Persistent Threats & The Growing Role Of AI In Cloud Security

Uploaded on 2025-07-29 in TECHNOLOGY-Key Areas-Artificial Intelligence, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The 2025 Cloud Security Report by leading cybersecurity firm, SentinelOne, provides a comprehensive analysis of the evolving challenges facing cloud security professionals.

Drawing insights from over 400 experts, the report details the persistent threats of misconfigurations, credential compromises, and the emerging risks posed by artificial intelligence (AI).

It also highlights the transformative potential of AI-driven solutions in addressing these challenges and bridging the cybersecurity skills gap.

The findings paint a picture of a complex landscape where organisations struggle with alert overload and fragmented tools, yet see AI as a critical ally in bolstering defences.

Persistent Cloud Security Challenges

The report identifies cloud misconfigurations as a leading cause of security breaches, with 23% of incidents attributed to improper settings, such as overly permissive identity and access management (IAM) policies or exposed storage buckets. Additionally, 27% of businesses have faced breaches in their public cloud infrastructure, often due to inadequate encryption or unsecured APIs.

The shared responsibility model in cloud computing remains a point of confusion, with many organisations failing to secure their data, applications, and configurations, leaving critical assets vulnerable.

Ely Kahn, Vice President of Product Management at SentinelOne, highlights the strain on security teams: “The overall picture we get from this data is that security teams are getting too many alerts, from too many sources, and face too many challenges analysing and prioritising them. A vicious cycle is at work in cloud environments. An expanding cloud attack surface and new threats lead to the need for cloud security technologies, which often require IT security groups to deploy more point solutions that generate too much data and too many alerts.” Kahn advocates for unified platforms that streamline visibility, reduce false positives, and simplify deployment across cloud workloads.

The Rising Threat Of AI-Powered Attacks

The report notes a surge in AI-driven cyberattacks, with cybercriminals leveraging generative AI to enhance phishing campaigns, malware, and deepfake technologies. According to SentinelOne, 50% of executives believe AI will increase the sophistication of such attacks by 2026. The proliferation of cloud-based AI applications has also led to a black market for stolen API keys, with hackers monetising access to these resources.

This dual dynamic - where AI empowers both attackers and defenders - demonstrates the urgency for organisations to adopt robust countermeasures.

The report cites a 30% increase in global cyberattacks in Q2 2024, with an average of 1,636 weekly attacks per organisation. Ransomware remains a dominant threat, accounting for 35% of all attacks and rising by 15% in North America. Phishing, often used to steal cloud credentials, was reported as the most prevalent attack vector by 51% of organisations. These statistics highlight the need for proactive strategies to counter increasingly sophisticated threats.

 AI Is A Force Multiplier

Despite the challenges, the report emphasises AI’s potential to transform cybersecurity. Cameron Sipes, Director of Cloud Security PM at SentinelOne, states: “The role of AI in cybersecurity is a central theme in our 2025 Cloud Security Report, and the findings are clear: security professionals view AI as an indispensable tool for defense. While attackers are leveraging AI to increase the sophistication of their campaigns, an overwhelming 98% of organizations expect to realize significant benefits from embedding AI into their own security solutions.” Sipes highlights AI’s ability to accelerate incident response, detect attacks faster, and enhance team effectiveness, addressing the global shortage of four million cybersecurity professionals.

AI-powered tools offer real-time threat detection, automated remediation, and deep visibility into cloud environments. By analysing vast datasets and prioritising risks, these solutions enable analysts to focus on strategic tasks, reducing manual effort and alert fatigue. The report notes that 45% of professionals believe AI outperforms human analysts in detecting fraud and managing security events, making it a vital tool for multi-cloud environments.

Addressing The Skills Gap

The cybersecurity skills shortage remains a critical issue, with demand for qualified professionals outstripping supply. The report projects a potential gap of 85 million professionals by 2030 if unaddressed. AI is positioned as a key solution, with 50% of entry-level roles expected to require less specialised knowledge by 2028 due to AI automation. Additionally, AI-driven training tailored to employees’ roles can reduce insider-driven incidents by 40% by 2026, addressing the 90% of incidents caused by human error, such as weak passwords or phishing vulnerabilities.

Moving Towards Unified Solutions

The report advocates for a shift from fragmented point solutions to unified platforms like SentinelOne’s Singularity Cloud Security. These platforms integrate endpoint, cloud, and identity protection, offering real-time visibility and automated workflows. Kahn emphasises the need for solutions that “provide visibility into security data across cloud platforms and services, filter out false positive alerts, eliminate integration headaches, simplify deployment and administration, manage automated workflows and enable agentless and agent-based scanning across all cloud workloads.” Such platforms help organisations manage complex multi-cloud environments and comply with regulations like GDPR and HIPAA.

As cloud adoption accelerates, the report calls for proactive measures, including regular audits, zero trust architectures, and enhanced employee training. Organisations that invest in zero trust models can save over $1 million per incident, while DevSecOps practices improve collaboration and operational efficiency by 40%.

SentinelOne’s findings suggest that by leveraging AI and unified platforms, businesses can stay ahead of evolving threats, protect critical assets, and build a resilient defence for 2025.

SentinelOne  |  TechPerspective  |  

Image: Ideogram

You Mighy Also Read: 

Securing The Cloud: The Role Of DevOps Programmers & Azure Engineers In Modern Cybersecurity:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Holes In The Road To The UK’s Digital Future
How VPNs Open Up A World Of Streaming Entertainment »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Ilex International

Ilex International

Ilex International is a European software vendor which specialises in Identity & Access Management solutions.

Cyber Akademie (CAk)

Cyber Akademie (CAk)

Cyber Akademie is a training and education center providing high-quality training and information events on information security and data protection.

Hitachi Systems Security

Hitachi Systems Security

Hitachi Systems Security provides customized services for monitoring and protecting the most critical and sensitive IT assets in our clients’ infrastructures 24/7.

ESL Bangladesh

ESL Bangladesh

ESL is the Largest IT Infrastructure & Telecom Service Provider in Bangladesh.

Hellenic Accreditation System (ESYD)

Hellenic Accreditation System (ESYD)

ESYD is the national accreditation body for Greece. The directory of members provides details of organisations offering certification services for ISO 27001.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Founder Shield

Founder Shield

Founder Shield is a data driven insurance brokerage focused excusively on rapidly evolving high-growth companies.

Meriplex

Meriplex

Meriplex is a Managed Services provider specializing in Intelligent Networks, Cybersecurity and Cloud Communications.

Bolt Learning

Bolt Learning

Bolt's Cyber Security eLearning module provides users with an in-depth understanding of cybercrime, how it can occur and what everyone can contribute to preventing it.

Calyptix Security

Calyptix Security

Calyptix Security helps small and medium offices secure their networks so they can raise profits, protect investments, and control technology.

Trail of Bits

Trail of Bits

Trail of Bits combine high-end security research with a real-world attacker mentality to reduce risk and fortify code.

Imageware

Imageware

Imageware is a leader in biometric cybersecurity. Protect against costly, damaging ransomware hacks by employing biometric cybersecurity solutions.

Sourcepass

Sourcepass

Sourcepass is an IT consulting company that focuses on providing expert IT services, cloud computing solutions, cybersecurity services, website, and application development.

DIGISOC

DIGISOC

DIGISOC, a leader in Latin America in Cybersecurity solutions, combines machine learning with human intelligence to be effective in detecting cyber threats.

Auxilion

Auxilion

Auxilion is an award-winning provider of consulting and IT support services, technologies and consulting for public and private organisations in the UK and Ireland.

MARS Suite

MARS Suite

MARS Suite is your all-in-one solution for cyber protection & compliance. Cybersecurity and risk management is what we do best. And we’re making it simple and easy.