Persistent Threats & The Growing Role Of AI In Cloud Security

The 2025 Cloud Security Report by leading cybersecurity firm, SentinelOne, provides a comprehensive analysis of the evolving challenges facing cloud security professionals.

Drawing insights from over 400 experts, the report details the persistent threats of misconfigurations, credential compromises, and the emerging risks posed by artificial intelligence (AI).

It also highlights the transformative potential of AI-driven solutions in addressing these challenges and bridging the cybersecurity skills gap.

The findings paint a picture of a complex landscape where organisations struggle with alert overload and fragmented tools, yet see AI as a critical ally in bolstering defences.

Persistent Cloud Security Challenges

The report identifies cloud misconfigurations as a leading cause of security breaches, with 23% of incidents attributed to improper settings, such as overly permissive identity and access management (IAM) policies or exposed storage buckets. Additionally, 27% of businesses have faced breaches in their public cloud infrastructure, often due to inadequate encryption or unsecured APIs.

The shared responsibility model in cloud computing remains a point of confusion, with many organisations failing to secure their data, applications, and configurations, leaving critical assets vulnerable.

Ely Kahn, Vice President of Product Management at SentinelOne, highlights the strain on security teams: “The overall picture we get from this data is that security teams are getting too many alerts, from too many sources, and face too many challenges analysing and prioritising them. A vicious cycle is at work in cloud environments. An expanding cloud attack surface and new threats lead to the need for cloud security technologies, which often require IT security groups to deploy more point solutions that generate too much data and too many alerts.” Kahn advocates for unified platforms that streamline visibility, reduce false positives, and simplify deployment across cloud workloads.

The Rising Threat Of AI-Powered Attacks

The report notes a surge in AI-driven cyberattacks, with cybercriminals leveraging generative AI to enhance phishing campaigns, malware, and deepfake technologies. According to SentinelOne, 50% of executives believe AI will increase the sophistication of such attacks by 2026. The proliferation of cloud-based AI applications has also led to a black market for stolen API keys, with hackers monetising access to these resources.

This dual dynamic - where AI empowers both attackers and defenders - demonstrates the urgency for organisations to adopt robust countermeasures.

The report cites a 30% increase in global cyberattacks in Q2 2024, with an average of 1,636 weekly attacks per organisation. Ransomware remains a dominant threat, accounting for 35% of all attacks and rising by 15% in North America. Phishing, often used to steal cloud credentials, was reported as the most prevalent attack vector by 51% of organisations. These statistics highlight the need for proactive strategies to counter increasingly sophisticated threats.

 AI Is A Force Multiplier

Despite the challenges, the report emphasises AI’s potential to transform cybersecurity. Cameron Sipes, Director of Cloud Security PM at SentinelOne, states: “The role of AI in cybersecurity is a central theme in our 2025 Cloud Security Report, and the findings are clear: security professionals view AI as an indispensable tool for defense. While attackers are leveraging AI to increase the sophistication of their campaigns, an overwhelming 98% of organizations expect to realize significant benefits from embedding AI into their own security solutions.” Sipes highlights AI’s ability to accelerate incident response, detect attacks faster, and enhance team effectiveness, addressing the global shortage of four million cybersecurity professionals.

AI-powered tools offer real-time threat detection, automated remediation, and deep visibility into cloud environments. By analysing vast datasets and prioritising risks, these solutions enable analysts to focus on strategic tasks, reducing manual effort and alert fatigue. The report notes that 45% of professionals believe AI outperforms human analysts in detecting fraud and managing security events, making it a vital tool for multi-cloud environments.

Addressing The Skills Gap

The cybersecurity skills shortage remains a critical issue, with demand for qualified professionals outstripping supply. The report projects a potential gap of 85 million professionals by 2030 if unaddressed. AI is positioned as a key solution, with 50% of entry-level roles expected to require less specialised knowledge by 2028 due to AI automation. Additionally, AI-driven training tailored to employees’ roles can reduce insider-driven incidents by 40% by 2026, addressing the 90% of incidents caused by human error, such as weak passwords or phishing vulnerabilities.

Moving Towards Unified Solutions

The report advocates for a shift from fragmented point solutions to unified platforms like SentinelOne’s Singularity Cloud Security. These platforms integrate endpoint, cloud, and identity protection, offering real-time visibility and automated workflows. Kahn emphasises the need for solutions that “provide visibility into security data across cloud platforms and services, filter out false positive alerts, eliminate integration headaches, simplify deployment and administration, manage automated workflows and enable agentless and agent-based scanning across all cloud workloads.” Such platforms help organisations manage complex multi-cloud environments and comply with regulations like GDPR and HIPAA.

As cloud adoption accelerates, the report calls for proactive measures, including regular audits, zero trust architectures, and enhanced employee training. Organisations that invest in zero trust models can save over $1 million per incident, while DevSecOps practices improve collaboration and operational efficiency by 40%.

SentinelOne’s findings suggest that by leveraging AI and unified platforms, businesses can stay ahead of evolving threats, protect critical assets, and build a resilient defence for 2025.

SentinelOne  |  TechPerspective  |  

Image: Ideogram

You Mighy Also Read: 

Securing The Cloud: The Role Of DevOps Programmers & Azure Engineers In Modern Cybersecurity:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Holes In The Road To The UK’s Digital Future
How VPNs Open Up A World Of Streaming Entertainment »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Armor

Armor

Armor provide managed cloud security solutions for public, private, hybrid or on-premise cloud environments.

Visual Guard

Visual Guard

Visual Guard is a modular solution covering most application security requirements, from application-level security systems to Corporate Identity and Access Management Solutions.

XignSYS

XignSYS

XignSys develops innovative password-free and user-friendly Authentication solutions and electronic signature systems for B2B and B2C applications.

Cervello

Cervello

Cervello is a leading provider of comprehensive and proven solutions to protect railways against cyber attacks.

Carbide

Carbide

Carbide (formerly Securicy) breaks down enterprise-class security and privacy requirements and makes them accessible to, and achievable by, companies of all sizes.

AlertEnterprise

AlertEnterprise

AlertEnterprise uniquely eliminates silos and uncovers blended threats across IT Security, Physical Access Controls and Industrial Control Systems.

Next47

Next47

Next47 is a global venture firm, backed by Siemens, committed to turning today's impossible ideas into tomorrow's indispensable industries.

Avertro

Avertro

Avertro helps leaders manage the business of cyber. We help explain cybersecurity to executives, forecasting outcomes, right-sizing your spend, and validating your cyber strategy.

Appsian Security

Appsian Security

Appsian provides powerful solutions that help organizations take control of their business critical data and financial transactions.

QA Consultants

QA Consultants

QA Consultants is North America’s largest software quality engineering services firm, an award-winning onshore provider of software testing and quality assurance solutions.

Zigrin Security

Zigrin Security

Zigrin Security offer comprehensive, hands-on security testing of internal networks, applications, cloud-based solutions, e-commerce applications and mobile devices.

Obrela Security Industries

Obrela Security Industries

Obrela provides security analytics and risk management services to identify, analyze, predict and prevent highly sophisticated security threats in real time.

Capzul

Capzul

Capzul are transforming the network security landscape with a new approach; creating virtually impenetrable networks, precluding cybercriminal attacks on your network ecosystem.

Nordic Defender

Nordic Defender

Nordic Defender is the first crowd-powered modern cybersecurity solution provider in the Nordic region.

Axiotrop

Axiotrop

AXIOTROP is a Cybersecurity firm offering leading services in assessment, remediation, and validation to protect the confidentiality, integrity, and availability of regulated information.

Cyber Dagger

Cyber Dagger

Cyber Dagger is a cybersecurity company driven by a mission to protect digital infrastructures and close the cybersecurity skills gap.