CISOs prioritise real-time visibility as AI reshapes cloud security

New research from Gigamon has outlined how chief information security officers (CISOs) are adjusting their security priorities in response to the growing adoption of AI and the changing landscape of hybrid cloud infrastructure.

The survey heard from over 200 CISOs across Australia, France, Germany, Singapore, the UK and the US, revealing that metadata is seen as vital to achieving the level of visibility required to secure complex cloud environments.

Metadata and visibility

The report, "CISO Insights: Recalibrating Risk in the Age of AI," highlights how AI technologies are simultaneously accelerating digital transformation and intensifying the frequency and complexity of cyberattacks. In this context, the quality and visibility of data have become central concerns for security leaders. According to the research, 86 percent of global CISOs believe that both packet-level data and metadata are essential components in reinforcing security posture, providing a scalable means to detect critical signals within increasing data flows.

The top priority for CISOs is real-time threat monitoring and comprehensive visibility into all data in motion across their organisations, supporting a defence-in-depth strategy. However, 97 percent of CISOs acknowledged making compromises in areas such as visibility gaps, tool integration and data quality, which they say limit their ability to fully secure and manage hybrid cloud environments.

"Looking ahead to 2026, AI remains both one of the biggest challenges and most exciting opportunities for CISOs," said Chaim Mazal, Chief AI and Security Officer at Gigamon. "The rise in AI-driven ransomware, social engineering, and the unchecked spread of shadow AI is placing security leaders on the defence, which is why our survey shows visibility has become their top priority. At the same time, AI offers a powerful way to augment security teams, restore visibility and control, and reshape how organisations structure and resource their defences, ultimately paving the way for stronger security."

AI expands threat landscape

According to the findings, the explosion of data driven by AI has nearly doubled data volumes, substantially increasing the attack surface for organisations. This development is altering how CISOs manage and store data across a range of environments, including virtual, cloud and container platforms.

Three-quarters (75 percent) of those surveyed consider public cloud to be a greater security risk than any other environment. In response, 73 percent of CISOs are weighing up moving public cloud data back onto private cloud infrastructure due to security concerns, marking a notable shift since cloud-first migrations began approximately two decades ago. In addition, 52 percent expressed reservations about using AI in the public cloud, citing intellectual property concerns and the broader challenges associated with visibility, compliance and shadow AI.

The seriousness of these issues is reflected at the organisational level, with 70 percent of respondents indicating that public cloud security is now a regular item on board level agendas.

Changing approaches to AI security

The reliance on AI is also causing a revision of how SOCs (security operations centres) function. Almost one in five CISOs reported lacking the appropriate tools to manage the increased network data volumes created by AI, underscoring that legacy log-based tools may not be fit for purpose against AI-powered threats.

The research found that 52 percent of CISOs have made leveraging network and application metadata a top priority in the coming year to improve the effectiveness of their existing security tools. Additionally, 46 percent are focusing on ensuring visibility across all data in motion, and a third are deploying guardrails around large language models in an effort to manage emerging risks.

AI and security teams

Rising data breaches, with a 17 percent increase year on year, are translating into greater pressure on CISOs, 45 percent of whom said they are now the main person held accountable in the event of a breach. There is also concern about stress and burnout within cybersecurity teams, which is driving a greater embrace of AI-based security tools.

Gigamon's research indicated that 45 percent of CISOs are turning to AI tools to enhance the productivity and capabilities of their internal security teams. Facing a worldwide shortage of skilled professionals and budget constraints, 73 percent of respondents are considering the use of AI as a strategy to compensate for reduced headcount. The findings suggest that AI is increasingly viewed as both necessary and beneficial for security operations.

The adoption of AI is expected to have practical impacts, such as enabling junior analysts to perform at the same level as more experienced team members, reducing training costs, speeding up analysis while investigating threats, and improving overall visibility for the security function.

Deep observability focus

According to the survey, 82 percent of CISOs say that deep observability-blending network-derived telemetry with log data across hybrid cloud deployments-is essential for both secure and efficient AI rollouts. This approach supports closing visibility gaps, improving threat detection and ensuring that AI tooling is working with trusted data.