Building better cloud security

Regaining visibility and control over complex, AI-enhanced cloud environments

Cloud computing continues to play a significant role in shaping business transformation. A recent Gartner forecast predicted spending on global public cloud services will reach $723.4 billion in 2025 — a 21.5% jump year over year, reflecting the growing importance of cloud services. Meanwhile, the integration of artificial intelligence (AI) and agentic AI into cloud services and workflows is driving further innovation and growth.

But at the same time, this integration introduces security and compliance challenges. Leaders must navigate both the rising complexity and sophistication of security threats, and look for ways to regain visibility and control over increasingly complicated cloud ecosystems. The dynamic nature of cloud security necessitates the adoption of more flexible and resilient defense mechanisms to protect against threats in a constantly changing environment.

Emerging challenges in cloud security

Changes in the way we work have amplified cloud-related vulnerabilities. But most of the threats we face result from shifts in the capabilities and objectives of attackers. They are mounting larger attacks and increasingly disrupting operations as part of international conflicts. Meanwhile, they are using new technologies to their advantage: AI is enabling attackers to launch more sophisticated attacks, while quantum computing will allow cybercriminals to crack long-held cryptography standards.

Here are five trends that are creating critical challenges for cloud security today:

1. Distributed work. The continued remote and hybrid work trend and adoption of software as a service (SaaS) and cloud technologies are no surprise. But the increase in ransomware and email phishing attacks has spurred a growing need for more robust security measures to safeguard these distributed business assets.

2. Growing denial-of-service attacks. We are also witnessing an unprecedented wave of hyper-volumetric distributed denial-of-service (DDoS) attacks. Though most DDoS attacks remain small, hyper-volumetric incidents continue to set new records for the scale of attacks.
   
   In 2024, hundreds of attacks exceeded 1 billion packets per second (pps). Meanwhile, Cloudflare mitigated a 5.6 Terabit per second (Tbps) DDoS attack in 2024, which was the largest attack ever reported. The number of DDoS attacks continues to rise rapidly. In the first quarter of 2025 alone, Cloudflare blocked 20.5 million attacks — a 358% year-over-year increase.

3. Geopolitical tensions. A climate of hacktivism will likely continue. Elections and geopolitical tensions add further complications to the use of cloud services, especially when critical infrastructure becomes the go-to target in regional and global conflict.

4. AI-powered attacks. The emergence of AI-enhanced social engineering and email phishing is concerning as well. The impact of social engineering attacks has led to significant compromises and data losses. Meanwhile, fraudulent job seekers are using AI to bolster their employment histories and even create deepfake videos for interviews.

5. Looming quantum threats. Advances in quantum computing — which intersects with a complex mix of new privacy and data sovereignty regulations — bring additional challenges in meeting security and compliance requirements. The efficacy of current encryption algorithms could put the confidentiality of data stored in the cloud at risk in the face of future advancements.

Managing such a diverse set of cloud-based risks and the security measures meant to mitigate them has become increasingly daunting. Those challenges are amplified by a growing knowledge gap created by a persistent talent shortage in security.

Strategies for enhancing cloud security

Addressing all of these cloud-based risks requires multiple, integrated security strategies. To enhance cloud security, organizations should consider the following four strategies.

1. Decentralize networking and security. The surge in threats and market pressures have prompted organizations to embrace decentralized networking and security models. They are adopting Secure Access Service Edge (SASE) models and implementing Zero Trust security frameworks to enhance user and data security in the cloud. With SASE and Zero Trust security, organizations can help ensure rigorous identity verification for every user and device attempting to access cloud resources, irrespective of the network architecture.

2. Counteract social engineering. Integrating advanced phishing protection, cloud access security broker (CASB) solutions, and data loss prevention (DLP) has proven pivotal too. Organizations can improve the effectiveness of these solutions by focusing on user protection and education, equipping users with knowledge and tools to upskill in detection and response to counteract threats. Moreover, AI will likely be needed in security tool stacks to help keep pace with the threat of AI-enhanced phishing and social engineering attacks.

3. Build a DevSecOps model. For developers, there’s been a pivot toward the integration of security into every stage of software development — shifting to a DevSecOps model. Streamlining and automating security processes enhances transparency and manageability, while regular audits ensure the effectiveness of security measures against emerging threats and identify any neglected areas of cloud infrastructure, such as unsecured APIs.

4. Enhance supply-chain security. Organizations must also integrate cloud security across their supply chain to mitigate risks associated with third-party services throughout the lifecycle of cloud-based applications. A 2024 survey of more than 5,000 DevSecOps professionals showed that 85% of developers in software, SaaS, and computer hardware organizations were drawing at least a quarter of their code from open-source libraries, creating serious supply-chain security vulnerabilities. Advanced cloud security solutions, such as cloud workload protection (CWP), cloud security posture management (CSPM), and cloud infrastructure entitlement management (CIEM), offer comprehensive protection and permissions across cloud environments.

The path forward

As technological advancements continue to redefine the cloud computing landscape, the necessity for dynamic and fortified security strategies becomes paramount, particularly to counter AI-powered threats and safeguard against the exploitation of cloud infrastructures. To achieve better control over cloud operations, organizations need to rapidly adopt new technologies, implement effective security policies, and devise plans for swiftly responding to emerging threats.

At the same time, organizations have to find ways to navigate the complexity of cloud systems and the paradoxical challenges posed by management tools. They need a proactive, vigilant approach and unified, adaptable security solutions.

For organizations to thrive in this future of cloud computing, establishing a security-centric culture is also essential. This involves championing a mindset where security is interwoven with every aspect of operations, thereby safeguarding assets, data, and customer trust.

Cloudflare’s connectivity cloud can help organizations address the complex challenges of securing cloud environments and protecting against AI-powered threats. This unified, intelligent platform of cloud-native services helps organizations regain visibility and control across their IT environments while streamlining management.

This article is part of a series on the latest trends and topics impacting today’s technology decision-makers.

Originally published on TechRadar, tailored for theNET.

Dive deeper into this topic.

Learn more about how to protect complex cloud environments from evolving threats in the The connectivity cloud: A way to take back IT and security control ebook.

Author

John Engates — @jengates
Field CTO, Cloudflare

Key takeaways

After reading this article you will be able to understand:

• The 5 emerging challenges threatening secure cloud environments

• 4 strategies to employ to combat this complexity and risk

• How organizations are future-proofing cloud architecture

Related resources

• The connectivity cloud: A way to take back IT and security control

• Quantum threats are real — is your security ready?

• Preparing for the future of AI in cyber security