Inside the $111 Billion Cloud Security Market: Acquisition, Expansion, and Where to Aim Next

Spending on cloud security will be $111 billion in 2025, representing 3% of the total IT spend. Microsoft alone is expected to achieve $37.2 billion in revenue through its cybersecurity division this year.

The details come from HG Insights, a market intelligence firm that provides information and insights useful for go-to-market decisions – which could include large corporations seeking acquisitions to expand or solidify their repertoire, or small startups looking to hone their marketing directions.

Many of the basic market facts are predictable, but the details can still be surprising. For example, while it could be expected that cloud security spending in the US is high, it is somewhat surprising that it represents 38% ($42 billion) of the whole global spend. The US market is bigger than the entire spend in the APAC region ($35.58 billion), or EMEA ($26.38 billion). This immediately tells developers that any new cloud security product must primarily be targeted on the US.

The reasons are multiple. The US is a land of business, and the nursery of cloud computing. The West Coast has a culture of early adoption in new technology. The East Coast dominates in finance – and finance and insurance, unsurprisingly, is the world’s biggest consumer of cloud security.

In terms of cloud security providers, measured by customer count, Microsoft dominates the market with almost 60,000 customers. Splunk comes in second with less than 16,000 customers, followed by Palo Alto, AWS, and Fortinet. Google is a lowly tenth in this list.

For CNAPP providers by customer count, Microsoft again dominates with more than 2,500 customers. Palo Alto is second with just less than 1,300 customers, and Wiz is third with just more than 1.200 customers. Google doesn’t figure at all in this listing.

The absence of Google as a major provider of cloud security may appear surprising given its long-standing email and search related dominance of the internet, and more recently its movement into cloud services with the Google Cloud Platform (GCP). GCP is generally considered the number 3 cloud provider behind AWS and Azure.

The reason is probably historical. “AWS and Microsoft were the first horses in the barn,” explains Matt Hogan, VP of growth marketing at HG insights. “Google is a little late to the party.” 

It was probably less a disinterest in the cloud, and more a focus on shoring up the Google Threat Intelligence Platform (GTIP) first. In 2022 Google spent $5.4 billion to acquire Mandiant, gaining much from the Mandiant brand name while integrating Mandiant’s threat intelligence with the huge malware dataset it acquired with VirusTotal in 2012, and the vast insights it already has from billions of global users and billions of worldwide devices.

GTIP is now a major player in threat intelligence, and Google can refine its focus further. It may be a Johnny-come-lately to cloud security, but it seems to be repeating the same playbook here. In March 2025, it announced plans to acquire Wiz for $32 billion, a transaction that is likely to complete in 2026.

The attraction is clearly shown in the HG Insights market analysis. While Google currently doesn’t appear as a provider of CNAPP, Wiz is ranked at number three. The combination of the Wiz name and product backed by the number 3 cloud provider and a major threat intelligence platform has the potential to change markets.

The State of the Cloud Security Market in 2025 is a snapshot of the cloud security market as it is today. It is drawn from the continuous collection of cloud dynamics data by HG Insights, sourced from a total of more than 11 million businesses worldwide. While this snapshot is valuable, the true value for go-to-market decision-makers comes from monitoring market intelligence as it evolves over time. It provides a continuous road map to navigate expansionist acquisitions, new product development, and finely targeted marketing directions.

Related: CloudSEK Raises $19 Million for Threat Intelligence Platform

Related: Oracle Confirms Cloud Hack

Related: CISA Issues Guidance After Oracle Cloud Hack

Related: CISA Issues Binding Operational Directive for Improved Cloud Security