Channel partners in demand as CISOs plan 2025 cloud security investment

Cybersecurity leaders at large enterprises are planning to ramp up spending on cloud security in 2025 and want channel partners to help them maximise their return on investment, according to new research by Westcon-Comstor.

The global technology provider and specialist distributor surveyed 500 CISOs (Chief Information Security Officers) and other senior security executives at end-user organisations with at least 1,000 employees across five countries: France, Germany, Italy, UAE and the UK.

Among the key findings is that 83% of security leaders intend to invest in Cloud-Native Application Protection Platform (CNAPP) and other cloud security technologies over the next 12 months. This propensity to invest was most pronounced in Italy and the UAE.

Are you planning to invest in cloud security-CNAPP technologies over the next 12 months? Chart shows proportion of respondents answering “yes.”

Across all geographic markets, the top three priority areas for investment are AI Security Posture Management (AI-SPM), Cloud Security Posture Management (CSPM) and Application Security Posture Management (ASPM).

This appetite to invest creates significant growth opportunities for channel partners in specific areas.

The vast majority (95%) of those surveyed currently engage with channel partners, including resellers and managed security service providers, when procuring and deploying such solutions.

Training and enablement emerged as the most valued benefit from channel partners in the eyes of security leaders as they embrace CNAPP, with 40% singling this out as their main requirement – suggesting strong demand for knowledge-building support to maximise cloud security capabilities.

A third (32%) highlighted cost-effective access to new solutions as the primary reason for engaging with channel partners, while 28% said what they value from partners above all else is assistance when navigating the cloud security market and identifying the best solutions.

When asked about the main drivers of CNAPP adoption, security leaders emphasised the need to consolidate capabilities into a single unified platform, reducing the complexity and blind spots that come from using multiple cybersecurity vendors and tools.

Other motivating factors include the need to integrate security and compliance testing seamlessly, and a desire to unify risk visibility across cloud environments and the application development lifecycle.

Three quarters (75%) of security leaders agree on the need to adopt a DevSecOps approach to align with the ‘shift left’ trend that is seeing operational responsibilities shift toward developers and cloud architects.

Publication of the research comes as Westcon-Comstor announces its intention to establish a new X2C (everything to cloud) cybersecurity go-to-market in 2025, driving partner and vendor growth across the four pillars of code to cloud, infrastructure to cloud, data to cloud and identity to cloud.

“CNAPP offers a holistic approach to securing cloud infrastructure, bringing together various security functions and capabilities in a single, unified platform to provide comprehensive security across the entire software development lifecycle, from code to cloud,” said Daniel Hurel, Senior Vice President, Westcon EMEA Cybersecurity & Next-Generation Solutions at Westcon-Comstor. “As the cloud security market continues to evolve, we’re seeing CNAPP become the go-to solution for securing cloud workloads. Our research suggests that this presents an opportunity for the IT channel, with particularly strong demand for training and enablement. Partners who establish themselves in this high-growth area stand to reap the rewards in 2025 and beyond.”