CISOs and AI are experiencing a love-hate relationship. AI is transforming how businesses operate, including security operations, but as organizations rush to reap the rewards, AI is also introducing risk, increasing complexity, and forcing compromise, especially in the hybrid cloud. Today’s CISOs find themselves in a challenging position: tasked with securing a system in flux, often without the authority or insight they need to succeed.
The 2025 Gigamon Hybrid Cloud Security Survey paints a sobering picture. Breach rates are up 17% from last year, with 55% of organizations reporting a security incident in the past 12 months. Nearly half say their current tools are no longer effective at detecting breaches. The takeaway is clear: the threat landscape is evolving faster than most organizations can adapt, and AI is both the catalyst and the challenge.
Cloud Complexity Made Worse with AI
As AI adoption accelerates, the hybrid cloud has become the go-to infrastructure, combining the flexibility of public cloud with the control of private environments. But this setup isn’t seamless. It’s segmented, sprawling, and hard to secure. According to the survey, 70% of security leaders now believe the public cloud poses a greater risk than any other environment. Many organizations, particularly large, complex enterprises, are actively reconsidering whether workloads (especially AI ones) belong there due to cost, data volume, and internal resources.
Visibility also becomes more challenging in complex hybrid cloud environments. Nearly half (47%) of leaders report a lack of visibility into lateral East-West traffic, which is critical for detecting movement and insider threats. This is creating security blind spots where adversaries can thrive, as many “living off the land” breaches have shown. While governance and data quality are top concerns, 91% of leaders admit they’ve had to compromise on visibility, data integrity, or tooling to keep up.
An Influx of Data is Creating Challenges
AI is here and organizations are starting to see the impact. One in three organizations says their network data volumes have more than doubled in the past two years due to AI. That strain on infrastructure is pushing monitoring tools to the brink, while encrypted traffic and tool-to-tool communication complicate inspection and control.
The challenge is the lack of clean, high-quality data to support secure AI workload deployment. Without good data, security tools lose precision. AI models risk being trained on tainted information, and operational confidence becomes collateral damage.
At the same time, AI has accelerated an already fast-moving threat landscape. Nearly half of organizations have already experienced attacks targeting their large language models (LLMs), while 58% are seeing a surge in AI-powered attacks, including deepfakes, AI-enhanced ransomware, and ultra-targeted phishing campaigns. In these challenging environments, organizations are struggling to match the agility and scale that threat actors now command.
Also Read: CIO Influence Interview with Dilip Bachwani, Chief Technology Officer, Qualys
Why CISOs Need Strategic Influence
Despite growing expectations, CISOs are still navigating unclear lines of ownership when it comes to cybersecurity strategy, decision-making, and funding. The disconnect is stark. While 52 percent of CISOs believe they control the cybersecurity budget, only 8 percent of their C-suite peers agree, according to our survey.
As risk accelerates, CISOs aren’t just looking to respond to threats. They want a seat at the table to shape strategy and drive governance in their organizations. Without that authority, organizations risk leaving their most experienced defenders out of the conversation at the exact moment their insight is needed most. That disconnect is putting organizations at risk.
Yet, the expectations for CISOs and security leaders remain high. CISOs are expected to secure fragmented infrastructure, mitigate emerging threats, and ensure compliance—all while operating with limited budgets. Still, CISOs are pushing forward. They’re elevating visibility as the top priority, focusing on achieving real-time threat monitoring across all data-in-motion over the next 12 months.
More Tools Are Not Always the Answer
The instinct to stack more tools to solve these problems is understandable, but it’s not sustainable. Most organizations already deploy dozens of solutions across hybrid environments, and the result is often fragmentation, not better protection. More than half (55%) of security leaders say their tools still aren’t effective at detecting breaches. The issue isn’t a lack of tools. It’s more of a lack of alignment. Tools designed for a pre-AI world can’t always handle the scale and complexity introduced by today’s dynamic threat landscape. What’s needed isn’t more data, but better insight and visibility. And that’s where deep observability comes in.
Turning Signals into Strategy
Deep observability is fast becoming the cornerstone of resilient cybersecurity strategies. By integrating network-derived telemetry (like packets, flows, and metadata) with MELT data (metrics, events, logs, and traces), organizations can finally connect the dots across their environments.
According to the survey, nearly nine in 10 leaders agree that deep observability is essential to securing AI deployments.
Deep observability does more than improve detection, as it empowers security teams to prioritize threats, reduce noise, and operate proactively. It brings clarity to complexity, and it gives CISOs a fighting chance in a game where the rules keep changing.
That’s why, from my perspective, deep observability isn’t just another layer of telemetry. It’s the foundation for securing the future. By providing a comprehensive view of network traffic across physical, virtual, and cloud environments, it enables organizations to detect, prioritize, and respond to evolving threats with far greater precision. This level of complete visibility is essential for understanding the data flowing in and out of AI models and for mitigating risks like data poisoning before they become serious breaches.
The Road Ahead
AI is not going anywhere, but neither are the threats it invites. The only way forward is to build a security foundation that can keep pace with innovation: one rooted in visibility, high-quality data, and strategic investment.
As organizations accelerate their adoption of AI and other transformative technologies, cybersecurity leadership must evolve in parallel. CISOs need to be active participants in shaping innovation strategies to not only manage risk, but to ensure these technologies are deployed responsibly and securely. Security is no longer a downstream concern; it must be embedded from the beginning to build systems that are resilient, trusted, and fit for purpose in a rapidly changing world.
Catch more CIO Insights: Securing Desktops Against Ransomware: Practical Lessons Beyond the Perimeter
[To share your insights with us, please write to psen@itechseries.com ]
