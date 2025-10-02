SUNNYVALE, Calif., Oct. 02, 2025 (GLOBE NEWSWIRE) -- Illumio Inc., the breach containment company, today released The 2025 Global Cloud Detection and Response Report, based on a global survey of 1,150 cybersecurity leaders conducted in August 2025. The findings reveal that lateral movement remains one of the most elusive and damaging tactics in modern cyberattacks, exposing critical gaps in visibility, detection, and response.

Undetected threats and operational strain resulted in 92% of organizations experiencing security incidents. Each incident involving lateral movement resulted in a global average of over 7 hours of downtime. Alert fatigue, along with limited and fragmented visibility, especially across hybrid environments, are two of the top challenges to detecting lateral movement. The report also reveals that nearly 40% of network traffic lacks sufficient context for confident investigation, underscoring the need for much more advanced and contextualized observability.

Key findings:

Cloud Detection and Response (CDR) tools adopted, but most fall short: 83% of organizations deploy multiple CDR tools, yet nearly all (92%) report challenges with their current capabilities. Top issues include alert fatigue and lack of context, highlighting the need for more effective, context-rich CDR solutions.

83% of organizations deploy multiple CDR tools, yet nearly all (92%) report challenges with their current capabilities. Top issues include alert fatigue and lack of context, highlighting the need for more effective, context-rich CDR solutions. Visibility is failing where it matters most: 80% of cybersecurity leaders say they monitor hybrid communications, and 77% monitor east-west traffic, yet 40% of that traffic lacks enough context to be useful. Fragmented visibility contributes to nearly half of lateral movement incidents going undetected.

80% of cybersecurity leaders say they monitor hybrid communications, and 77% monitor east-west traffic, yet 40% of that traffic lacks enough context to be useful. Fragmented visibility contributes to nearly half of lateral movement incidents going undetected. Alert fatigue is overwhelming: 67% of security teams (79% in the U.S.) receive more alerts than they can effectively investigate, with teams receiving an average of over 2,000 alerts per day—the equivalent of one alert every 42 seconds.

67% of security teams (79% in the U.S.) receive more alerts than they can effectively investigate, with teams receiving an average of over 2,000 alerts per day—the equivalent of one alert every 42 seconds. Missed alerts have real consequences: 92% of organizations have experienced security incidents due to missed or uninvestigated alerts. On average, it takes 12.1 hours to detect an issue caused by a missed alert.

92% of organizations have experienced security incidents due to missed or uninvestigated alerts. On average, it takes 12.1 hours to detect an issue caused by a missed alert. False positives hinder security operations: Security teams spend an average of 14.1 hours per week chasing false positives due to a lack of useful and valuable visibility, tool sprawl, and outdated detection. 73% of leaders say this impacts their ability to focus on real threats.





Looking Ahead: The Promise of AI and ML in Breach Containment



As cybersecurity leaders prepare for 2026, priorities are shifting toward AI-driven visibility and observability, automated triage, and better alert prioritization.

Nearly 80% of respondents believe AI/ML will play a critical role in identifying lateral movement faster and reducing alert fatigue.



Top security priorities for 2026 include:

Increasing AI/ML-driven capabilities (34%) Improving cloud detection and response (34%) Reducing mean time to detect/respond (33%) Automating threat triage and investigation (31%)







“In today’s dynamic threat environment, real-time visibility isn’t a feature; it’s a requirement," says Andrew Rubin, CEO and Founder of Illumio. “In the hybrid mesh, leveraging the AI-driven network security graph and focusing on breach containment is the only strategy that scales. AI-powered observability must do more than detect; it must find threats quickly and stop them from spreading immediately.”

To learn more, including region-specific findings, download the full report. Or, check out the blog.

Research Methodology

Vitreous World conducted research on behalf of Illumio between August 1 and August 13, 2025. The study surveyed 1,150 IT and cybersecurity decision-makers and key influencers across the U.S., UK, Germany, France, Australia, Brazil, and Japan.

About Illumio

Illumio is the leader in ransomware and breach containment, redefining how organizations contain cyberattacks and enable operational resilience. Powered by an AI security graph, our breach containment platform identifies and contains threats across hybrid multi-cloud environments – stopping the spread of attacks before they become disasters.



Recognized as a Leader in the Forrester Wave™ for Microsegmentation, Illumio enables Zero Trust, strengthening cyber resilience for the infrastructure, systems, and organizations that keep the world running.

Contact : comms-team@illumio.com