2025 cloud-native cybersecurity predictions

1. Investments and increased vigilance around cybersecurity

Every company across every industry is digitized, and thanks to cloud services, they are all online with websites and software applications serving employees, partners and customers.

Cloud service providers (CSPs), including AWS, Google Cloud and Microsoft Azure, and cloud-native development processes make it easier and more cost-effective for organizations to rapidly develop and deploy applications. Each CSP also touts AI and generative AI (GenAI) features and capabilities that enable even those with minimal experience and knowledge to build and release applications.

This helps increase scale with new applications and more capabilities for business transactions, but it creates serious security issues. Organizations need to prioritize security and risk management to protect company and customer data, and all technology users and consumers need to be vigilant about cybersecurity.

Businesses should evaluate every technology for cybersecurity and mitigating risk. Security teams need to be involved in technology adoption, including the choice of CSPs and software development processes, to ensure they can successfully manage security posture to minimize risk, as well as quickly respond to stop attacks and minimize the effect of cybersecurity incidents.

Consumers and technology users need to prioritize security as they download, buy and use applications, as well as when they visit and conduct transactions online. For example, when choosing a banking institution, ask about security. Use MFA or biometric access, ensure websites begin with "https" and never share personal information on forms on unencrypted sites. As cheesy as it sounds, we must all do our part and spread cybersecurity awareness with friends or relatives.

2. Security teams gear up to use GenAI and chatbot tools

We've seen a lot of hype around GenAI over the past two years. It's exciting to see the rapid innovation from vendors -- including the CSPs mentioned above, as well as OpenAI, Nvidia, Anthropic, Meta, Hugging Face and others -- driving adoption of GenAI tools to help save time.

Recent research on modernizing application security from Informa TechTarget's Enterprise Strategy Group found 64% of organizations currently use GenAI or chatbot tools, while 21% plan to use it, 12% are interested in using it and 3% have no plans or interest in using it.

When asked about their biggest challenges related to cloud-native application development, 45% of respondents said understanding and managing risk related to GenAI use. When asked which element of the technology stack was most susceptible to compromise, 36% said AI and GenAI -- higher than use of open source software and third-party libraries (34%), data storage repositories (29%) and APIs (26%).

To ensure secure GenAI in the enterprise, security teams need to know how to mitigate GenAI risk, understand how GenAI affects attack surface management, and set policies and guardrails for safe GenAI use.

GenAI also affects software supply chain security because AI-enabled tools recommend third-party and open source code components; API security because the APIs connect models to the applications and development workflows; and data security because organizations need to protect company and customer data.

3. Greater focus on software supply chain security

Using existing code, such as third-party and open source components, saves developers time as they face pressure to develop and release software. But Enterprise Strategy Group research on software supply chain security found organizations face increased software supply chain complexity as developers use more third-party and open source code components and GenAI.

Attackers often target vulnerabilities in commonly used code components, and they also look for components security teams might not know about or track. As attacks and vulnerabilities are published, it is interesting to see how quickly organizations respond and remediate code to protect applications.

Security teams should minimize the attack surface and ensure all application code, including third-party components, is tested and secured before applications are released.

When an attacker infiltrates running applications, responsiveness depends on detection and speed of remediation coordinated across security and development teams. Helpful vendors in this space include Cloudsmith, Chainguard, Snyk, Contrast Security, Lineaje, Phylum, GitHub, Sonatype, Mend.io, Checkmarx, JFrog, Endor Labs and Harness.

4. Attackers use access points for attacks

Before cloud computing moved interactions online and gave users more access to products, services and chances for collaboration, perimeter security was sufficient for on-premises computing infrastructure. Now there is no perimeter, so organizations have to ensure security at any possible access point.

This is increasingly challenging to manage, however. When looking at the top cybersecurity incidents from Enterprise Strategy Group research on the state of DevSecOps and cloud security platforms, 37% of organizations said they faced incidents from stolen secrets, 32% from compromised services account credentials and 27% from compromised privileged user access.

This reflects the growing complexity of identity and access management. IAM typically involves multiple groups, including IT and HR for human access points. But the number of nonhuman access points is also scaling, as cloud-native applications are comprised of microservices connecting to each other or connecting to other resources and cloud services -- and increasingly connecting to large language models for GenAI. As my colleague, Todd Thiemann, discussed in a recent article, this area needs more attention.

5. Security efforts focused on remediation efficiency

The number of attacks taking advantage of unmanaged attack surfaces and vulnerabilities will scale in the coming year. Security teams need to focus efforts on optimizing efficiency of remediation, both to proactively mitigate risk and to quickly respond when incidents do happen.

To do this, security teams need to closely coordinate with other teams, including developers, IT and operations teams, to ensure security processes are incorporated into development. Security teams must also consider tool sprawl. While some specialized tools are needed to address API security, software supply chain security, IAM and GenAI, teams must also minimize adding multiple siloed tools so they are not overwhelmed managing too many tools or dealing with too many alerts.

I expect to see increased adoption of platform tools that pull data from multiple sources together, adding context to better understand what needs attention. We should see this and increased innovation from the CSPs, as well as with the cloud-native application protection platform (CNAPP) vendors, such as Palo Alto Networks, Trend Micro, Check Point, CrowdStrike, Wiz, Orca Security, Red Hat, Sysdig, Fortinet, Zscaler, Qualys and Aqua Security.

Although the CNAPP category was created to integrate cloud security posture management with application security tools and processes to focus on efficiency in application protection, some vendors are focused on application security posture management platforms that pull together data from multiple application security tools or capabilities and optimize application security remediation efficiency. These vendors include ArmorCode, Apiiro, StackHawk, Ghost Security, Phoenix Security, Snyk, Invicti, Veracode, Black Duck, Cycode, Mobb, Ox Security, Xygeni and Oligo Security.

Organizations should assess what tools they currently have in place, identify holes in coverage and then determine which platforms or integrations will enable their teams to work efficiently and drive needed remediations across the software development lifecycle. This should reduce the number of cybersecurity incidents, while also helping them act quickly in the event of an incident.

Melinda Marks is a practice director at Informa TechTarget's Enterprise Strategy Group, where she covers cloud and application security.

Enterprise Strategy Group is a division of Informa TechTarget. Its analysts have business relationships with technology vendors.