The surge in artificial intelligence workloads is exposing serious fissures in hybrid cloud security, reshaping the challenges facing enterprises worldwide. As business leaders accelerate the adoption of generative AI and machine learning, a new storm of cybersecurity hurdles is gathering force—forcing organizations to rethink not just how they protect data, but how they see, control, and respond to risks across increasingly complex infrastructure.
The rapid integration of artificial intelligence into business operations is driving a data deluge. Insights from the 2025 Hybrid Cloud Security Survey, conducted by Gigamon and reported by Petri IT Knowledgebase, reveal that over 1,000 security and IT leaders across six countries now list managing AI-generated threats as their top security priority—an urgent shift reflecting the sector’s new reality.
Most participants in the survey reported that their network data volumes have more than doubled over the past two years, thanks largely to AI workloads. These aren’t just routine increases. As businesses digitally transform, AI is commanding not only massive compute and storage but also introducing new potential for cyberattacks that exploit AI-specific vulnerabilities.
Of particular concern is the surge in attacks like data exfiltration and prompt injection, which directly target large language model (LLM) deployments. The Gigamon report cites a 47 percent uptick in these types of incidents, underscoring the dual-edged nature of AI: while AI promises efficiency and innovation, it also expands the attack surface and gives sophisticated threat actors new tools to work with.
The reasons are multi-layered, but a central theme is lack of comprehensive visibility, especially into “East-West” traffic—the lateral movement within and between cloud workloads that traditional tools aren’t equipped to monitor well. Forty-seven percent of surveyed organizations admitted they lack the visibility necessary to proactively detect and respond to threats within their own environments. Compounding this is a parallel lack of high-quality data: 46 percent say poor data fidelity hampers their efforts to securely deploy new workloads.
Source: 2025 Hybrid Cloud Security Survey, Gigamon
Perhaps most tellingly, many businesses are considering “cloud repatriation”—that is, moving sensitive data and workloads back from the public cloud to private or hybrid infrastructure. This reversal of cloud migration trends aligns with growing skepticism about public cloud providers’ security guarantees, particularly as AI-driven processes become core to competitive advantage.
This trend is echoed by independent industry research: Flexera’s annual State of the Cloud Report and Gartner’s 2025 predictions both note that sensitive AI workloads are increasingly kept on-premises or within managed private clouds to reduce risk exposure. However, even private environments are far from immune, especially if security tooling, policies, and staff resources haven’t matured accordingly.
This speaks to a persistent strategic disconnect: security leaders are expected to anticipate and mitigate sophisticated threats yet often lack the budgetary control, strategic influence, or organizational backing to install holistic, risk-based solutions. As the report candidly states, “They know what needs to change... But without control over security investments or executive backing, even the most well-informed Security and IT leaders are left in an untenable position: referees expected to enforce the rules without a whistle, while the game plays on around them.”
Yet, despite this broad consensus, actual boardroom support still lags. Security remains a technical discipline, too often siloed from strategic business planning. The result: organizations are slow to link security metrics to tangible business outcomes, and boards may underestimate the existential threat posed by advanced AI attacks.
Additionally, the willingness of organizations to reassess their public cloud investments—by considering hybrid or even private repatriation strategies—demonstrates a maturing understanding that “cloud-first” doesn’t always mean “cloud-best.” This nuanced approach lets enterprises customize their security postures based on risk profiles, regulatory demands, and the unique demands of AI workloads.
Limited data quality is a related pitfall: without rich, clean data for monitoring and threat analytics, even the best AI-powered defense platforms are hamstrung. The “quantity over quality” trap is real—and especially dangerous when defending against adversarial machine learning techniques.
Most pressingly, the recurring pattern of CISOs and security leaders being excluded from early AI planning and budgetary oversight leaves many organizations vulnerable and reactive rather than strategic. In the survey’s own words, expecting CISOs to enforce order without authority is a recipe for future breaches.
Industry watchers caution, however, that not all public clouds are created equal. The major providers (e.g., AWS, Microsoft Azure, Google Cloud) each offer increasingly granular controls for data privacy, encryption, and AI governance. Widespread industry consensus confirms that security in the cloud is a “shared responsibility”—and any attempted repatriation must pair with a hard look at internal controls, patch management, and privileged access.
Some of the most advanced organizations are deploying AI-defending-AI—leveraging machine learning models for anomaly detection, adversarial forensic analysis, and even self-healing infrastructures that automatically segment workloads in the event of compromise. While still emerging, these strategies offer a glimpse into the future of cyber defense.
Nevertheless, the adoption of such tools must be critically evaluated. Tool proliferation alone invites integration headaches and workflow fatigue for already-stretched security teams. Effective deployment requires both skilled practitioners and robust alignment with overall business risk appetite.
Organizations that thrive in this environment will:
The stakes have never been higher—or changing faster. For leaders who embrace the lessons of 2025, the path to resilience lies not in retreat, but in smart, integrated, and forward-looking defense. The threat landscape may be evolving, but so too is the playbook for those ready to secure the AI-powered future.
Source: Petri IT Knowledgebase Rising AI Workloads Expose Cracks in Hybrid Cloud Security
AI Workloads: Fueling Explosive Growth—and New Threats
The rapid integration of artificial intelligence into business operations is driving a data deluge. Insights from the 2025 Hybrid Cloud Security Survey, conducted by Gigamon and reported by Petri IT Knowledgebase, reveal that over 1,000 security and IT leaders across six countries now list managing AI-generated threats as their top security priority—an urgent shift reflecting the sector’s new reality.Most participants in the survey reported that their network data volumes have more than doubled over the past two years, thanks largely to AI workloads. These aren’t just routine increases. As businesses digitally transform, AI is commanding not only massive compute and storage but also introducing new potential for cyberattacks that exploit AI-specific vulnerabilities.
Of particular concern is the surge in attacks like data exfiltration and prompt injection, which directly target large language model (LLM) deployments. The Gigamon report cites a 47 percent uptick in these types of incidents, underscoring the dual-edged nature of AI: while AI promises efficiency and innovation, it also expands the attack surface and gives sophisticated threat actors new tools to work with.
Breaches on the Rise: Visibility, Control, and Data Quality Lags
Early cloud security concerns often centered on perimeter defense and external threats. Now, the picture is far more complex. The report documents a sobering trend: breach rates have climbed from 47 percent to 55 percent year-over-year. This escalation coincides with widespread admissions from within the industry itself—91 percent of security and IT leaders, and an eye-watering 97 percent of Chief Information Security Officers (CISOs), acknowledge having to make compromises when securing hybrid cloud environments.The reasons are multi-layered, but a central theme is lack of comprehensive visibility, especially into “East-West” traffic—the lateral movement within and between cloud workloads that traditional tools aren’t equipped to monitor well. Forty-seven percent of surveyed organizations admitted they lack the visibility necessary to proactively detect and respond to threats within their own environments. Compounding this is a parallel lack of high-quality data: 46 percent say poor data fidelity hampers their efforts to securely deploy new workloads.
Table: Key Hybrid Cloud Security Gaps (2025 Survey)
| Security Gap | Surveyed % Reporting Issue |
|---|---|
| East-West Visibility | 47% |
| Data Quality | 46% |
| Ineffective Tooling | 55% |
| Compromises Made | 91% (Leaders), 97% (CISOs) |
| Rising Breach Rate | Up 8 pts YoY (47%→55%) |
Public Cloud: Opportunity or Risk?
Hybrid architectures—those blending private data centers, public clouds, and edge—are now the de facto standard. Yet the public cloud’s allure is being sharply reevaluated. A striking 70 percent of IT leaders in the Gigamon survey characterize public cloud as their riskiest environment, with escalating concerns over data integrity, governance, and intellectual property loss.Perhaps most tellingly, many businesses are considering “cloud repatriation”—that is, moving sensitive data and workloads back from the public cloud to private or hybrid infrastructure. This reversal of cloud migration trends aligns with growing skepticism about public cloud providers’ security guarantees, particularly as AI-driven processes become core to competitive advantage.
This trend is echoed by independent industry research: Flexera’s annual State of the Cloud Report and Gartner’s 2025 predictions both note that sensitive AI workloads are increasingly kept on-premises or within managed private clouds to reduce risk exposure. However, even private environments are far from immune, especially if security tooling, policies, and staff resources haven’t matured accordingly.
CISOs at a Crossroads: Marginalized Yet Accountable
The role of the CISO has never been more critical—or more precarious. The survey found that, although organizations deploy an average of 15 separate security tools, 55 percent of IT leaders believe these are ineffective due to poor integration and limited visibility. At the same time, 36 percent of CISOs are calling for a greater say in decisions around AI initiatives and security investments.This speaks to a persistent strategic disconnect: security leaders are expected to anticipate and mitigate sophisticated threats yet often lack the budgetary control, strategic influence, or organizational backing to install holistic, risk-based solutions. As the report candidly states, “They know what needs to change... But without control over security investments or executive backing, even the most well-informed Security and IT leaders are left in an untenable position: referees expected to enforce the rules without a whistle, while the game plays on around them.”
Executive Involvement: The Missing Link in AI Security
Ninety percent of IT leaders agree that what’s needed is “deep observability”—the ability to capture, analyze, and correlate telemetry from all layers of infrastructure and workloads, in real time. This is especially vital with AI, as behavior can change rapidly, and even small misconfigurations or “shadow AI” projects can yield catastrophic data leaks or compliance failures.Yet, despite this broad consensus, actual boardroom support still lags. Security remains a technical discipline, too often siloed from strategic business planning. The result: organizations are slow to link security metrics to tangible business outcomes, and boards may underestimate the existential threat posed by advanced AI attacks.
Recommendations: Closing the Gaps in AI-Hybrid Security
The 2025 survey aggregates security frameworks and expert interviews into five core recommendations, tailored for organizations struggling to adapt to the hybrid cloud-AI era. Each recommendation is actionable and reinforced by analyst commentary and recent high-profile incidents.1. Involve CISOs in Strategic AI and Security Planning
AI is not just a technical upgrade; it fundamentally transforms how organizations operate and serve customers. CISOs must play a key role in shaping how AI is developed, deployed, and secured. This means having a hand in vendor selection, model governance, deployment architecture, and controls around data labeling, LLM prompt integrity, and drift monitoring. Multiple sources, including ISACA and Cloud Security Alliance, confirm that early CISO involvement reduces both risks and downstream costs of remediation.2. Make Cybersecurity a Standing Board Agenda Item
Cyber incidents now pose direct, board-level liability. IT leaders are urged to push cybersecurity—especially around AI-enabled processes—onto board meeting agendas as a recurring topic. This ensures not only funding, staffing, and policy oversight but also that emerging threats and compliance requirements receive the scrutiny they demand. Experts from Forrester recommend quarterly briefings that align cyber risk to business continuity and innovation initiatives.3. Link Security Metrics to Business Outcomes
Executives need more than technical logs and compliance checklists. Boards want to know how security investments protect revenue streams, customer trust, and intellectual property. CISOs should develop “risk-to-revenue” frameworks, mapping security controls to top-line and bottom-line impacts. They can then present scenarios showing, for example, how improving deep observability or moving AI workloads from public to private cloud measurably reduces both breach probability and regulatory exposure.4. Educate Boards on Cybersecurity Fundamentals
A recurring theme in breach investigations is the lack of cyber literacy at the highest levels. Organizations should establish cybersecurity education and awareness programs for board members and top executives, tailored to their oversight roles. This includes regular briefings on AI attack trends (like LLM prompt injection or adversarial machine learning), implications of data sovereignty, and incident response best practices.5. Establish Clear Protocols for Breach Response
Speed and coordination are crucial during a cyber incident. The survey underscores the importance of predefined breach response playbooks—detailing roles, escalation paths, and communication flows. Post-incident reviews should include AI-specific learnings: was the attack related to a new Machine Learning Ops pipeline, or did it exploit synthetic data generation? These debriefs are critical not just for compliance, but also for iterative improvement.Critical Analysis: Where the Industry Excels (and Where It Falters)
Strengths: Awareness, Tool Diversity, and Tactical Innovation
The good news is that awareness of the risks associated with AI and hybrid cloud workloads is running high. The fact that 46 percent of leaders now name AI-generated threats as their top security risk is a positive evolution. Tooling diversity, too, is a strength: with an average of 15 security tools, organizations are not lacking for technical options. Vendor innovation in deep observability, automated threat detection, and cloud-native controls has accelerated, offering more choices for defenders.Additionally, the willingness of organizations to reassess their public cloud investments—by considering hybrid or even private repatriation strategies—demonstrates a maturing understanding that “cloud-first” doesn’t always mean “cloud-best.” This nuanced approach lets enterprises customize their security postures based on risk profiles, regulatory demands, and the unique demands of AI workloads.
Weaknesses: Integration, Data Quality, and Strategic Gaps
Yet, these strengths are easily compromised by persistent weaknesses. The fragmentation of the security toolchain, highlighted by over half of CIOs and CISOs, sabotages both visibility and response times. Disjointed security stacks foster blind spots—exactly the windows that sophisticated attackers exploit, often using AI-powered tooling of their own.Limited data quality is a related pitfall: without rich, clean data for monitoring and threat analytics, even the best AI-powered defense platforms are hamstrung. The “quantity over quality” trap is real—and especially dangerous when defending against adversarial machine learning techniques.
Most pressingly, the recurring pattern of CISOs and security leaders being excluded from early AI planning and budgetary oversight leaves many organizations vulnerable and reactive rather than strategic. In the survey’s own words, expecting CISOs to enforce order without authority is a recipe for future breaches.
The Return of the Private Cloud? (A Cautious Trend)
As AI workloads become mission-critical—and constitute sensitive intellectual property—many enterprises are contemplating a partial retreat from public cloud. This “cloud repatriation” isn’t a panacea. Private clouds come with their own operational and infrastructural risks, and the security talent shortage is often even more acute. Nonetheless, the move suggests a growing realism about cloud security tradeoffs.Industry watchers caution, however, that not all public clouds are created equal. The major providers (e.g., AWS, Microsoft Azure, Google Cloud) each offer increasingly granular controls for data privacy, encryption, and AI governance. Widespread industry consensus confirms that security in the cloud is a “shared responsibility”—and any attempted repatriation must pair with a hard look at internal controls, patch management, and privileged access.
The Role of Deep Observability and AI-Defending-AI
A pivotal consensus point is the need for “deep observability.” In practical terms, this means extending monitoring well beyond firewalls and network perimeters, into the heart of cloud-native and AI-centric operations. Analysts recommend leveraging technologies like network detection and response (NDR), endpoint detection and response (EDR), and automated threat intelligence in tandem with real-time telemetry from applications and APIs.Some of the most advanced organizations are deploying AI-defending-AI—leveraging machine learning models for anomaly detection, adversarial forensic analysis, and even self-healing infrastructures that automatically segment workloads in the event of compromise. While still emerging, these strategies offer a glimpse into the future of cyber defense.
Nevertheless, the adoption of such tools must be critically evaluated. Tool proliferation alone invites integration headaches and workflow fatigue for already-stretched security teams. Effective deployment requires both skilled practitioners and robust alignment with overall business risk appetite.
Looking Forward: Security by Design for the Age of AI
The rise of AI workloads is puncturing old myths about cloud security, replacing them with a more mature—but also more urgent—framework rooted in visibility, integration, and constant reassessment of threat models.Organizations that thrive in this environment will:
- Involve CISOs in the full lifecycle of AI strategy and implementation
- Prioritize deep observability, especially for East-West cloud traffic
- Treat cybersecurity as a core business driver, not an afterthought
- Bet on data quality, not just data volume, for defense analytics
- Regularly review public vs. private cloud postures as risks and workloads evolve
The stakes have never been higher—or changing faster. For leaders who embrace the lessons of 2025, the path to resilience lies not in retreat, but in smart, integrated, and forward-looking defense. The threat landscape may be evolving, but so too is the playbook for those ready to secure the AI-powered future.
Source: Petri IT Knowledgebase Rising AI Workloads Expose Cracks in Hybrid Cloud Security
