Common clouds currently encompass the majority of enterprise IT environments. As per Statista’s 2024 data, hybrid cloud models are used by 73% of enterprises, while 14% utilize multiple public clouds and 10% opt for a single public cloud solution. The remaining 3% is divided between multiple and single private clouds.
Enterprises have historically been hesitant to embrace public clouds, but adoption data suggests a shift in perspective. It appears that enterprise efforts have transitioned from risk reduction to prioritizing the potential benefits of public cloud resources.
However, the situation isn’t entirely straightforward. Let’s delve into the present state of public opinion, where enterprises still face cloud challenges and how traditional concerns now revolve around AI.
Public sentiment regarding cloud computing
Cloud computing has consistently grappled with a perception issue. From the vantage point of enterprise leadership and IT teams, public clouds were viewed as expanding attack surfaces with diminished visibility, ultimately giving attackers an advantage.
Conversely, from a consumer perspective—who all transform into consumers themselves on their off days—the cloud represented enormous potential. From storing files and photos to streaming video services and global e-commerce, the public cloud swiftly became a ubiquitous presence in public life.
So, what caused the discord? Primarily, enterprises were wary of the unseen aspects. While many providers offered grand assurances, the specifics were lacking. This led to a “shared responsibility” model where both customers and providers were responsible for data security, yet the specifics of these responsibilities were ambiguous. This was exemplified by the 2019 Capital One breach, where both the bank and its cloud collaborator, AWS, came under scrutiny for their security practices.
To ease these concerns, cloud providers intensified their focus on security. By 2021, leading companies such as Amazon, Google, IBM, and Apple collectively invested $30 billion to address escalating security worries. The outcome was positive: in 2024, 94% of businesses reported enhanced security measures after transitioning to the cloud. This is echoed in Flexera’s State of the Cloud Report, where concerns over security, which were prominent in 2020, have now shifted to second place by 2024.
The statistics paint a clear picture: There is a shift in enterprise perceptions of public cloud services.
A gradual shift, nonetheless.
Reinforce your cloud protections
Persistent cloud obstacles
Despite significant advancements by cloud providers in addressing security apprehensions, other challenges persist.
For instance, the primary challenge highlighted in Flexera’s 2024 State of the Cloud Report is managing cloud expenditures, acknowledged by 82% of enterprises, while resource scarcity and expertise shortages rank third, at 79%.
When it comes to cloud expenditure, there isn’t a simple solution. In fact, simplicity sometimes exacerbates the issue. As providers streamline the acquisition, deployment, and integration of cloud-based services and applications, it becomes easy for enterprises to lose track of what they have, where it is, and its associated costs.
It’s unsurprising that expenditure is prominently featured in the Flexera report, both as a primary concern for cloud expenses at large and also as a challenge in managing software licenses across varied clouds and applications, placing fourth on the list.
Lack of resources and proficiency remains an enduring conundrum for enterprises. According to research from Software One, a staggering 95% of businesses are currently grappling with a cloud and IT skills deficit. While enhancing the skills of current staff can mitigate this shortfall, the expansion of public cloud environments poses a long-term issue of shouldering greater tasks with fewer personnel. While assigning IT teams to manage the public cloud alongside other business objectives is feasible, the outcomes might rekindle the original apprehensions related to cloud deployments: diminished security.
The resurgence of age-old challenges
Even as enterprises come to grips with the necessity and prevalence of the cloud, a new hurdle has emerged: AI.
Similar to the public cloud, artificial intelligence holds the potential to revolutionize business operations. However, it also introduces fresh avenues for security breaches, causing many companies to remain cautious about adopting AI.
In certain scenarios, this translates to bridling the scope of AI in enterprise environments. For instance, organizations might employ AI for process automation while refraining from utilizing generative tools for content creation or sales activities. They might leverage AI solutions to analyze diverse data, but entrust the task of translating results into action solely to humans.
This culminates in a perceptual landscape that shares resemblances with, yet diverges from, its cloud predecessor. Recent data from Gartner indicates that the primary concern identified by companies in Q2 2024 were AI-enhanced malicious attacks. This echoes past concerns regarding the public cloud as a potential vulnerability—if malefactors were able to access shared resources, it could sow inter-departmental chaos.
AI, however, brings a distinctive issue: Progression. While cloud-based threats exploited expanded attack surfaces, they retained the same philosophical underpinning as their predecessors: Failure necessitated revisiting the drawing board for malicious actors.
In contrast, AI code is dynamic. Both failures and successes influence the evolution of ransomware tools or Malware-as-a-Service offerings. This continual enhancement is mirrored in the protective segment of AI deployment; however, in both realms—assault and defense—the strategy towards AI inherently differs from that of the cloud.
The veracity of cloud security
Cloud security has transitioned from nebulous reassurance to a fundamental element of public offerings. Results speak for themselves: more enterprises are embracing the public cloud, security enhancements are being reported across the board, and fewer companies consider security as their primary cloud challenge.
Conversely, AI has emerged as the forefront security concern. Analogous to cloud computing, some apprehensions around AI security may be exaggerated—naturally, as the market diversifies and standardization becomes paramount, organizations can anticipate the common security issues to be efficaciously resolved.
Yet, where AI and the cloud diverge is in the evolution of future threats. While cloud frameworks have evolved to cater to new enterprise demands, they fundamentally remain tethered to foundational infrastructure. AI, on the other hand, operates unhindered by such restrictions, making it challenging to predict its developmental trajectory over the long haul.
The bottom line? Cloud perception has pivoted towards incentivization. However, the emergence of AI has refocused attention on the perennial issue of enterprise cybersecurity risks.