As AI adoption accelerates—and the networking industry evolves—many enterprises are shifting workloads from the cloud back to on-premises data centers.
In fact, a growing number of companies are considering repatriation as a way to regain control, bolster security, and improve cost predictability.
This approach is especially appealing for organizations performing inference, fine-tuning, or training AI models in-house, where on-prem architecture offers greater oversight and privacy.
Technologies like Kubernetes also ease the transition between environments, encouraging hybrid infrastructure strategies.
But while the intent is to simplify operations, repatriation often leads to an even more tangled web of network complexity and security challenges.
The Hybrid Trap
Enterprises rarely abandon the cloud entirely. Public cloud resources are still required to source data, support collaboration tools, or scale workloads dynamically.
As a result, repatriation typically creates a hybrid environment—one where some applications live in the data center while others remain in the cloud.
This fragmentation complicates visibility. It also increases risk. When workloads communicate across loosely integrated environments, blind spots emerge.
These are exactly the conditions that attackers exploit—highlighting the critical need for better observability and cohesive security policies across the entire network.
Layering the Stack: A Smarter Security Strategy
To regain control over this complexity, organizations should adopt a defense-in-depth approach and think in terms of security layers.
—starting from the top of the technology stack and working down.
Identity and Access Management (IAM): As the first line of defense, IAM ensures that only authorized users can access critical assets. It is especially important in multicloud settings where access rights span multiple environments.
Endpoint and Workload Protection: Every workload should have endpoint protection software in place to detect intrusions and malicious activity. Vulnerability scans should be continuous—not periodic—to detect threats early.
Cloud Configuration Hygiene: Misconfigured cloud services like open S3 buckets are still a common issue. Teams must enforce consistent guardrails and apply automation to check for drift from best practices.
Cloud Network Security: This layer secures the underlying network infrastructure. Cloud-native, distributed firewall models now allow teams to apply and enforce consistent security policies across multicloud environments.
Unlike traditional firewalls, which operate at the perimeter, distributed models are embedded into the cloud fabric itself—enabling visibility, performance, and protection across dynamic, ephemeral workloads.
At the cloud network layer, it's also critical to provide secure, high-speed connectivity between data centers and clouds, across cloud providers, and between external partners and cloud environments—ensuring traffic flows are both protected and performant.
Monitoring and Observability: Visibility should run through every layer. Without it, even the best policies can’t be validated or enforced effectively. To maximize protection, organizations need the ability to collect and correlate telemetry across identity, endpoint, cloud posture, and the network.
When signals are shared across layers, security teams gain deeper insight into attack paths, policy effectiveness, and anomalies—enabling faster detection, better root cause analysis, and more precise response.
The Human Factor
Technology is only part of the puzzle. As hybrid networks become more complex, the need for cross-functional collaboration grows. Often, a security requirement set by the CISO gets passed down to DevOps or networking teams without enough context—leading to friction, delays, or misaligned implementations.
To fix this, organizations should integrate security checks directly into CI/CD pipelines. Automating policy enforcement at the development stage helps reduce manual bottlenecks and limits the burden on security teams.
Security teams can define guardrails—such as broad network security policies or identity-based access boundaries—while allowing DevOps teams to deploy service-specific policies as long as they remain within those guardrails. This approach strikes the right balance between security oversight and development agility
Another challenge arises when teams try to apply traditional security rules in modern cloud environments. For example, policies that rely on IP addresses don’t translate well in Kubernetes clusters or dynamic multicloud setups. Instead, organizations should lean into cloud-native constructs—like CSP tags or Kubernetes namespaces—to simplify policy enforcement.
A distributed cloud firewall, paired with identity-aware controls, enables security teams to define policy once and apply it everywhere. This dramatically reduces operational overhead and allows logs and telemetry to be gathered consistently across providers and environments.
A Glimpse of What’s Next
The modern hybrid enterprise demands more than bolt-on tools. It needs a pervasive approach to network security—one that aligns enforcement with the infrastructure itself.
This vision is embodied in the emerging concept that today’s security risks lie within the network fabric between clouds.
As such, a new type of network architecture is required – one that embeds policy enforcement into the network, allowing security to scale alongside the workloads it’s designed to protect.
While organizations may still be in the early stages of implementing such architectures, the direction is clear.
Cloud security can no longer rely on traditional perimeters or siloed tools. It must become part of the fabric of how modern environments are built, monitored, and defended.
Cutting Through the Chaos
Today’s tangled hybrid networks are the enterprise equivalent of a Gordian Knot. But unlike Alexander the Great, security teams can’t simply cut through the complexity—they must untangle it thoughtfully.
By rethinking their architecture in layers, leaning into automation, and fostering stronger collaboration across teams, organizations can reclaim visibility and control over their networks.
And in doing so, they’ll be better positioned to face the next wave of security threats—wherever they emerge.
We list the best network monitoring tools.
This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
English (US) ·