How will Gen AI introduce benefits and risks in cloud security in 2025?

One set of predictions by a market research and tech advisory firm has enumerated three potential benefits and two broad risks

How will developments in generative AI (GenAI) technology influence cloud security and infrastructure innovations in 2025? According to a Dec 2024 report by Forrester analysts, on the horizon are unprecedented change and innovation to cloud security: including but not limited to cloud infrastructure-native and third-party security solutions and software-as-a-service (SaaS) app security. 

In terms of cybersecurity benefits, GenAI is predicted to be used to address several shortcomings of heritage cloud security solutions, including limited input signals for detection and response; expensive threat detection and response labor; and exposure to regulatory fines and sanctions. GenAI algorithms will be applied to identity and access management, security analytics, security information and event management, and fraud management (deepfake detection). Large Language Models will be used to power AI agents/copilots; Large Transaction Models will be deployed for threat detection; and generative adversarial networks will be used to fight cybercriminals’ abuse of GenAI. 

To improve the visibility, security, and operational efficiency of cloud infrastructure platforms in 2025, Cloud Workload Security solution providers will incorporate GenAI for threat detection at the cloud infrastructure policy layer; remediation and ongoing policy recommendations; report query capture and response generation; network policy generation; and threat detection at the guest operating system, among others techniques.  

Finally, as Software-as-a-Service (SaaS) configurations become more complex and interconnected, human insight and traditional rules-based methods for detecting cloud risk losing effectiveness. Forrester analysts predict that GenAI will be used to boost cloud security in shadow- and sanctioned- SaaS application detection and risk assessment; data security posture management enhancements; and copilots for policy management, investigation, and reporting.  

On the flip side, operationalization of GenAI is also predicted to pose risks In cloud security in 2025, including those involving governance and explainability issues, including difficulties in governing GenAI models; enforcement of intellectual property and privacy protections; explainability; and algorithmic model poisoning and exploitation.