Latest news with #SebastienCano
Techday NZ
01-07-2025
- Business
- Techday NZ
AI & cloud security top enterprise concerns amid tool sprawl
Thales' newly released 2025 Global Cloud Security Study highlights rising challenges for organisations as cloud complexity and AI adoption re-shape enterprise security priorities. The study, carried out by S&P Global Market Intelligence 451 Research and based on a survey of nearly 3,200 security professionals in 20 countries, reports that over half (52%) of security leaders are now prioritising AI security spending over traditional allocations. At the same time, more than half of all cloud data is now classified as sensitive, yet only a limited proportion benefits from full encryption. Shifting security priorities Findings from the study underscore a notable shift in how security budgets are distributed. While cloud security remains the foremost priority, AI-specific security ranks as the second most important area of investment for businesses, marking a change in enterprise risk management as organisations respond to the accelerated adoption of AI technologies and the rapid proliferation of sensitive data stored in cloud environments. Almost two-thirds (64%) of respondents consider cloud security one of their five most pressing security concerns, while 17% rate it as their top issue. "The accelerating shift to cloud and AI is forcing enterprises to rethink how they manage risk at scale. With over half of cloud data now classified as sensitive, and yet only a small fraction fully encrypted, it's clear that security strategies haven't kept pace with adoption. To remain resilient and competitive, organizations must embed strong data protection into the core of their digital infrastructure," Sebastien Cano, Senior Vice President, Cyber Security Products at Thales, said. This reallocation of priorities reflects the increasing pressure placed on security teams as they respond to the volatility and changing threat landscape of cloud and AI environments. Managing complex cloud environments Security operations are becoming more complicated as organisations use an average of 85 Software-as-a-Service (SaaS) applications and operate across an average of 2.1 public cloud providers, often alongside on-premises systems. The study reveals that 55% of security professionals believe cloud environments are now more complex to secure than their on-premises counterparts—a four percent increase compared to the previous year. These trends have contributed to what the report refers to as 'security tool sprawl', with 61% of organisations utilising five or more data discovery, monitoring, or classification tools. Similarly, 57% of surveyed organisations rely on five or more tools for encryption key management. This proliferation of tools, providers and platforms drives challenges in maintaining consistent policies, managing access, and ensuring data visibility across hybrid and multi-cloud estates. These difficulties are further exacerbated during periods of organisational growth or mergers and acquisitions, which often see expanded SaaS usage and heightened security demands. Cloud-based assets a primary target The report points to an evolving threat landscape in which attackers increasingly focus on cloud-based resources. Four of the top five most targeted assets in reported cyberattacks were cloud-based, underlining the risks associated with storing and processing sensitive data in public and hybrid cloud environments. Incidents involving unauthorised access remain prevalent; 68% of respondents reported a rise in access-based attacks, stemming largely from stolen credentials and lack of adequate access controls. Despite most organisations (85%) classifying at least 40% of their cloud data as sensitive, only 66% have introduced multifactor authentication, leaving critical datasets exposed to potential breaches. Misconfigurations and lapses in credential management are also cited as primary contributors to cloud security incidents, suggesting an ongoing role for human error in organisational risk profiles. "A rising number of respondents report challenges in securing their cloud assets, an issue that is further amplified by the demands of AI projects that often operate in the cloud and require access to large volumes of sensitive data. Compounding this issue, four of the top five targeted assets in reported attacks are cloud-based. In this environment, strengthening cloud security and streamlining operations are essential steps toward enhancing overall security effectiveness and resilience," Eric Hanselman, Chief Analyst at S&P Global Market Intelligence 451 Research, said. The findings collectively emphasise the ongoing difficulties enterprises face as they strive to protect and manage increasingly distributed, sensitive, and AI-powered cloud environments, where tools and best practices have yet to fully match the pace of technological adoption and sophistication of threats.
Business Wire
30-06-2025
- Business
- Business Wire
Thales 2025 Global Cloud Security Study Reveals Organizations Struggle to Secure Expanding, AI-Driven Cloud Environments
MEUDON, France--(BUSINESS WIRE)-- Thales, a global leader in technology and cybersecurity, today released the findings of its 2025 Cloud Security Study conducted by S&P Global Market Intelligence 451 Research, revealing that AI-specific security has rapidly emerged as a top enterprise priority, ranking second only to cloud security. Over half (52%) of respondents said they are prioritizing AI security investments over other security needs, signaling a shift in how organizations are allocating budgets in response to the accelerated adoption of AI. This year's research captures perspectives on cloud security challenges from nearly 3,200 respondents in 20 countries across a variety of seniority levels. 'With over half of cloud data now classified as sensitive, and yet only a small fraction fully encrypted, it's clear that security strategies haven't kept pace with adoption." Cloud remains at the forefront of security considerations Cloud is now an essential part of modern enterprise infrastructure, but many organizations are still building the skills and strategies needed to secure it effectively. The variability of controls across cloud providers, combined with the distinct mindset required for cloud security, continues to challenge security teams. This pressure is only increasing as AI initiatives drive more sensitive data into cloud environments, amplifying the need for robust, adaptable protections. This year's Thales Cloud Security Study confirms that cloud security remains a top concern for enterprises worldwide. Nearly two-thirds (64%) of respondents ranked it among their top five security priorities, with 17% identifying it as their number one. Security for AI, a new addition to the list of spending priorities this year, ranked second overall, highlighting its growing importance. Despite sustained investment, cloud security remains a complex, persistent challenge that goes beyond technology to include staffing, operations, and the evolving threat landscape. 'The accelerating shift to cloud and AI is forcing enterprises to rethink how they manage risk at scale,' Sebastien Cano, Senior Vice President, Cyber Security Products at Thales, said. 'With over half of cloud data now classified as sensitive, and yet only a small fraction fully encrypted, it's clear that security strategies haven't kept pace with adoption. To remain resilient and competitive, organizations must embed strong data protection into the core of their digital infrastructure.' The average number of public cloud providers per organization has risen to 2.1, with most also maintaining on-prem infrastructure. This growing complexity is driving security challenges with 55% of respondents reporting that cloud is harder to secure than on-prem, a 4-percentage-point increase from last year. As organizations expand through growth or M&A, they're also seeing a surge in SaaS usage, now averaging 85 applications per enterprise, complicating access control and data visibility. This complexity extends to security operations, with many teams struggling to align policies across varied platforms. The study found that 61% of organizations use five or more tools for data discovery, monitoring, or classification, and 57% use five or more encryption key managers. Attacks target cloud resources with human error remaining a top vulnerability Cloud infrastructure is a prime target for attackers as organizations continue to struggle with securing increasingly complex environments. According to the 2025 Thales Cloud Security Study, four of the top five most targeted assets in reported attacks are cloud-based. The rise in access-based attacks, as reported by 68% of respondents, underscores growing concerns around stolen credentials and insufficient access controls. Meanwhile, 85% of organizations say at least 40% of their cloud data is sensitive, yet only 66% have implemented multifactor authentication (MFA), leaving critical data exposed. Compounding the issue, human error remains a major contributing factor in cloud security incidents, from misconfigurations to poor credential management. ' A rising number of respondents report challenges in securing their cloud assets, an issue that is further amplified by the demands of AI projects that often operate in the cloud and require access to large volumes of sensitive data,' Eric Hanselman, Chief Analyst at S&P Global Market Intelligence 451 Research, said. ' Compounding this issue, four of the top five targeted assets in reported attacks are cloud-based. In this environment, strengthening cloud security and streamlining operations are essential steps toward enhancing overall security effectiveness and resilience.' For more information, please download the full report and join our webinar hosted by Eric Hanselman, Chief Analyst at S&P Global Market Intelligence 451 Research. About Thales Thales (Euronext Paris: HO) is a global leader in advanced technologies for the Defence, Aerospace, and Cyber & Digital sectors. Its portfolio of innovative products and services addresses several major challenges: sovereignty, security, sustainability and inclusion. The Group invests more than €4 billion per year in Research & Development in key areas, particularly for critical environments, such as Artificial Intelligence, cybersecurity, quantum and cloud technologies. Thales has more than 83,000 employees in 68 countries. In 2024, the Group generated sales of €20.6 billion. Cybersecurity Solutions | Thales Group
