56% of respondents said enhanced security is the reason why AI workloads are in a combination of private cloud and on-premises environments.

93% of organizations have at least one privileged service account, linked to Kubernetes adoption

For public cloud deployments, the highest ranking challenges (at 43%) are migration of apps and data, and technical skills or feasibility.

When migrating workloads to private clouds, the top challenges are managing apps post-migration, securing hybrid environments, and lack of technical skills or feasibility, each cited by 38% of respondents

84% of organizations now use AI in the cloud.

36% of organizations have at least one cloud asset supporting more than 100 attack paths.

79% of enterprises/organisations are likely to increase reliance on packet capture in 2025/this year and report a growing reliance on packet data.

While 92% of organisations reported that they had sufficient budget to meet their needs, 78% believed there was a need for more support to prepare for rising network security threats

A significant portion of existing SIEM detection rules, 13% on average, are broken. These rules are non-functional and will never trigger. This is a 5% decrease from the 2024 report.

AI adoption ranks among the top three reasons for private cloud use.

SIEMs now process an average of 259 log types and nearly 24,000 unique log sources, providing more than enough telemetry to detect over 90% of MITRE ATT&CK techniques (an increase of three percent from 2024) – but manual, error-prone detection engineering practices continue to limit actual coverage.

Private cloud spending at the $10M+ per year level will increase from 43% in 2024 to 53.6% in 2025. This represents a 24% growth rate in private cloud spending for these cohorts. This compares to just 12% growth in public cloud spending for the same cohorts.

62% of organizations have at least one vulnerable AI package.

Nearly a third of cloud assets are neglected today.

76% of organizations have at least one public-facing asset that enables lateral movement.

The shift toward multi-cloud environments is driving a 125% increase in collaborative monitoring models.

More than half of all AI workloads already reside in a combination of private cloud and on-premises environments.

Each neglected cloud asset contains on average 115 vulnerabilities.

Respondents with good packet capture abilities were four times more likely to resolve issues in under an hour.

79% of MITRE ATT&CK Techniques used by adversaries are missed by enterprise SIEMs.