IDC FutureScape: Worldwide Security and Trust 2025 Predictions
This IDC study presents the top 10 security and trust predictions in 2025 and beyond."We are at an important inflection point in the transparency of digital products. Bills of materials (BOMs), evidentiary requirements, digital sovereignty, and concerns regarding how AI technologies are built and maintained have pushed us toward a greater understanding of how trust is gained and lost. In the following ten Security & Trust predictions are coming changes that empower organizations with AI and empower citizens with data transparency and accountability," said Grace Trinidad, research director, Trust Measurements and Metrics at IDC.
IDC FutureScape Figure
Executive Summary
IDC FutureScape Predictions
Summary of External Drivers
Predictions: Impact on Technology Buyers
Prediction 1: By 2027, 40% of Businesses Will Support DIY Security for Developers and Line-of-Business Application Owners Through AI-Enabled Automation of Security Policy Generation from Natural Language Commands
Associated Drivers
IT Impact
Business Impact
Guidance
Prediction 2: By 2027, Only 35% of Consumer-Facing Companies Will Use AI-Powered IAM for Personalized, Secure User Experience Due to Continued Difficulties with Process Integration and Cost Concerns
Associated Drivers
IT Impact
Business Impact
Guidance
Prediction 3: By 2026, Five Sovereign Countries Will Establish Data Embassies in the EU
Associated Drivers
IT Impact
Business Impact
Guidance
Prediction 4: By 2028, Precipitated by AI BOM Requirements, 85% of Data Products Will Include a Data BOM Detailing Data Collection, Edits Made, Data Cleanup, and How Consent Was Obtained
Associated Drivers
IT Impact
Business Impact
Guidance
Prediction 5: By 2025, the Same Evidentiary Requirements That Exist for Current Compliance Audits Will Extend to 100% of AI Products, Requiring Organizations to Demonstrate LLM Build and Exclusion of Sensitive Data
Associated Drivers
IT Impact
Business Impact
Guidance
Prediction 6: By 2025, the EU and the G7 Will Adopt a Framework Allowing Individuals to Block the Use of PII in AI, Regulate Where That Information Can Be Geographically Stored, and Correct Erroneous Information
Associated Drivers
IT Impact
Business Impact
Guidance
Prediction 7: By 2029, 50% of Organizations Will Use External Attack Surface Scan Data to Monitor Their Partners/Suppliers in an Effort to Understand Third-Party Risk
Associated Drivers
IT Impact
Business Impact
Guidance
Prediction 8: In 2025, 25% of Organizations Will Move from POC to Production in Specific GenAI Use Cases Without a Comprehensive Risk-Based Assessment of Their Trust Capabilities, Thus Creating a House of Cards
Associated Drivers
IT Impact
Business Impact
Guidance
Prediction 9: By 2026, the Intersection of Data Privacy Regulations with Sustainability Initiatives Will Drive a 20% Increase in Demand for Certified Data Erasure Solutions and Services for Refurbished Devices
Associated Drivers
IT Impact
Business Impact
Guidance
Prediction 10: By 2025, 66% of ESG Service Providers Will Add Managed ESG Services to Their Portfolios as an Option for Their Respective Clients to Outsource the Management of ESG Risk
Associated Drivers
IT Impact
Business Impact
Guidance
Advice for Technology Buyers
External Drivers: Detail
AI-Driven Business Models — Moving from AI Experimentation to Monetization
The Drive to Automate — Toward a Data-Driven Future
Future Proofing Against Environmental Risks — ESG Operationalization and Risk Management
Regulatory Flux — Navigating Compliance Challenges in a Shifting Policy Landscape
Expanding Digital Security Frontiers — Fortification Against Multiplying Threats
Geoeconomic Reordering — Rethinking Globalization, Supply Chains, and Macroeconomic Challenges
Responsible and Human-Centric Technology — Ethics in the Enterprise