Market Research
Cloud Security Threats Remain Rampant, Says Checkpoint

Check Point in collaboration with research firm Cybersecurity Insiders, has released its 2023 Cloud Security Report. The report, based on an extensive survey of over 1,000 cybersecurity professionals worldwide, provides critical insights into the current state of cloud security management, highlighting prevalent challenges and opportunities. The findings shed light on the persistent threat posed by misconfigurations, which remain a significant concern for organizations.
Despite the numerous benefits organizations derive from the cloud, such as scalability and flexibility, effectively securing it continues to be a challenge. The survey reveals that misconfigurations rank as the primary cloud security concern, affecting a concerning 59% of respondents. These misconfigurations not only leave organizations vulnerable but also impede their ability to fully leverage the potential of the cloud.
Not surprisingly, businesses are rapidly expanding their cloud estates, with 58% planning to store over 50% of their workload in the cloud within the next 12 to 18 months. However, the survey highlights a pressing issue: a significant 72% of respondents struggle with managing access to multiple security solutions, resulting in confusion and compromising cloud management security. The increasing complexity of understanding and safeguarding the cloud’s threat surface has become a significant concern for IT leaders, leaving vulnerabilities unchecked. Malicious actors are capitalizing on these challenges, as evidenced by the Check Point Research report, which indicates a staggering 48% surge in cloud-based network attacks in 2022 compared to the previous year.
The survey reveals that organizations have implemented various technologies and strategies to manage their complex cloud environments. However, the complexity and lack of visibility and control are leading to confusion. A concerning trend: 26% of organizations have 20 or more security policies in place, leading to alert fatigue and hindering response teams’ ability to effectively counter high-risk incidents. Notably, 90% of respondents expressed a preference for a single cloud security platform that simplifies management. Furthermore, an overwhelming 71% of organizations have more than six security policies in place, with 68% finding the multitude of alerts overwhelming due to the use of multiple tools stressing the need for a comprehensive and collaborative cloud security solution.
“Our survey found that cloud misconfigurations are the foremost concern for today’s CISOs. However, what sets successful cloud security organizations apart, is not only the ability to identify misconfigurations but also to grasp their contextual relevance and prioritize their resolution,” said TJ Gonen, VP of Cloud Security at Check Point Software Technologies. “Understanding which misconfigurations truly pose a risk to business operations is paramount. As is the capability to swiftly and effectively address those vulnerabilities to maintain a strong security posture. It is imperative for enterprises to select a comprehensive solution that goes beyond surface-level detection.”
Key findings from the 2023 Cloud Security Report include:
- Biggest Challenges: Misconfiguration of cloud platforms or improper setup (59%) ranks as the most significant security threat, followed by exfiltration of sensitive data (51%), insecure interfaces/APIs (51%), and unauthorized access (49%).
- Cloud Security Incidents: 24% of respondents reported experiencing public cloud-related security incidents, with misconfigurations, account compromises, and exploited vulnerabilities being the most common incident types.
- Cloud Configuration and Security Policy Management: While 62% of organizations utilize cloud-native tools for configuration management, 29% rely on dedicated Cloud Security Posture Management Solutions (CSPM).
- DevSecOps, CIEM, and Unified Security Management: 37% of respondents have embraced DevSecOps in certain areas of their organization, while 19% have implemented a comprehensive program.
Artificial Intelligence
Cloud Security Trade-Offs Rise: 91% of Leaders Face AI Threats

Gigamon has released its 2025 Hybrid Cloud Security Survey, revealing that hybrid cloud infrastructure is under mounting strain from the growing influence of artificial intelligence (AI). The annual study, now in its third year, surveyed over 1,000 global Security and IT leaders across the globe. As cyberthreats increase in both scale and sophistication, breach rates have surged to 55 percent during the past year, representing a 17 percent year-on-year (YoY) rise, with AI-generated attacks emerging as a key driver of this growth.
Security and IT teams are being pushed to a breaking point, with the economic cost of cybercrime now estimated at $3 trillion worldwide according to the World Economic Forum. As AI-enabled adversaries grow more agile, organizations are challenged with ineffective and inefficient tools, fragmented cloud environments, and limited intelligence.
Key findings highlight how ai is reshaping hybrid cloud security priorities:
- AI’s role in escalating network complexity and accelerating risk is evident. The study reveals that 46 percent of Security and IT leaders say managing AI-generated threats is now their top security priority. One in three organizations report that network data volumes have more than doubled in the past two years due to AI workloads, while nearly half of all respondents (47 percent) are seeing a rise in attacks targeting their organization’s large language model (LLM) deployments. More than half (58 percent) say they’ve seen a surge in AI-powered ransomware—up from 41 percent in 2024 underscoring how adversaries are exploiting AI to outpace and outflank existing defenses.
- Compromises highlight continued trade-offs in foundational areas of hybrid cloud security. Nine out of ten (91 percent) Security and IT leaders concede to making compromises in securing and managing their hybrid cloud infrastructure. The key challenges that create these compromises include the lack of clean, high-quality data to support secure AI workload deployment (46 percent) and lack of comprehensive insight and visibility across their environments, including lateral movement in East-West traffic (47 percent).
- Public cloud risks prompt industry recalibration. Once considered an acceptable risk in the rush to scale post-COVID operations, the public cloud is now coming under increasingly intense scrutiny. Many organizations are rethinking their cloud strategies in the face of their growing exposure, with 70 percent of Security and IT leaders now viewing the public cloud as a greater risk than any other environment. As a result, 70 percent report their organization is actively considering repatriating data from public to private cloud due to security concerns and 54 percent are reluctant to use AI in public cloud environments, citing fears around intellectual property protection.
- Visibility is top of mind for security leaders. As cyberattacks become more sophisticated, the limitations of existing security tools are coming sharply into focus. Organizations are shifting their priorities toward gaining complete visibility into their environments, a capability now seen as crucial for effective threat detection and response. More than half (55 percent) of respondents lack confidence in their current tools’ ability to detect breaches, citing limited visibility as the core issue. As a result, 64 percent say their number one focus for the next 12 months is achieving real-time threat monitoring delivered through having complete visibility into all data in motion.
With AI driving unprecedented traffic volumes, risk, and complexity, nearly nine in 10 (89 percent) Security and IT leaders cite deep observability as fundamental to securing and managing hybrid cloud infrastructure. Executive leadership is taking notice, as boards increasingly prioritize complete visibility into all data in motion, with 83 percent confirming that deep observability is now being discussed at the board level to better protect hybrid cloud environments.
“Security teams are struggling to keep pace with the speed of AI adoption and the growing complexity and vulnerability of public cloud environments,” said Mark Jow, technical evangelist, EMEA, at Gigamon. “Deep observability addresses this challenge by combining MELT data with network-derived telemetry such as packets, flows, and metadata, delivering increased visibility and amore informed view of risk. It enables teams to eliminate visibility gaps, regain control, and act proactively with increased confidence. With 88 percent of Security and IT leaders agreeing it is critical to securing AI deployments, deep observability is fast becoming a strategic imperative.”
“With nearly half of organizations saying attackers are already targeting their large language models, AI security can’t be an afterthought, it needs to be a top priority,” said Mark Walmsley, CISO at Freshfields. “The key to staying ahead? Visibility. When we can clearly see what’s happening across AI systems and data flows, we can cut through the noise and manage risk more effectively. Deep observability helps us spot vulnerabilities early and put the right protections in place before issues arise.”
Cyber Security
Axis Communications Sheds Light on Video Surveillance Industry Perspectives on AI

Axis Communications has published a new report that explores the state of AI in the global video surveillance industry. Titled The State of AI in Video Surveillance, the report examines the key opportunities, challenges and future trends, as well as the responsible practices that are becoming critical for organisations in their use of AI. The report draws insights from qualitative research as well as quantitative data sources, including in-depth interviews with carefully selected experts from the Axis global partner network.
A leading insight featured in the report is the unanimous view among interviewees that interest in the technology has surged over the past few years, with more and more business customers becoming curious and increasingly knowledgeable about its potential applications.

Mats Thulin, Director AI & Analytics Solutions at Axis Communications
“AI is a technology that has the potential to touch every corner and every function of the modern enterprise. That said, any implementations or integrations that aim to drive value come with serious financial and ethical considerations. These considerations should prompt organisations to scrutinise any initiative or investment. Axis’s new report not only shows how AI is transforming the video surveillance landscape, but also how that transformation should ideally be approached,” said Mats Thulin, Director AI & Analytics Solutions at Axis Communications.
According to the Axis report, the move by businesses from on-premise security server systems to hybrid cloud architectures continues at pace, driven by the need for faster processing, improved bandwidth usage and greater scalability. At the same time, cloud-based technology is being combined with edge AI solutions, which play a crucial role by enabling faster, local analytics with minimal latency, a prerequisite for real-time responsiveness in security-related situations.
By moving AI processing closer to the source using edge devices such as cameras, businesses can reduce bandwidth consumption and better support real-time applications like security monitoring. As a result, the hybrid approach is expected to continue to shape the role of AI in security and unlock new business intelligence and operational efficiencies.
A trend that is emerging among businesses is the integration of diverse data for a more comprehensive analysis, transforming safety and security. Experts predict that by integrating additional sensory data, such as audio and contextual environmental factors caught on camera, can lead to enhanced situational awareness and greater actionable insights, offering a more comprehensive understanding of events.
Combining multiple data streams can ultimately lead to improved detection and prediction of potential threats or incidents. For example, in emergency scenarios, pairing visual data with audio analysis can enable security teams to respond more quickly and precisely. This context-aware approach can potentially elevate safety, security and operational efficiency, and reflects how system operators can leverage and process multiple data inputs to make better-informed decisions.
According to the Axis report, interviewees emphasised that responsible AI and ethical considerations are critical priorities in the development and deployment of new systems, raising concerns about decisions potentially based on biased or unreliable AI. Other risks highlighted include those related to privacy violations and how facial and behavioural recognition could have ethical and legal repercussions.
As a result, a recurring theme among interviewees was the importance of embedding responsible AI practices early in the development process. Interviewees also pointed to regulatory frameworks, such as the EU AI Act, as pivotal in shaping responsible use of technology, particularly in high-risk areas. While regulation was broadly acknowledged as necessary to build trust and accountability, several interviewees also stressed the need for balance to safeguard innovation and address privacy and data security concerns.
“The findings of this report reflect how enterprises are viewing the trend of AI holistically, working to have a firm grasp of both how to use the technology effectively and understand the macro implications of its usage. Conversations surrounding privacy and responsibility will continue but so will the pace of innovation and the adoption of technologies that advance the video surveillance industry and lead to new and exciting possibilities,” Thulin added.
Cyber Security
Rising Cyber Insurance Pressures Push UAE Firms to Fix Identity Silos and AI Vulnerabilities

CyberArk has announced the release of the CyberArk 2025 Identity Security Landscape Report, a global survey revealing how organizations are inadvertently creating a new identity-centric attack surface through growing use of AI and cloud. The report shows that machine identities are mostly unknown and uncontrolled within organizations, while the primary roadblocks to Agentic AI adoption in the UAE involve security concerns around external manipulation and sensitive access, signposting the emergence of a new and potent identity security challenge.
“The race to embed AI into environments has inadvertently created a new set of identity security risks centered around the access of unmanaged and unsecured machine identities – and the privileged access of AI agents will represent an entirely new threat vector,” said Craig Harwood, Area VP for Africa and the Middle East at CyberArk. “For UAE organizations to stay resilient, CISOs and security leaders must modernize their identity security strategies to contend with a new and expanding attack surface characterized by the proliferation of identities with privileged access and made worse by damaging identity silos.”
‘Rise of the machines’ contributes to unsecured privilege sprawl: Machine identities, driven primarily by cloud and AI, now vastly outnumber human identities within organizations and nearly half have sensitive or privileged access. However, many enterprises leave both human and machine access to critical systems under-secured. There are 82 machine identities for every human in organizations worldwide.
In 92% of UAE organizations, the definition of a ‘privileged user’ applies solely to human identities – but 42% of machine identities have privileged or sensitive access. Fifty two percent do not have identity security controls in place to secure cloud infrastructure and workloads. Fifty four percent of UAE organizations experienced at least two successful identity-centric breaches in the past 12 months, ranging from supply chain attacks and compromised privileged access to identity and credential theft.
AI is everywhere and identity-centric agentic AI risk looms: Sanctioned and unsanctioned adoption of AI and large language models (LLMs) is simultaneously transforming organizations while amplifying cybersecurity risks. Concerns around the emergence of AI agents in the UAE and their privileged access underscores the urgency for targeted identity security investment. AI will drive the creation of the greatest number of new identities with privileged and sensitive access in 2025.
Only eighteen percent of UAE organizations have identity security controls for AI in place. Sixty percent cannot secure shadow AI usage in their organization. AI agent adoption roadblocks include manipulation and sensitive access concerns. Complexity and identity silos are overwhelming security leaders and undermining business resilience: Fragmented identity security programs and poor environmental visibility are diminishing resilience in the face of evolving cybersecurity threats. Most organizations face increased privilege-related compliance pressure.
Seventy percent of UAE respondents say identity silos are a root cause of organizational cybersecurity risk. Sixty eight percent of security professionals in the UAE agree that their organizations prioritize business efficiencies over robust cybersecurity. Human and machine identities – many of them with privileged access – are expected to double in 2025. Ninety percent of UAE organizations are under increased pressure from insurers mandating enhanced privilege controls.
CyberArk is also participating at GISEC Global 2025, taking place from 6–8 May at the Dubai World Trade Centre. The company will be present at the HELP AG stand, where it will host a dedicated pod showcasing its latest cybersecurity solutions and discuss the Identity Security Landscape report. Attendees will have the opportunity to engage directly with CyberArk’s leadership, including Craig Harwood, Vice President for Middle East and Africa, and Laurence Elbana, Director of Sales, who will be available throughout the event.
-
News1 week ago
Reolink Launches Smart Security Solutions in Middle East
-
Cyber Security3 days ago
Beyond Blocklists: How Behavioural Intent Analysis Can Safeguard Middle East Businesses from Rising AI-Driven Bot Threats
-
Channel Talk1 week ago
Dynatrace Names DXC Global Partner of the Year
-
Events1 week ago
Matrix to Exhibit NDAA Compliant Surveillance at ESX North America 2025
-
Cyber Security3 days ago
Honeywell Report Reveals 46% Quarterly Spike in Industrial Ransomware
-
Cyber Security4 days ago
Labubu Doll Craze: How Cybercriminals Are Exploiting the Hype
-
News1 week ago
BlueCat to Show Off Next-Gen Network Operations at Cisco Live
-
Cyber Security3 days ago
Sophos Boosts Firewall with New Protection and Incident Response Features