Rising AI Workloads Expose Cracks in Hybrid Cloud Security — Here’s What You Need to Know

Organizations face security tool sprawl as CISOs look to optimize costs with tool rationalization but Security and IT leaders are left without control over investments or executive backing.

Gigamon surveyed a diverse group of over 1,000 security and IT leaders across Australia, France, Germany, Singapore, the UK, and the US. The researchers found 46% of Security and IT leaders identified that managing AI-generated threats as their top security priority.

Most organizations reported that their network data volumes have more than doubled in the past two years due to AI. Moreover, 47 percent of organizations reported a rise in attacks (such as data exfiltration and prompt injection) targeting their LLM deployments.

CISOs demand a bigger seat at the strategic table

The study also found that organizations use an average of 15 security tools, but 55% of IT leaders say these tools are ineffective due to poor integration and limited visibility. Moreover, 36% of CISOs want more influence over AI and security-related business decisions. Around 90 percent of IT leaders believe that deep observability is important for securing AI deployments.

“They know what needs to change. They see where the vulnerabilities lie. But without control over security investments or executive backing, even the most well-informed Security and IT leaders are left in an untenable position: referees expected to enforce the rules without a whistle, while the game plays on around them,” the researchers explained.

Breach rates climb amid visibility and control gaps

According to the report, breach rates have increased from 47 percent to 55 percent year-over-year. Moreover, 91 percent of Security and IT leaders, and 97 percent of CISOs, admit to making compromises in securing hybrid cloud environments. The study also found that 47% of organizations lack comprehensive visibility across their environments, especially into East-West traffic. 46 percent of the respondents also lack high-quality data to support secure workload deployment.

Additionally, 70 percent of IT leaders consider the public cloud the riskiest environment. They raised several key concerns, including data integrity, governance, and intellectual property. Most of the surveyed organizations are considering moving data and workloads from public cloud environments back to private cloud infrastructure.

Five recommendations for securing hybrid cloud AI

The 2025 Hybrid Cloud Security Survey offers several key recommendations for organizations to strengthen their cybersecurity posture amidst growing AI-driven complexity and hybrid cloud challenges.

1. Involve CISOs in strategic AI and security planning
   
   Organizations should ensure that Chief Information Security Officers (CISOs) are involved in shaping how artificial intelligence is integrated and secured within their operations. It should help to ensure that security risks are properly evaluated and aligned with broader business goals.
   
2. Make cybersecurity a regular topic at the executive level
   
   IT leaders must make cybersecurity a key item on board meeting agendas. This approach should help ensure that security issues are continuously monitored and managed as part of the organization’s long-term strategy.
   
3. Link security metrics to business outcomes
   
   In addition to technical data, boards and executives need insights that connect cybersecurity performance to business resilience. Businesses should develop frameworks that demonstrate how security initiatives help to reduce risks and support operational continuity.
   
4. Educate Boards on Cybersecurity Fundamentals
   
   It’s also important to improve cybersecurity awareness at the board level. This approach will help to better engage in strategic discussions and make better-informed decisions to enhance the organization’s security posture.
   
5. Establish clear protocols for breach response
   
   Organizations should implement predefined breach response procedures to avoid confusion during a cyber incident. These protocols help ensure a coordinated reaction to minimize damage and maintain stakeholder trust.

Overall, the report urges organizations to reassess risk in light of AI and hybrid cloud complexity. It recommends investing in deep observability for real-time visibility, prioritizing data quality over quantity for secure AI workloads, and reevaluating their reliance on public cloud, especially for sensitive or AI-driven operations.