A new report from Fortinet and Cybersecurity Insiders outlines growing tension between the pace of AI-driven cloud adoption and the capacity of current security models to keep up. The 2026 Cloud Security Report highlights how the expansion of cloud services—accelerated by AI workloads—is exposing structural gaps in visibility, control, and response.
As organizations scale AI deployments, they’re provisioning cloud resources and machine identities at a speed that challenges traditional security operations. The report suggests that this acceleration is reshaping the cloud attack surface faster than most security architectures can adapt.
The core concern is not incremental risk but structural misalignment. Human-paced workflows are increasingly mismatched with threats that move at machine speed. Unless cloud security evolves accordingly, the same AI capabilities enabling growth may also be widening the path to exposure.
Cloud Scale Outpacing Control
Rising security budgets aren’t translating into stronger defenses. The report points to a primary reason: cloud complexity is outstripping security visibility and coordination.
Organizations increasingly maintain environments across several cloud providers, often with layered infrastructure, services, and accounts. But their security tooling hasn’t scaled in parallel. According to the report, telemetry remains fragmented, and few teams have real-time visibility into their environments. This operational blind spot leaves many relying on reactive alerts rather than proactive detection and response.
Respondents reported low confidence in their ability to detect and respond to cloud threats as they happen, a gap that financial investment alone isn’t closing. The challenge, the report suggests, is rooted in architecture, not resources.
“The key takeaway from this report is that cloud security challenges today are no longer driven by a lack of investment,” said Shane Barney, CISO at Keeper Security. “They are driven by structural complexity. Organizations are spending more on cybersecurity, but fragmented tools, multi-cloud sprawl, and persistent skills shortages are preventing that investment from translating into stronger protection.”
Fragmentation and Tool Sprawl
The report identifies tool sprawl as a critical barrier. While security teams are not lacking in software, they are often burdened by disjointed platforms, each with its own data format and alert stream. Few of these tools interoperate cleanly, requiring analysts to manually correlate alerts across systems.
This fragmentation increases the risk of missed or delayed threat detection. When telemetry is siloed and policies are enforced inconsistently, attackers may exploit the seams rather than the tools themselves.
Diana Kelley, CISO at Noma Security, noted that these challenges are mirrored in the field: “Cloud adoption across IaaS, PaaS, and SaaS has become increasingly fragmented, and many teams are trying to manage that complexity by adding more tools to the stack. The report shows that approach is failing.”
The report emphasizes that fragmentation introduces measurable risk, not just operational inefficiency.
Operational Constraints and Talent Shortages
Persistent workforce shortages further constrain teams’ ability to manage complex environments. The report notes that as AI and cloud adoption expand, the demand for skilled security professionals continues to outpace supply.
In response, many organizations rely on alert-driven workflows, addressing issues after they surface rather than implementing preventive controls. Given the dynamic nature of cloud environments, the report argues that scaling security through headcount alone is not sustainable.
The Role of Multi-Cloud in Expanding Risk
The shift toward hybrid and multi-cloud environments has become the norm. While this architecture supports business flexibility, it also introduces layered risks. Each provider brings its own security model, and maintaining consistent policies across environments is a continuing challenge.
Cloud environments often expand organically through business growth, acquisitions, or ad hoc deployments, adding complexity faster than security teams can consolidate oversight. This expansion, the report suggests, contributes to structural fragmentation.
Where Risk Concentrates
According to the report, identity and access sprawl remain leading exposure points. Organizations are responsible for overseeing a vast number of both user and machine identities, often with overlapping or excessive permissions. Misconfigurations and exposed data assets, such as open storage buckets or overly permissive roles, continue to be recurring issues.
The report frames breaches not as isolated failures but as chains of small oversights. A forgotten account or misapplied policy may offer attackers a foothold when visibility is incomplete.
Automation: Alerting vs. Action
Most security systems can generate alerts, but few can take autonomous action. The report highlights a significant gap between the volume of alerts and the capacity for automated remediation.
Trust is a limiting factor. Teams remain hesitant to enable autonomous responses when context is lacking. Without unified data on identities, configurations, and assets, automated systems may not have the information needed to act safely.
The report suggests that automation built on fragmented data remains limited in value. Functionally, it’s more reactive than preventive.
Toward Unified Security Platforms
In response to these challenges, the report identifies a shift toward unified platforms. These systems consolidate controls and telemetry across domains—identity, configuration, and data—enabling more coordinated responses.
Rather than layering on more tools, the trend is toward systems that integrate existing signals and enforce consistent policies. Shared telemetry can support earlier detection and reduce reliance on manual workflows.
“Organizations that simplify their cloud and AI security stack and enable effective automation will be far better positioned to safely scale AI as threats continue to evolve,” Kelley said.
The move toward unification reflects a strategic shift: acknowledging that fragmentation at scale is a persistent risk, not a temporary growing pain.
Aligning for an AI-Driven Future
The report concludes that organizations seeking to scale AI securely must address foundational visibility gaps. Real-time awareness of access, configuration, and data location is essential.
Security functions across identity, configuration, and data cannot remain siloed. Unified context is required for automation to support defense rather than add noise.
The report stops short of prescribing specific solutions but underscores the urgency of aligning architecture with the operational realities of AI-scale cloud environments. As attack surfaces evolve, the ability to act on unified intelligence rather than just observe it may be a defining capability for cloud security moving forward.
