New IDC research highlights a major cloud security shift

November 6, 2025 TH Author

Cloud security is at a tipping point. While moving to the cloud powers both growth and speed for organizations, it can also bring new risks. According to IDC’s latest research, organizations experienced an average of nine cloud security incidents in 2024, with 89% reporting a year-over-year increase. That’s not a typo. And it’s not just a statistic—it’s a wake-up call. As cyberthreats grow more sophisticated and cloud environments more complex, security leaders must rethink their strategies to stay ahead of threat actors.

But what actually needs to change? And what should you be doing about it? Read IDC’s latest research, The Next Era of Cloud Security: Cloud-Native Application Protection Platform and Beyond, to dive deep into the future of cloud security—and what it means for chief information security officers (CISOs), security architects, and product leaders.

Five IDC insights into the evolving cloud security landscape

1. One platform is quietly becoming a top investment

IDC research found that cloud-native application protection platforms (CNAPPs) are now one of the top three security investments for 2025. Why? Because they’re solving problems that legacy tools can’t, protecting cloud-native applications throughout their lifecycle—further reinforcing the importance of ecosystems, consolidation, and more.

2. The role of the CISO is evolving to align security with business priorities

In 37% of organizations, CISOs now have ownership over cloud security management. IDC calls them “3D CISOs.” They don’t just manage risk—they drive business outcomes and digital innovation. These leaders are reshaping how security is embedded across the organization, from DevOps pipelines to boardroom conversations. IDC’s whitepaper details the expanded and evolving role of CISOs and their impact on improving the overall security posture of organizations.

3. Tool sprawl increases costs and introduces vulnerabilities

Organizations are grappling with tool sprawl, using an average of 10 cloud security tools and often adding more each year. This complexity—driven by fragmented platforms, regulatory requirements, and integration challenges—creates blind spots and slows response times. But stopping the sprawl isn’t easy. It requires a deliberate approach, anchored in a unified security platform that simplifies operations and strengthens protection. IDC research underscores this, highlighting how greater visibility and tool consolidation drive measurable gains in efficiency and cost management.

4. Generative AI is already changing the game

Forget the hype. Generative AI is delivering real value for cloud security—from automated threat detection to faster incident response, and more. IDC’s data shows how security teams are using generative AI, including how it can enhance the capabilities of security analysts and allow them to focus on more complex tasks.

5. The future is integrated and autonomous

Security leaders are moving toward unified security operations (SecOps) platforms that combine cloud-native protection, threat intelligence, and AI-powered automation. Some are exploring the new frontier of agentic AI—autonomous systems that can detect, isolate, and remediate known cyberthreats without human intervention. The IDC whitepaper explores what this future looks like—and how close we really are.

Why mitigating security risk matters now more than ever

Cloud security is a critical business imperative. As IDC puts it, “Security risk is business risk.” The decisions you make today will shape your organization’s resilience, agility, and ability to innovate tomorrow. Whether you’re a CISO or a cloud architect, this research offers a roadmap for navigating what’s next. It’s not just about buying new tools. It’s about building a smarter, more unified approach to cloud security.

Ready to see what’s inside?

71% of organizations surveyed believe that over the next two years, it would be beneficial for their organization to invest in a unified SecOps platform that includes technologies such as extended detection and response (XDR), endpoint detection and response (EDR), security information and event management (SIEM), CNAPP and cloud security, generative AI, and threat intelligence. But that’s easier said than done. And in this post, we’ve only scratched the surface. The full IDC study covers:

The evolving role of CNAPP in cloud security.
How CISOs are aligning security with business goals.
The impact of generative AI and agentic AI on security operations center (SOC) operations.
Strategies for reducing tool sprawl and improving visibility.
Guidance for integrating CNAPP with XDR, SIEM, and managed services.

Innovate faster with Microsoft

Microsoft’s integrated CNAPP, powered by industry-leading generative AI and threat intelligence, unifies security across the entire application lifecycle. With comprehensive visibility, real-time cloud detection and response, and proactive risk prioritization, it protects your modern cloud and AI applications from code to runtime.

Microsoft empowers your security teams to identify, prioritize, and mitigate risks early, adhere to compliance and regulatory requirements, prevent cloud breaches, and stay ahead of emerging cloud and AI cyberthreats. Innovate securely, quickly, and confidently, across hybrid and multicloud environments.

Learn more

Read IDC’s full whitepaper, The Next Era of Cloud Security: Cloud-Native Application Protection Platform and Beyond.

Learn about our new e-book: The 5 generative AI security threats you need to know.

Learn more about Microsoft Defender for Cloud.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.