Prowler’s State of Cloud Security Report 2025

31% of organisations claim full automation in their cloud security process.

Of security teams who are not fully confident in their cloud security, 71% do not believe their current tools can cover all aspects of their cloud environment.

The manufacturing, transport, and logistics industries are 88% more likely than average to use manual cloud security processes still.

55% of organisations operate in multi-cloud setups.

85% of organisations still using manual processes are planning to automate within the next 12 months.

Of security teams who are not fully confident in their cloud security, 68% cite the cost of operationalising cloud security tools as too high.

96% of security teams say they are confident in their cloud security.

9 in 10 users (90%) agree open cloud security tools are a primary driver of innovation in their security programmes.

Organisations detect an average of 17 vulnerabilities in their cloud environments per week.

8 in 10 users (80%) have seen reduced cloud operating costs through better identification of redundancies using open cloud security tools.

67% of organisations conduct cloud vulnerability assessments monthly or more frequently.

88% of organisations are using open cloud security tools.

83% report strengthened collaboration between security and IT departments due to open cloud security tools.

44% of organisations struggle to comply with new cloud security regulations.

Benefits of AI cloud use include Human augmentation (44%), Improved data protection (42%), and Strengthened threat detection and response capabilities (38%).

46% of organisations still struggle with cloud vulnerability management.

25% of organisations are still using manual processes for cloud security.

Technologies anticipated to have the greatest impact on cloud security in the next three years: AI and ML-driven security analytics (27%), Open source cloud security tools and technologies (17%), Automated threat intelligence and response (16%).

Organisations using fully or highly automated cloud security processes save an average of 19 hours per week.

96% of organisations conduct regular cloud vulnerability assessments.

37% of organisations failed a compliance audit due to cloud security issues in the past 12 months.

75% of organisations are planning to spend more on cloud compliance-related measures in 2025 than in 2024.

Organisations are averaging a 27% increase in planned cloud compliance spending for 2025 compared to 2024.

Cloud Cost Optimisation Steps (taken by 86% of organisations), Automating security processes (60%), Consolidating security tools and platforms (51%), Scaling security measures based on risk assessments (43%).

44% of organisations say their process for monitoring and managing cloud security is highly automated.

Future Cloud Resource Gaps (anticipated in the next 12 months): Limited budgets (45%), Talent shortages (42%), and Insufficient automation (34%).

64% of organisations operate in hybrid-cloud environments.

86% of organisations have seen a measurable reduction in security breaches due to better visibility and proactive security measures from open cloud security tools.

78% of organisations employ governance frameworks for cloud security.

Most popular governance frameworks for cloud security used: NIST Cybersecurity Framework (40%), ISO/IEC 27001 (31%), SOC 2 Compliance (28%).

Only 17% of organisations still operate in a single-cloud environment.

Of security teams who are not fully confident in their cloud security, 79% worry about unauthorized cloud services bypassing security measures.

Top challenges in managing cloud vulnerabilities include Budget constraints (35%), Integrating vulnerability management with existing workflows (34%), and Lack of skilled personnel (32%).

79% of organisations use AI technologies to monitor and manage cloud security.