Navigating challenges and opportunities of cloud migrations in 2025
As 2025 approaches, the role of cloud migrations in organizational strategy continues to intensify. In our current era of accelerated digital transformation, businesses face the dual challenge of optimizing their operations and navigating complex compliance requirements.
Cloud technologies stand at the forefront of this transformation, offering scalability, operational flexibility, and data management capabilities that are essential for success in today’s digital economy. In addition, the evolution of data sovereignty laws requires businesses to adjust how they handle and store data and evaluate the infrastructures that support their global operations.
A hybrid approach could put your organization on cloud nine
Until recently, many organizations’ ‘cloud-first’ strategies in reality meant ‘cloud-only’ (and more specifically, public cloud). Indeed, it wasn’t really a strategy, rather more an aspiration.
However, fast forward to today and many organizations are realizing that public cloud providers can’t fully meet all their needs and priorities. In fact, most organizations will never be fully on the public cloud for a number of reasons:
Microsoft faces massive class action payouts in cloud computing pricing case
Microsoft could be hit with over £1 billion ($1.27 billion) in charges if a huge class action case brought against the firm by UK businesses succeeds.
The case centers around Windows Server, with Microsoft being accused of overcharging customers for the software. The licensing terms of the associated Azure, the lawsuit says, mean that users are channelled towards using Microsoft’s cloud offering because it pushes up the prices of services from rivals like Google and Amazon.
How to address cloud-native security risks in 2025
Gartner predicts that public cloud end-user spending will surpass $675 billion by the end of 2024. In 2025, as AI systems proliferate and organizations increasingly store sensitive data in public cloud infrastructure, many stakeholders will begin demanding more robust cloud security measures.
Additionally, cybercriminals are becoming more inventive than ever. They now rely on AI and machine learning (ML) to improve and iterate on their methods, just as we all do. Interestingly, despite advances in cloud security, research suggests that common vulnerabilities like unenforced multi-factor authentication (MFA) and long-lived credentials continue to expose many companies to risk. Patching these known vulnerabilities will be crucial next year.
More than half of organizations think their cloud security is inadequate
A new survey, from infrastructure management provider Pulumi, reveals that 58 percent of organizations feel their cloud security is inadequate, underscoring the critical need for enhanced security measures in cloud environments.
This echoes research from other sources which show a 75 percent increase in cloud intrusions from 2022 to 2023, and 44 percent of organizations having faced a cloud data breach -- 14 percent reporting one in the past year.
AI redefines priorities for IT leaders
A new survey from Flexera shows that 42 percent of IT leaders say they believe if they could integrate AI, it would make the most difference to their organizations.
The study surveyed 800 IT leaders from the US, UK, Germany and Australia to determine how IT decision makers' priorities have evolved over the past 12 months and outline their focus for next year.
Navigating the future: Cloud migration journeys and data security
For years, businesses have been chasing innovation with cloud platforms, moving beyond the limitations of legacy technology for greater speed and agility, and sharpening their competitive edge. However, all businesses often face challenges that complicate cloud migration, driving up costs and timelines while exposing the business to data security risks. Ultimately, these challenges block businesses from experiencing the true benefits of cloud integration, and in some cases, lead to significant breaches and regulatory fines.
The speed of cloud migration is most commonly hindered by data security concerns, budget overruns, fragmented implementations, and operational friction. These challenges -- affecting the three key stakeholders within the cloud migration strategy of Data and Analytics Leaders, Security Leaders, and IT Leaders -- often cause projects to run well beyond their planned timelines and budgets. In many cases, these migrations fail to deliver value because data utilization is restricted by inadequate security, and extended timelines erode the business’s first-mover advantage.
Majority of SaaS applications and AI tools are unmanaged
A new report reveals that 90 percent of SaaS applications and 91 percent of AI tools within enterprises remain unmanaged, suggesting a widespread vulnerability that continues to grow.
The study from Grip Security highlights the limitations of traditional security strategies in combating 'SaaS risk creep' the number of SaaS applications used in an enterprise increased by 40 percent over the last two years.
Cloud attacks grow in cost and scale
A new report from Sysdig highlights the growing cost and scale of cloud attacks and the evolution of tactics being used by attackers.
Among the findings are that over $100,000 is lost per day to AI resource jacking. It hasn't taken long for threat actors to leverage stolen cloud access to exploit large language models (LLMs), as illustrated by an LLMjacking attack that left one victim on the hook for $30,000 in just three hours. Left unchecked, an LLMjacking operation can cost more than $100,000 per day.
Old credentials never die they just present a cloud security risk
Long-lived credentials on major cloud platforms continue to be a huge risk for organizations, according to a new report from Datadog.
Long-lived cloud credentials never expire and frequently get leaked in source code, container images, build logs and application artifacts, making them a major security risk. The report finds that 46 percent of organizations are still using unmanaged users with long-lived credentials.
IT decision-makers under pressure to demonstrate public cloud adoption cost savings
Unless you’re an Olympic athlete, you probably don’t want a stopwatch tracking your performance -- pushing you to work harder and move faster. But, according to Six Degrees’ newly published independent research, one in five IT decision-makers at SMEs feel that the clock is on them when implementing public cloud migration projects.
Six Degrees’ UK SME Cloud Intelligence Report 2024 found that the extent to which IT decision-makers feel rushed varies considerably between sectors. Finance and insurance (57 percent), blue light (55 percent) and education (42 percent) are impacted the most compared to those working in government (33 percent), healthcare (32 percent) and manufacturing (29 percent).
Qualys launches cloud-based risk operations center
Organizations are facing an ever-growing volume of risk alerts spread across multiple, disconnected top-10 dashboards. This fragmented view can result in conflicting analyses, duplicate work, missed threats, and strategies that fail to fully protect the organization.
Cloud-based security firm Qualys is addressing this with the launch of a new Risk Operations Center (ROC) with Enterprise TruRisk Management (ETM) that enables CISOs and business leaders to manage cybersecurity risks in real time, transforming fragmented, siloed data into actionable insights that align cyber risk operations with business priorities.
'Toxic cloud triad' puts four in 10 organizations at risk
It might sound like a Chinese secret society, but a new report warns that a 'toxic cloud triad' of publicly exposed, critically vulnerable and highly privileged cloud workloads is putting almost four in 10 organizations at risk.
Security gaps caused by misconfigurations, risky entitlements and vulnerabilities combine to dramatically increase cloud risk according to the Tenable Cloud Risk Report.
Do you know where your sensitive data is?
Around a quarter of businesses don't know where their sensitive data is according to a new report from Normalyze and the Enterprise Strategy Group (ESG).
As enterprises move more operations to the cloud, the volume and exposure of sensitive data stored in public cloud services is also rapidly increasing. Despite efforts by security teams to manage data risks, many organizations lack clarity on where data is located, how sensitive it is, and who has access to it.
The top enterprise cloud threats of 2024
A new report from IBM X-Force looks at the biggest risks enterprises are facing and highlights how attackers know that credentials are the keys to cloud environments, making them highly sought-after on dark web marketplaces.
Attackers are using phishing, keylogging, watering hole and brute force attacks to harvest credentials. Also dark web research highlights the popularity of infostealers, used to steal cloud platform and service-specific credentials.