Final week, Forrester hosted our Predictions 2025 Webinar: Expertise & Safety. We had a good time bantering about a number of the most impactful safety and expertise predictions that our analyst groups known as out, together with across the ROI for AI initiatives, non-public cloud and VMware, plans for agentic AI, and imposing the EU AI Act in 2025. Due to the webinar attendees who requested some insightful questions all through the session! Sadly, we ran out of time and couldn’t reply all your questions, however listed below are responses to a number of the questions we couldn’t get to (questions have been edited for readability):
Which software varieties shall be greatest fitted to on-prem clouds? Non-public cloud can’t remotely match the firepower, scale, and tempo of innovation of the hyperscale public cloud platforms, however this doesn’t imply that personal cloud is irrelevant. In reality, non-public cloud could be the most cost-effective selection for a lot of enterprise IT, notably in retailers that embrace the enabling model of high-performance IT that focuses on stabilizing and defending operations which might be cost-effective and don’t require huge cloud assets. Then there are workloads the place safety and sovereignty are paramount and the place the autonomy of enterprise IT is essential. Even IT organizations embracing the remodeling model of high-performance IT could discover that private-cloud-based AI meets their wants, particularly if DeepSeek’s claims of AI innovation on garden-variety GPUs develop into generalized.
Do you counsel a formulation or standards to assist stakeholders choose high-value enterprise use instances for AI? There isn’t any formulation, per se. A great way of fascinated by it’s within the type of a portfolio of use instances and capabilities which might be road-mapped with interconnected milestones — a few of which ship fast worth and others extra so over the long run (as a result of for some use instances, even high-value ones, it could be higher to attend or go sluggish). Use case choice is difficult for AI and never simply pushed by financial worth however entails readiness based mostly on 4 groups: enterprise, knowledge, expertise, and governance.
Have you ever noticed any recurrent habits in how and who’s writing the AI agenda? Any rising sample (e.g., centralization, federation) because the follow evolves in every group? In Forrester’s State Of Knowledge, Analytics, Measurement, And Insights Survey, 2024, we requested knowledge and analytics decision-makers, “The place does essentially the most senior knowledge and analytics chief report back to in your group?” Thirty-nine % of respondents say IT and 37% say to the CEO — so the agenda is about by IT leaders or the CEO, as mentioned within the webinar. We’re seeing lots of partnership between enterprise and IT and federation.
Considering extra about safety than AI, I see AI as creating a good increased precedence to cowl the fundamentals to scale back publicity and threat. Do you agree? We lined this briefly on the finish of the webinar, nevertheless it deserves an extended response. As we construct AI into our techniques and functions, lots of the dangers and challenges ought to look acquainted: unprotected API calls into third-party fashions, unvetted fashions, and shadow AI. Through the years, we’ve realized classes about third-party threat administration, utilizing open-source and third-party software program elements safely, and managing and defending APIs — we have to apply these classes to AI in order that historical past doesn’t repeat itself but once more.
How properly are third-party threat administration techniques factoring dangers round AI governance? Most of the platforms that help third-party threat administration (TPRM) additionally allow governance, threat, and compliance (GRC) use instances. These platforms help AI governance by serving to organizations get a deal with on the vary of AI use instances that their firms deploy and the number of fashions that help them — stock property, techniques, and third-party entities, in addition to help AI coverage creation, distribution, and monitoring. Generative AI options of GRC and TPRM platforms have rapidly develop into normal to how threat professionals handle the dangers of AI of their organizations. Moreover, AI governance platforms are rising as a brand new market forecasted to develop at a 30% compound annual development price to the tip of this decade. There’s extra to return on this, with Forrester planning new, groundbreaking evaluative analysis on AI governance platforms in 2025.
Thanks once more to all of the attendees who requested such insightful questions! If you happen to missed the webinar, you possibly can nonetheless take a look at the replay right here. Forrester shoppers, make sure you take a look at all of our 2025 Predictions studies and arrange an inquiry or steerage session if you wish to dive in additional.
