The 2026 State of Cloud Security Report, sponsored by Fortinet and produced by Cybersecurity Insiders, finds that organizations are facing increasing challenges in managing cloud security as environments become more complex. The report is based on a survey of 1,163 senior cybersecurity leaders and professionals worldwide.
The study shows a growing gap between how fast companies are moving to the cloud and how well security teams can keep track of threats, spot attacks, and respond quickly.
“Our survey of these experts indicates that while cybersecurity spend is increasing, the maturity and effectiveness of cyber defenses are not keeping pace with the many new use cases that today often include an AI element,” Fortinet said in the report.
Analysis of the survey identified three main factors contributing to the cloud complexity gap. Security solutions are expanding as cloud adoption grows but often without coordination. Disconnected tools and inconsistent controls make end-to-end visibility difficult, forcing teams to manually correlate alerts from multiple systems. Almost 70% of organizations cited tool sprawl and visibility gaps as the top obstacles to effective cloud security.
Organizations also face a shortage of skilled cybersecurity professionals, leaving teams stretched thin and responses slower. Seventy-four percent (74%) of respondents reported an active shortage of qualified personnel, while 59% remain in the early stages of cloud security maturity.
At the same time, cyber threats are increasingly automated, using AI to identify misconfigurations, map permission paths, and locate exposed data faster than human-led defenses can respond. Over 80% of surveyed experts said they lacked strong confidence in detecting and responding to cloud threats in real time, a 16-point increase from last year.
Cloud complexity is further increased by hybrid and multi-cloud deployments that combine multiple public clouds, on-premises infrastructure, Software-as-a-Service applications, and distributed users and devices. The survey shows that 88% of organizations now operate in hybrid or multi-cloud setups, up from 82% last year, and 81% rely on two or more cloud providers to run critical workloads.
As new providers, services, and users are added, cloud infrastructure automatically scales but becomes harder to manage. Security teams face challenges in maintaining visibility, operational efficiency, and resilience in these constantly evolving environments.
The report also indicates a shift toward unified security platforms. Sixty-four percent of respondents said that if starting from scratch, they would design a single-vendor cybersecurity platform uniting network, cloud, and application security. Unify reduces operational friction, improves visibility, accelerates detection and response, and enables more proactive threat management.