A startling 91% of organizations admit to making risky security compromises in their hybrid cloud environments under a mounting strain from the growing influence of AI, according to Gigamon’s 2025 Hybrid Cloud Security Survey. As AI adoption surges and hybrid architectures expand, security postures remain dangerously fragmented.
Breach rates have surged 17% year-on-year to 55%, driven largely by AI-powered attacks, according to the study, which polled over 1,000 security and IT leaders across the US, UK, Germany, France, Australia, and Singapore. Among the primary drivers behind these compromises are poor data quality for secure AI workload deployment (46%) and a lack of visibility into East-West traffic movement (47%).
Global cybercrime costs, reaching $10.5 trillion annually by 2025 according to the World Economic Forum, intensify with AI-driven threats. IBM’s 2024 cost of data breach report pegs average incident costs at $4.88 million.
Public cloud is now seen as the top vulnerability by 70% of security leaders. Over half are actively considering repatriating data to private clouds, while 54% hesitate to deploy AI in public clouds due to fears around intellectual property leakage and governance gaps, according to the Gigamon survey.
Visibility remains the core pain point. Majority (55%) of security leaders lack confidence in their tools’ ability to detect breaches across fragmented infrastructure. As a result, 64% prioritize real-time threat monitoring through complete visibility into data in motion, with 89% deeming deep observability fundamental to securing hybrid cloud infrastructure. About 83% of boards said observability is now being discussed at the board level to better protect hybrid cloud environments.
“This year’s survey signals a profound shift in risk management priorities, and the time has come to recalibrate how hybrid cloud infrastructure is secured and managed in the AI era,” said Chaim Mazal, chief security officer at Gigamon in the press statement. “Deep observability provides that recalibration by combining traditional log data with network-derived telemetry, giving security teams the clarity to see through encrypted traffic, detect AI-powered threats, and strengthen defenses before the blast radius expands.”
“Observability alone isn’t enough,” said Manish Ranjan, research director for software & cloud at IDC EMEA. “In today’s complex IT environments — especially with distributed AI workloads — security must be embedded as a strategic pillar, supported by governance, not treated as an afterthought.”
AI is indeed compounding existing security gaps. Companies are seeing a surge in AI-powered ransomware—up from 41% in 2024 to 58% this year—and 47% have already encountered attacks specifically targeting large language models (LLMs). Mark Walmsley, CISO at Freshfields, warned that “AI security can’t be an afterthought,” urging enterprises to adopt deep observability and rethink public cloud strategies to stay ahead of AI-driven threats, as per the statement, as per the press statement.
The AI security imperative
The architecture of the hybrid cloud itself is contributing to security lapses, according to experts. As workloads shift between on-prem and public cloud, inconsistent policies and fragmented tools create exposure. “Hybrid complexity makes fragmented controls a liability,” said Hetal Presswala, CSO at an EPC firm. “A unified security approach is critical, as varying protocols and silos increase the risk of misconfigurations and data leaks.”
Structured frameworks are emerging to manage AI risks. “ISO/IEC 42001:2023 is a blueprint for AI security,” said Anuj Jain, associate director for IT Advisory at UHY James Advisory LLC. The standard embeds controls across data pipelines, model governance, and system resilience — vital to mitigating LLM-specific risks like prompt injection and model poisoning.
According to IDC’s Ranjan, organizations are taking a measured approach to AI adoption. “AI is still maturing, and data quality is a major challenge—especially in regulated sectors like government, banking, oil & gas, and healthcare,” said Ranjan. “Rather than rushing into large-scale deployments, most are running pilots and sandbox initiatives, relying heavily on technology partners and ecosystems for guidance.”
With AI set to drive unprecedented traffic volumes and deepen infrastructure complexity, experts agree: hybrid cloud isn’t going away — but securing it demands visibility, governance, and deep integration between strategy and operations.
No Responses