IDC FutureScape: Top 10 Predictions for the Future of Trust

• This IDC study presents IDC's top 10 predictions for the future of trust in 2023 and beyond.

• Regions Covered: Worldwide

• Topics Covered: Cloud-based partners, Future of trust, Governance, risk and compliance infrastructure, Human capital management, Messaging security, Regulatory compliance, Risk management, Security management, Software as a service, Technology buyer

With the growing prevalence of cloud-based services greater volumes of data are being collected and analyzed, driving the need for more automation to provide insights into the data as well as artificial intelligence innovations that promise to alleviate pain points experienced by organizations and their customers.

At the same time, as cyberthreats increase in number and sophistication, consumers are more aware of and sensitive to data breaches. Privacy by Design principles are being re-evaluated as customers become more curious and cautious about how their personal information is used. And, while rules and regulations regarding where and how data is stored and transmitted are changing, businesses recognize that their customers cannot tolerate disruptions to the digital infrastructures that undergird their work and daily lives. All this uncertainty is prompting organizations to turn to "the certainty of data."

"The relationship between data-driven insight and trust is cyclical," said Grace Trinidad, research director Future of Trust at IDC. "Customers confer trust onto organizations that transparently share data-driven insights, but trust is a prerequisite to overcome consumer reluctance to share the personal data required to generate high-quality organizational insight."

In its top 10 Future of Trust predictions, IDC sees the thread of data-driven insight running through privacy, security, compliance, risk, and environmental, social, and governance (ESG) – the elements comprising the Framework of Trust.

IDC's top 10 predictions for the Future of Trust 2022 are:

Prediction 1: By 2026, 30% of large enterprise organizations will migrate to autonomous security operations centers accessed by distributed teams for faster remediation, incident management, and response.

Prediction 2: By 2024, 35% of organizations will employ a privacy engineer to operationalize Privacy by Design principles into IT systems, processes, and product development strategy.

Prediction 3: By 2024, 30% of heavily regulated organizations will adopt confidential computing technologies to combine and enrich sensitive data critical to multiparty compute applications while preserving privacy.

Prediction 4: By the end of 2024, 65% of major enterprises will mandate data sovereignty controls from their cloud service providers to adhere to data protection and privacy regulatory requirements.

Prediction 5: By 2026, driven by steep regulatory growth, talent gap, and cost efficiency measures, 40% of organizations will invest in compliance-as-a-service offerings to meet their regulatory mandates.

Prediction 6: By 2027, 60% of G2000 companies will adopt continuous risk assessments over annual security audits, leveraging service providers to limit the burden of policies, practices, and technical debt.

Prediction 7: By 2025, the SEC will publish standards for cyber-risk scoring, and publicly traded companies will be required to update and report this score on an annual basis.

Prediction 8: By 2024, 30% of organizations will advance their ESG metrics and data management beyond reporting capabilities to generate sustainably driven cost and competitive advantages.

Prediction 9: By 2024, 75% of large enterprise firms will implement purpose-specific ESG data management and reporting software as a response to emerging legislation and increased stakeholder expectations.

Prediction 10: By 2025, 45% of CEOs, fatigued by security spending without predictable ROI, will demand security metrics and results measurement to assess and validate investments made in their security program.