As we start 2025, it's time to gaze into the crystal ball again and think about what I expect to impact the decisions of technology owners for Hybrid Platforms. We will dive into the top 10 things I think should be top of mind for 2025 and then take a sneak peek at the longer-term trends I feel should be on your radar.
As a quick reminder, the topic of Hybrid Platforms covers all those technology areas where you store data and run applications, along with how you connect and protect them. The following ten categories summarise the specific areas we focus on in this pillar.
The trends I am writing about in this series are related to these categories and supported by the broader pillars of Modern Workspace, Security, and Digital Enablement. Each area will be pressured by its own set of demands and trends, but we are acutely conscious of ensuring we don’t miss the overlaps where challenges are striped across categories. Challenges like Cyber Defence and opportunities like AI will require tight collaboration between various technology categories.
The other key thing to remember is that specific technology trends must be considered against broader macro trends that will impact all organisations. Some of these trends are captured in the image below, which was constructed by Kyle Davies (Head of the Office of the CTO). While not the focus of this post, I thought it was essential to the overall context.
- Decarbonisation of industries
- Some shift away from the $
- Enhanced IPOs
- Integrated AI & AI as a Feature
- Multi-modal AI and AI agents
- Policy review of what constitutes human effort
- AGI & Superintelligence
- Power challenges
- Cost of living increasing
- Reshaping global supply chains & Trade wars
- Growth of Emerging Markets
- Gig & Remote Work Expansion
- Return of M&A
- Shifts in global trade dynamics
- Rising influence of ESG
- Talent Shortages
- Consolidation & Rationalisation
- CX and the demand on personalised experiences
- Hybrid work models
- Increasing regulatory and policy landscape
So, onto my crystal ball for 2025. Here are 26 things I believe will impact decisions for this year. Some will be more pertinent to certain sectors or specific sizes of organisations, and some will be affected by the current technology maturity level. The six at the top are the trends I believe should be at the top of every organisation’s mind as they move into 2025.
Top 10 Breakdown
Let’s dig into the top 6 and 4 of my favourites from the remaining 20 to compile our top 10 predictions list for 2025. It will be interesting to look back at this in 2026 and see what came to a realisation. So here we go, in no specific order:
Unified Observability
Over the last decade, the typical enterprise IT landscape has grown in complexity at an extraordinary rate. Many organisations are dealing with three to four waves of innovation (from physical through modern apps), simultaneous use of different application architectures (monolithic, web, containers, SaaS), increased expectations on system performance/availability, as well as generally increased scale (quantity) of systems to support. All this combines to leave IT operations teams fighting an uphill struggle to understand all the interactions between systems, implement effective change control, identify root causes of issues and ultimately reduce that mean time to resolution (MTTR) when an incident occurs. The goal should be to have visibility that can help avoid as many impacting incidents as possible and, when they do happen, provide the means to resolve them quickly and effectively.
Old monitoring tactics based on consumption thresholds cannot provide this level of insight for today's complex landscapes. Organisations need to consolidate monitoring tools for networks, applications, and infrastructure into unified observability platforms and then pass these data feeds into an AIOPS platform that further integrates with core ITSM tooling.
Artificial Intelligence FoMO
The AI hype from 2023 and 2024 will continue into 2025, and decision-makers will be faced with planning investments into the tight technologies. Many use cases will be commoditised into SaaS platforms, making accessing Generative AI easier and less risky, especially for those mass market outcomes like chatbots, HR and Marketing assistants and bid management assistants. Developing a clear AI strategy aligned with the broader organisation’s needs, corporate ethics, and regulatory demands will be key for early 2025. Then investing in SaaS outcomes where appropriate (when data, security and IP challenges can be mitigated) or custom AI solutions (On-premises or your cloud instances) can progress without the risk of becoming another failed AI statistic.
Here are a further four sub-themes to consider for 2025 alongside the broader AI strategy requirements:
Small Language Models (SLM): These are looking to optimise existing use cases and run them with the fewest parameters, helping to drive cost efficiency for specialised tasks or becoming part of a broader orchestration system to help solve more complex challenges. The other advantage is you don’t need as much data to create a functional SLM, meaning training is quicker and can be completed on an AI workstation rather than a large supercomputer.
Multi-Modal: At the other end of the scale to SLMs, we saw the first multi-modal AI models (Google's Project Astra / GPT 4 - Omni) demonstrated in early 2024. These models require even more data to make them functional, but the gains from being able to ingest and output in multiple formats simultaneously will be massive. The versatility of multimodal AI will open new use cases across all sectors, providing enhanced understanding and a more natural and accessible use engagement. Multimodal AI should bring us closer to creating AI systems that interact with the world as humans do.
AI agents: As a natural precursor to full Agentic AI (systems that exhibit a degree of autonomous behaviour and decision-making that can mimic human-like 'agency'), AI Agents (AI agents rely more on pre-determined programming and do not exhibit 'agency' in a broad, autonomous sense) operate based on rules, goals to provide task execution and decision-making, often acting on behalf of a user or system with a level of autonomy. By leveraging AI agents, organisations should unlock more significant levels of automation, helping to drive efficiency, better decision making and cost savings.
AI Governance: AI accountability will be a big topic for every organisation. Regardless of the type of AI adopted, ensuring ethical deployment and addressing bias, transparency, and compliance challenges should be top of mind.
Updating internal policies, deploying tooling to track usage and provide visibility, and clearly communicating AI ethics should be top of mind for any organisation adopting AI in 2025.
Cyber Resilience Maturity
The outlook for cyber incidents in 2025 is just as alarming as years before; the Splunk 2024 'State of Security' report highlighted that "48% have experienced cyber extortion, making it a more common cyberattack in 2024 than ransomware". While ransomware is only slightly behind at 45%, it highlights a trend of threat actors moving from encryption to exfiltration and subsequent extortion based on the value of the data. This is likely in response to increasing maturity in data protection solutions, enabling organisations to recover in more timely windows.
The challenge with this behaviour change is that it puts pressure on the core IT operational team and basics like zero trust, patching and software development practices. We all know this is a joint responsibility. I want to see a continued drive on the journey of cyber resilience maturity during 2025, with closer collaboration between core IT operations teams, security teams and developers. I believe four things can make a difference when deployed in conjunction with other trends like Zero Trust Adoption.
Minimal Viable Company: When building your recovery plans, consider the concept of a minimal viable company. What applications, data, and systems do you need to restore critical functions? Then, consider how that will change depending on when the attack happens. Month-end vs. mid-month could change the minimum viable application set, which is the same for the time of year or quarter. Ensuring this is clearly documented and understood as part of your recovery plan could significantly shorten recovery times and minimise the impact on revenue and reputation.
Operational Excellence: The Splunk report also highlighted that human beings are still the common factor in breaches' success. With misconfiguration accounting for 38%, known vulnerabilities at 29%, and vulnerabilities in internally developed apps at 31%, it's clear that a focus on Operational Excellence could have a massive impact.
Data Protection Basics Done Right: Protecting critical data is not just about cyber threats; we must also consider traditional disasters, insider threats, platform failures, and regulatory compliance. I would encourage everyone to review current data protection maturity and ensure they have the technology, people, and processes aligned with current demands.
Isolated Recovery Environment (IRE): Regardless of the trends to extortion, ransomware is still a significant threat, and recovery can be challenging for the IT operations teams responsible (this is not a security team issue). Ensuring the deployment of IRE technologies with assisted and automated recovery capabilities should still be top of mind.
Adoption of the Intelligent Edge
Combining IoT, Automation and AI to enable data capture and processing at source can help organisations increase revenue and decrease operating costs and risk. The Intelligent Edge represents a step forward in revolutionising how we unlock the potential of data; advancements in connectivity (WiFi, 5G), IoT devices, AI and ISV (that provide the window to the data) solutions have created many use cases. The Intelligent Edge represents an evolution of the traditional edge, enabling smarter, more independent, and responsive systems that combine edge devices, edge gateways, edge AI, and networking with smart cloud integration. By exploring the new generation of sensors and connectivity capabilities, we can explore use cases such as:
- Predictive Maintenance
- Automated Quality Inspections
- Asset Tracking and Management
- Enhanced People Safety
- Augmented Visual Inspection
- Smart Everything (Buildings, Campus, Manufacturing, Cities etc)
- Remote Patient Monitoring
- Energy Management
- Fraud Detection
The Intelligent Edge should have relevant use cases in almost any sector. I hope that 2025 will see organisations explore the possibilities.
Evolved Data Strategies
As we continue to generate more data from all corners of the enterprise, we must ensure that we have a unified architecture that can simplify data access across hybrid cloud environments, ultimately enabling real-time insights, Artificial Intelligence and advanced analytics. I believe that data owners need to prioritise data portability and interoperability across cloud providers to ensure silos are removed and access becomes ubiquitous. This could be done by considering data fabric architectures to enable interoperability or using data mesh approaches with a decentralised architecture where data ownership is distributed among teams.
Some more details on this topic can be found here.
Investments in data observability platforms will be key to enabling the outcome of data-driven insights; without a clear understanding of what data exists, it will be impossible to establish that critical strategy. The days of keeping everything and putting it in the corner, out of sight, are behind us; we need to be brave, shine a light on all enterprise data, and make some critical decisions on its future value and usage. That might mean deleting it, consolidating it into a modern lakehouse, or developing data products for monetisation. Regardless of the outcome, I believe it is going to be foundational for every organisation to
For those already deep into the future use of data, I would expect increased use of synthetic data or the deployment of data masking tooling to enable more accurate testing while maintaining compliance and privacy requirements. One final thing that must not be forgotten is that training employees to leverage data effectively will be key to overall success. Let's ensure we bring everyone on the data journey.
Cost Optimisation
Costs will continue to be top of mind for every organisation in 2025. As our leader, Kyle Davies, says, "Every organisation strives to reduce costs, increase revenue, and delight consumers." Core IT functions are always going to be a large part of overall budgets and subject to significant scrutiny. When considering cost optimisation approaches, there are two key themes that are important to embrace.
Direct Cost Reduction
Direct cost reduction is the easiest to conceptualise, consider current expenditure and then reduce, replace or remove something and its cost is avoided; some examples could be:
- Cloud Cost Optimisation: Right-Sizing Resources, Adopting Spot Instances, Consider Hybrid Options
- Optimise IT Infrastructure: Server Consolidation, Refresh to Energy Efficiency Hardware,
- Optimise Data Storage: Data Tiering, Storage Consolidation, Data Reduction, data retention enforcement
While an easy route, we must be careful not to impact innovation or increase pressure on the operations of surrounding areas; this is why the second approach is key.
Innovation Based Returns
Innovation-based returns look at how technology can be adopted more effectively to bring forward indirect savings, increased revenue opportunities or improved security; some examples could be:
- Embrace Automation: Deploy Infrastructure as Code (IaC), Automated Monitoring, Self-Healing
- Streamline IT Operations: Consolidate Tools and Processes, increase training and enablement,
- Leverage Platform Capabilities: Evaluate native capabilities in existing platforms that could increase business agility, time to market, or customer relevance. Typically, this means leveraging your infrastructure platform’s core capabilities to their fullest intent, making them genuinely cloud-native.
Zero Trust Adoption
A decade on, from Forester’s John Kindervag coining the term and defining that primary principle: “Never trust, always verify.” we are still at relatively low levels of actual adoption. While full adoption remains rare, many organisations have implemented components (MFA, ZTNA, micro-segmentation) as steps towards comprehensive zero-trust frameworks. But even in these component deployments, we still see gaps, lack of MFA is still high on the list of cyber incident causes, and micro-segmentation of networks can be sporadic or incomplete. Analysts predict that Zero Trust will become the default security model for most enterprises by 2027, driven by regulatory pressures and advancements in automation. While this topic is broader than just Hybrid Platforms, core components are embedded into Secure Networking and Information Management. We must combine Cyber Maturity, Zero Trust Adoption, and AI Developer Trends (all detailed in this article) with core IT operations teams and build a strategy map for a complete Zero Trust. This won’t happen without this broader cross-functional buy-in. Otherwise, challenges like complexity and cost will continue to hamper adoption.
Network Digital Twins
Digital Twins are well known for helping with tasks like predictive maintenance, product design, process optimisation, and supply chain management in sectors such as manufacturing, aerospace, and utilities. I believe we need to apply these same principles to the enterprise network. Networks are analogous to human cardiovascular systems, critical to life, and extremely complex! One of the biggest challenges network teams face is maintaining a live view of the network and, therefore, being able to confidently predict the impact of a planned change.
Speaking to our customers, planned changes account for most network-related outages; if we can remove these by creating a live model of the entire network incorporating Intent, traffic forwarding, topology, and device data, we can arm teams with a place to test and validate. Ultimately, we can reduce outages that critically impact an organisation’s ability to deliver its core services. Modern solutions can reverse engineer your network design & configuration through auto-discovery and inventory reporting, creating a next-generation visualisation of flows, topology and devices to enable intent-based service-level designs aligned with the needs of the applications and services.
Skills Gaps
While we have discussed a lack of people to fill roles for a few years, I believe we will see a slightly different outcome in 2025 (and beyond). We will have many technically capable people in the market but face two new challenges. Firstly, this talent pool will have exited from the vendor ecosystem and may have salary demands that are not aligned with the general enterprise or corporate sectors. Secondly, these people will have the wrong skills to meet the modern demands. For example, great cloud platform people lack container skills or top-notch Oracle people who don’t work with open-source databases. The old challenge of having no people was hard to fix, as you had to start much earlier in education; this challenge should be seen as a great opportunity. We need to provide retraining for these competent people and unlock new value.
AI Developers (DevEx)
For organisations that rely on developing code, the developer's experience should be at the forefront of their minds. JetBrains defines DevEx as "Developer Experience (DevEx or DX) refers to the overall satisfaction and feeling of productivity that developers experience when interacting with software development tools, processes, environments, and platforms."
Building automated developer environments that leverage platform engineering concepts can significantly improve the time developers spend coding, reduce cloud spending, and increase the rate and security of code release. As we move into 2025, the use of AI to support these developers should be at the forefront of those responsible for DevX or Developer productivity. Safely doing this (no leaked code) will be key to ensuring we can unlock the full potential of development teams.
The two key benefits should be Enhanced Code Quality (code analysis, refactoring suggestions, error prediction) and Increased Productivity (code autocompletion, automated testing, smart debugging. This should allow developers to focus on high-value tasks like architecture and design.
Looking a little further out
To take things a little further, I created a view that, through the end of the decade, 12 things could become top considerations over the coming years. Without picking on prominent topics like Agentic AI and Quantum Computing (both interesting topics but ones covered in many places), I wanted to touch on two.
Deep Fake Challenges
I wrote a section on Deep Fakes back in August 2024 as part of my OCTO Retrospective LinkedIn Newsletter. The pace of evolution in this space is scary and we are already seeing real-world examples of criminals leveraging it to enhance attacks. Over the next 2-3 years, I expect the threat to rise so that deploying employee protections will be as normal as anti-virus or web proxies are today.
The good news is that technology already exists and will mature throughout 2025; specific industries are already adopting deepfake detection, and those dealing with identity, CNI, and banking are good examples. I would expect some acquisitions in this space to allow established players to bring protection to their products. Consider online meeting solutions like Teams and Zoom, which have real-time deepfake detection, or your telephony solution, which can detect fake voices by just turning on a new setting. Organisations need to start thinking about adopting such technologies along with the policies and processes that must go hand in hand.
Wireless Value Realisation
As the adoption of Wi-Fi 7 becomes mainstream, I expect organisations to turn to its advanced capabilities to unlock new value streams. The applications could be considerable considering the increased throughput, lower latency, more accurate locations and increased efficiency. Technologies like Augmented Reality (AR), Ultra-High Definition Video Streaming, Cloud Gaming and Industrial IoT will unlock a multitude of revenue-generating or experience-enhancing outcomes.
Understanding the organisational outcomes of these technologies will be key for IT leaders to justify the investment and then provide the value realisation back to the decision-makers. By starting to build these plans now, IT leaders can ensure strategic investments are not dead ends that lead to unrealised outcomes.
Conclusion
2025 is going to be an exciting year in the tech industry. The challenge facing CIOs will be placing the right bets, as we are faced with such a large scope of opportunities. I am looking forward to supporting our customers on these journeys and collaborating on the most strategic opportunities from all those presented above.
Contributors
-
Rob Sims
Chief Technologist - Hybrid Platforms