with 61% of respondents anticipating that their cloud security budget will increase over the next 12 months.”

Organisations report that they plan to increase their cloud security budget by 37% to safeguard sensitive data and comply with regulatory standards in today’s increasingly cloud-oriented landscape.

Despite continuing cloud adoption, challenges remain in implementing consistent multi-cloud security. Security and compliance issues are the top concern (59%), acting as a roadblock to faster adoption of multi-cloud strategies. Organisations also cite technical challenges (52%) and resource constraints (49%) as barriers to cloud adoption.

Achieving visibility and policy control within complex multi-cloud infrastructures can be difficult and the cybersecurity skills gap only compounds the issue. The lack of people with cloud security expertise is a serious issue, with 93% of respondents saying they are moderately to extremely concerned about the industry-wide skills shortage.

Because hybrid and multi-cloud environments are complex securing them is difficult. However, a vast majority of organisations (95%) say that a unified cloud security platform with a single dashboard would help protect data consistently and comprehensively across the entire cloud footprint.

Instead of dealing with the inefficiencies of managing multiple disparate security systems, security teams that take advantage of a single integrated cloud security platform benefit from more straightforward integration, automation, and reduced management overhead which can help improve visibility, provide consistent policy enforcement, and mitigate the cybersecurity skills gap.