For more than a decade, cloud strategy debates often boiled down to a binary choice: public versus private. But by 2025, that conversation has changed, and enterprises are choosing their cloud environments based on the needs of individual workloads. With security and compliance top of mind, that choice is pointing to private cloud.
The Private Cloud Outlook 2025 report underscores why. In a global survey of 1,800 senior IT leaders, 92% said they trust private cloud for security and compliance. Nearly 70% are repatriating workloads from public to private environments, with security and regulatory concerns as the top driver.
And while private cloud was once seen as a home for traditional applications, today 84% of organizations run modern, cloud-native workloads there, including AI. In fact, 55% prefer private cloud specifically for AI model training and inference.
Broadcom and Canonical recently announced their partnership that will help customers ship modern container-based and AI applications faster and more securely.
As Regis Paquette, SVP global sales alliances, channels and industry verticals at Canonical explains regarding their partnership:
“Canonical is partnering with Broadcom to address a long-standing question from customers: innovate or stay secure? Now, by bringing enterprise-grade Ubuntu and chiseled Ubuntu containers to the VCF platform, organizations can both innovate at speed and get the reliable security maintenance they need to drive the next wave of enterprise and AI innovation.”
Security and Compliance Are Now Board-Level Issues
TheCUBE Research shows that cyber risk management, including resilience and compliance, is no longer just an IT concern but also a top board-level issue.
Their research highlights some sobering realities:
- Nearly two-thirds of enterprises reported at least one cyberattack in the past year that caused financial or operational harm.
- A third were hit multiple times in that same period.
TheCUBE Research analysis concludes that cyber resiliency means “securing an interdependent system where weaknesses in one layer can compromise the whole.” They call out two themes: holistic visibility across the stack, and interoperability across the ecosystem of tools. “The winners will be the vendors that can provide comprehensive coverage while enabling integration.”
The winners will be the vendors that can provide comprehensive coverage while enabling integration.
David Vellante and Christophe Bertrand, TheCUBE Research
Private cloud gives enterprises the level of visibility, governance, and interoperability that is almost impossible to achieve in fragmented or shared public environments. And for industries like finance, healthcare, and government, that control is non-negotiable.
Broadcom’s Next Step: VMware Cloud Foundation Advanced Cyber Compliance
Still, private cloud must evolve to stay ahead of sophisticated threats and expanding regulatory obligations. That’s why Broadcom has introduced VMware Cloud Foundation (VCF) Advanced Cyber Compliance along with updates to vDefend and Avi Load Balancer, designed to help shield private cloud environments from today’s risks.
These advancements provide a unified approach to compliance, infrastructure hardening, cyber recovery, and threat prevention by bringing together the following.
Continuous Compliance Enforcement at Scale
- Continuous compliance with fully-automated monitoring and desired-state remediation at scale
- Applicable across workloads and VCF stack components to meet industry regulations or customer requirements (VCF Salt)
Automated Ransomware and Data Recovery
- End-to-end automation of cyber-recovery operations to enable more resilient virtualized workloads and databases
- Guided cyber-recovery workflows that integrate validation tools to identify and help clean file-based as well as fileless strains of malware from recovery points
- Full-featured disaster recovery with orchestration at scale
Enhanced Platform Security and Incident Response
- Minimized attack surface with ultra-small Ubuntu container images with enterprise support
- Proactive assessment reports that give users consolidated insights into version-based critical vulnerabilities (CVEs & VMSAs) with expanded incident response
Customers also receive a proactive monthly assessment report to track and improve their security posture. VCF Advanced Cyber Compliance is built for highly regulated industries but delivers value for any enterprise adopting AI workloads or trying to simplify compliance.
Paul Turner, vice president of products for VMware Cloud Foundation at Broadcom, frames it this way:
“VMware Cloud Foundation and advanced services inherently eliminate the complexities and vulnerabilities of disparate point solutions. With our latest innovations, we’re taking the next step in simplifying cyber compliance and better protecting AI workloads.”
The data shows enterprises are embracing private cloud as the environment of choice for trust and compliance. The risks of cyberattacks and regulatory exposure demand it. And with new capabilities like VCF Advanced Cyber Compliance, Broadcom is setting the standard for resilience in the age of AI.
For more information read the Private Cloud Outlook 2025 report and learn more about VMware Cloud Foundation Advanced Cyber Compliance.