SMARTCOM CONSULTANTS

Top 5 AI Predictions From Experts In 2025
Tor Constantino, MBA
Contributor
Tor Constantino is an ex-reporter, turned AI consultant & tech writer.

Dec 31, 2024,02:01pm EST
Updated Jan 1, 2025, 12:35am EST

While no one has a crystal ball to predict the future — the future of AI in 2025 looks bright.

The past 12 months have seen major advances across AI. These include everything from the buildout of massive supercomputers for ongoing AI training to large language models learning how to use computers as well as AI’s expansion into internet search and real-time political polling details.

For this piece of prognostication perspective, five experts were asked to independently share their top three AI projections.

Based on the insights gleaned from this handful of AI experts, 2025 looks to be even more revolutionary for the sector than 2024 with some surprising predictions and trends likely to develop through the end of the new year.

AI Agents Come Of Age

Virtually all the experts mentioned the rise of AI Agents — computer programs that can think, learn and act autonomously — as the most significant trend to watch for in the coming year.

Pascal Bornet is an award-winning expert, keynote speaker and author — his latest book, IRREPLACEABLE: The Art of Standing Out in the Age of Artificial Intelligence, distills his research into practical strategies. He says 2025 will push the AI boundaries beyond our expectations.

“Agentic AI will redefine autonomy. These systems won’t just respond — they’ll take initiative, anticipate needs and act independently, solving problems before we even notice them, becoming indispensable collaborators in both work and life,” Bornet shared in an email.

MORE FOR YOU
Ukraine’s Newest Leopard 2 Brigade Began Disintegrating Before It Reached The Front Line
New Orleans Truck Attack: AG Argues Sugar Bowl Should Be Postponed Again (Live Updates)
Apple Watch Series 10 Price Slashed To All-Time Low In New Sale

Ben Torben-Nielsen, Ph.D., MBA, is an internationally recognized AI consultant for businesses with two machine learning patents. He agrees that AI agents hold transformative potential but with a twist — when combined with cheaper small language models.

Forbes Daily: Join over 1 million Forbes Daily subscribers and get our best stories, exclusive reporting and essential analysis of the day’s news in your inbox every weekday.

By signing up, you agree to receive this newsletter, other updates about Forbes and its affiliates’ offerings, our Terms of Service (including resolving disputes on an individual basis via arbitration), and you acknowledge our Privacy Statement. Forbes is protected by reCAPTCHA, and the Google Privacy Policy and Terms of Service apply.

“To solve a business problem, managers need a dozen tools stitched together. Apart from coding, there is little integration of generative AI into any other workflow. Agentic AI — especially combined with smaller language models — offers a solution by letting AI actually use those tools. This is where the real potential lies,” explained Torben-Nielsen in an email.

While Eduardo Ordax — who has more than 10 years experience in the space focusing on big data, analytics and artificial intelligence working for internationally recognized leaders within the space — predicts AI agents could triple certain gains realized from large language models.

“While current LLMs can help boost productivity by 20-30%, AI agents could potentially double or triple these gains in specific use cases. This shift towards more autonomous AI systems will likely drive broader adoption across industries by streamlining operations and reducing costs,” Ordax stated in a text message.
AI As A Competitive Advantage

Ahmed Banafa, Ph.D., is a technology expert and engineering professor at San Jose State University who shared in an email that generative AI will be safely and securely integrated into enterprise software.

“Businesses will leverage these models for content creation, customer interactions and workflow optimization. This shift is driven by advancements in AI capabilities and their increasing cost-effectiveness, making them crucial for maintaining a competitive edge across various sectors,” explained Banafa.

Julia McCoy, who started her own hybrid AI tech consultancy, First Movers, wrote in a text message exchange that her AI clients are seeing incredible gains — putting them at a distinct advantage over competitors.

“Companies that successfully implement AI-led processes will be able to reduce their workforces by 95%+ while maintaining or increasing output. We'll see examples of $100M+ companies operating with just two or three people assisted by agentic AI systems. This represents a fundamental reshaping of how businesses operate and where value accrues,” she wrote.

Torben-Nielsen was even more dire and direct for AI dismissers.

“Ignoring AI might put your company out of business. We have seen a similar wave of closures when companies did not adopt e-commerce and it will happen with AI as well. While not an immediate extinction, failing to plan for AI now creates issues down the line. As PwC wrote, ‘Your AI strategy will put you ahead — or make it hard to ever catch up’,” he added.
AI Expenses Will Likely Increase — A Lot

He was also the only expert to forecast a sharp price spike for companies looking to integrate AI in 2025.

“Operating AI is about to get much, much more expensive. First, high-end models will be priced at a premium; OpenAI is experimenting with this and others will follow. Second, while cost per token — the text-based building blocks LLMs use for queries and base pricing on — is plummeting, for other models, increased adoption will cause token usage to skyrocket, which will drive operational costs. Many companies will be facing unexpectedly hefty bills as they likely underestimated operational AI budgets for 2025,” cautioned Torben-Nielsen.

AI Integration With Robots

Bornet and Banafa both mentioned that AI will likely breakout from desktop and mobile devices — moving into mobile robots that we’ll be interacting with much more frequently in the real world.

“Robots will no longer feel futuristic but everyday; wearables and smart devices will merge seamlessly with our environments, making AI a tactile and visible presence. These advancements will tackle ever more complex challenges, from global logistics to personal accessibility, laying the groundwork for a better, more equitable world,” wrote Bornet.

“AI systems capable of processing and integrating diverse data types — text, images, audio and video — will achieve a significantly deeper level of contextual understanding. This will enable more human-like interactions and revolutionize applications in fields such as education, healthcare and entertainment. This progress will be fueled by advancements in computational power and the growing availability of large, multimodal datasets,” expounded Banafa.

Adoption Of Tougher AI Regulations

Banafa was the only expert who discussed the topic of AI regulation — specifically mentioning a regulatory crackdown is likely coming.

“Global AI regulations will become more stringent, emphasizing transparency, ethical use, and accountability. The need to address biases, data privacy and the potential for misuse will compel companies to prioritize compliance alongside responsible innovation. This may somewhat slow unregulated progress but will ultimately ensure safer and more trustworthy AI applications,” he concluded.

AI Consolidation And Shakeouts

While Ordax referenced the likelihood of shifting business models and potential mergers among generative AI providers to remain competitive themselves.

“Currently, training and running LLMs require huge investment in expertise, data collection and compute. To become profitable, many AI labs will transition from being pure LLMs providers to offering software solutions that directly serve end users. This transformation will probably lead to market consolidation, with a few major AI research companies dominating the field,” he concluded.

Forbes5 Critical AI Legal Issues Every Business Must Navigate
By Tor Constantino, MBA
Follow me on Twitter or LinkedIn.
Tor Constantino, MBA
Tor Constantino, MBA

QUOTED FROM FORBES MAGAZINE ON-LINE Jan 1, 2025

12 CIS Experts' Cybersecurity Predictions for 2025

The 2024 general election...the CrowdStrike Falcon outage...insider threats from nation-state actors — these developments created new risks for organizations like yours in 2024. In doing so, they shifted the conversation around your cybersecurity priorities going forward.

There's so much change in the cybersecurity field to decipher. Where do you focus your efforts?

To put next year into context, we spoke to a dozen experts at the Center for Internet Security® (CIS®) about their cybersecurity predictions for 2025. Here's what they had to say.

Marci Andino | VP of the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®)

While the increase in attention generated by a presidential election is over, election officials will continue to experience the impact of generative artificial Intelligence (GenAI). GenAI makes it easier, faster, and more economical to create higher quality phishing emails. But it’s not all bad news. There will likely be more positive uses of the technology, as well.

The EI-ISAC will also continue to adapt to multidimensional threats in order to better meet the needs of our election members. Cyber attacks on critical election infrastructure can be combined with information operations, physical attacks, and election disruption tactics to impact election operations.

Sean Atkinson | CISO

Sean AtkinsonZero Trust Enablement with the Focus for 2025 on Identity: The emphasis on unauthorized access and privilege escalation will act as a catalyst to drive a robust assessment of identity management and drive adoption of zero trust security models.

AI-Enabled Attack and Defense: We will continue to see new artificial intelligence (AI) capabilities and maturity in this space as attackers integrate this capability into sophisticated attack strategies and defenders/vendors integrate better models into defensive capability.

Supply Chain Risk Management: An increased focus on assessment strategies for vendor due diligence, vendor alignment to more robust security compliance frameworks, a start of the "shift left demand" from the customer base, as well as organizations and thought leaders building governance assessment models for AI integrations into products and services.

 
Jason Emery | Director of Cybersecurity Advisory Services Program

AI-Assisted Cybersecurity Tools: I believe we will see the continued evolution of AI-assisted cybersecurity tools that help offset the lack of cybersecurity professionals in smaller U.S. State, Local, Tribal, and Territorial (SLTT) government organizations. These tools will provide operations-oriented IT staff the ability to manage and secure their environment even while overwhelmed by the daily tasks of “keeping the lights on.” Managed service providers (MSPs) and managed security service providers (MSSPs) will also leverage these tools to become nimbler and to stretch their limited human resources further when supporting their clients.

Governance Focus in K-12: In my work, I see many small- to medium-sized K-12 school districts starting to focus more on formalizing their cybersecurity programs, including governance from the top down. Many district superintendents and school boards are realizing the importance of top-level support in these programs. A good cybersecurity program is not just an IT concern but is, in fact, a strong business concern. I see districts implementing proven cybersecurity controls like the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) and the CIS Critical Security Controls (CIS Controls) more in the coming year to help them be strategic in their efforts and investments.

IT-OT/ICS Convergence: IT and Operational Technology (OT) / Industrial Control Systems (ICS) will continue to see more convergence. These systems are used to manage our water, wastewater, power, etc. Traditionally, these platforms have remained outside the IT environment. I see more of these systems being connected to the general network for remote management, additional capabilities, etc. This adds cybersecurity risk to these environments. We will see more emphasis being placed on proper vulnerability management, threat detection, and cybersecurity frameworks for OT/ICS environments. They key to success will be to take into account the unique nature of these systems to avoid affecting uptime negatively.

Don Freeley | VP of IT Services

Zero Trust Advances in the Enterprise: Embracing a zero trust approach to securing company assets, access, and systems will gain momentum in organizations of all size in 2025. Employees and customers demand access to resources and data from multiple locations and devices. Each link in the access chain needs to be treated as untrusted, with access and authorization continuously verified. Secure websites or VPNs, even with MFA enabled, are not enough to prevent unauthorized access, data loss, and exfiltration.

Secure by Design Becomes Part of IT’s DNA: Recent high-profile security breaches will drive adoption of secure by design principles in IT projects. The idea that security can be bolted on to a service or project at the end has shown itself to be hard and inefficient. Incorporating security, compliance, and governance into early stages of a design leads to better overall outcomes and helps foster a culture of security across the organization. IT organizations will accelerate the move in this direction in 2025.

Stephen Jensen | Sr. Director of Plans, Programs, & Exercises

2025 is bringing with it more connected devices than ever before. The Internet of Things (IoT) has revolutionized how organizations collect data about the day-to-day lives of their customers and employees. The intersection of conventional networks with wirelessly enabled devices of all sizes and types creates new avenues for attack as well as new areas of focus for security professionals. Securing these connected devices by using network segmentation, improved network protocols meant for these types of connections such as Wi-Fi HaLow, and ensuring that your devices are patched and updated when available will help to keep your environments secure.

Angelo Marcotullio | CIO

Training and adhering to basic cybersecurity practices ensure that even non-technical staff can recognize and mitigate risks. Cyber attacks such as phishing, ransomware, and malware often exploit human errors, making employees the first line of defense. By focusing on these basics, employees help safeguard the organization’s reputation, financial stability, and customer trust. Moreover, prioritizing cybersecurity fosters a culture of responsibility and awareness across the workforce. Employees who are vigilant about spotting suspicious activities and following security protocols not only protect themselves but also contribute to the organization's overall resilience. This collective effort minimizes the likelihood of successful cyber attacks and demonstrates the organization’s commitment to safeguarding its stakeholders. Empowering all employees to recognize and report potential cybersecurity attacks can lead to the prevention of cyber attacks.

Lee Myers | Sr. Director of Security Operations

Consolidation of Operations: For many years, there has been a rush to spend cybersecurity funding to bring in the latest and greatest technology to aid in cyber defense efforts against an ever-evolving cyber attack ecosystem. Organizations' technology footprint now exceeds their ability to successfully leverage the tools "in house," with them relying on third-party consultants or service providers to utilize these tools and leverage the collected data on their behalf. As expertise grows within these organizations and a more mature cyber strategy emerges that aligns with business or organization goals, we will see a reduction in redundant or unused technology within individual organizations. This will lead to increased efficiency and impact from the tools that remain, with resources being reprioritized for their use and the value that they bring to the organization.

Lee Noriega | Executive Director of Cybersecurity Services Organization and Acting General Manager of Sales and Business Services

The security risks of AI will continue to be a huge area of concern for many organizations.

Cybercriminals will continue to leverage AI to enhance the sophistication and scale of their attacks.
AI-Generated phishing emails and adaptive malware will make it increasingly difficult for traditional security measures to detect and mitigate threats.
AI will contribute to the evolution of ransomware, increasing the speed and precision of these attacks as well as making them more difficult to defend against.
The combination of social media and generative AI will enable more sophisticated scams and impersonations.
As AI tools become more integrated into business operations, there will be a growing risk of data breaches caused by improper use of these tools.

Randy Rose | VP of Security Operations & Intelligence

Increased Uses for Quantum Outside of Research: In 2025, expect to see application of quantum computing outside of the university research lab. Advances in quantum are expected to challenge current cybersecurity measures by potentially breaking common cryptographic algorithms. In response, there will be a surge in adopting quantum-resistant algorithms (aka post-quantum cryptography) to protect sensitive data across all industries. Additionally, quantum computing will enhance threat detection and predictive analytics; it will be marketed as a means to enable a shift from being reactive to being proactive. In software development, quantum computing will drive innovation in algorithm design, improving efficiencies in code execution and problem-solving capabilities. Expect well-resourced early adopters to start implementing soon and less resourced followers to face technical and financial challenges in updating systems to keep up pace.

Evolution of IoT and Edge Computing: The industry continues to move from the cloud to the "fog" of edge computing, placing data processing closer to the data source and even using crowdsourcing techniques of other nearby devices. This is going to put an increased focus on IoT as an increasingly attractive target for attackers, as one of the biggest beneficiaries of edge computing is the IoT device handling real-time data. IoT devices are now ubiquitous; they're found throughout homes and businesses globally, including smart appliances, HVAC systems, solar and other power systems, and smart speakers, to name a few. As the attack surface for IoT grows, so too will the need for IoT security tools, frameworks, and best practices.

Focus on Socio-Political Impacts of Emerging Technology: While AI and machine learning (ML) have been around for a long time now, their use historically was mostly hidden from the public consumer. That changed in November 2022 with the public release of ChatGPT followed by other large language models (LLMs). We're now leaving the honeymoon phase and beginning to shift focus onto what we've learned these past two years on the social, political, and technical impacts of GenAI. Expect more research on the impact of GenAI on everyday life, the use of GenAI to augment skills that once took years to hone (such as coding), and the democratization of creative works. There will be significant challenges to intellectual property claims and authenticity which we may start to see play out in court in 2025. Based on the way the models are trained, some LLMs have been shown to widen existing gaps in equity and increase digital repression. While GenAI has the potential to enhance learning and accessibility, without proper oversight, it risks deepening the digital divide, supercharging disinformation and information operations campaigns, and amplifying global concerns around human rights.

Marcus Sachs | SVP, Chief Engineer

Artificial Intelligence: In 2025, artificial intelligence (AI) will play an even larger role in cybersecurity, both for good and bad. Attackers are likely to use AI to automate attacks, create adaptive malware, and avoid traditional detection methods. Unlike manually controlled attacks, AI-powered adversaries will use adaptive algorithms to change and carry out attack strategies in real time. These strategies could adjust based on what they detect and exploit, making it harder for defenders to keep up. Meanwhile, defenders will also increase their use of AI to improve threat detection, anomaly spotting, and predictive analysis. This AI "arms race" will redefine how attackers and defenders tackle cybersecurity.

Compliance and Regulation: As AI systems become more common, cybersecurity issues related to data privacy, manipulation of AI models, and misuse of AI-generated content will grow. To address this, compliance frameworks will be introduced to ensure organizations secure their AI training data, model accuracy, and interactions with users. This new focus on "AI security compliance" will push companies to improve defenses around AI models, reducing risks of disinformation, theft of intellectual property, and misuse of sensitive data in AI systems. Beyond AI, traditional regulatory actions will impact critical infrastructure, with governments likely to enforce minimum cybersecurity standards and response protocols to boost resilience against physical and cyber threats. Expect new policies requiring cybersecurity education and proactive risk assessments for critical infrastructure to mitigate major risks. Cyber-Informed Engineering principles may gain traction as an essential tool for embedding resilience into critical systems.

Cloud Security: With more organizations moving data and operations to the cloud, there will be greater attention on cloud security and data location. In 2025, new laws may require that sensitive data stay within national borders, affecting how companies manage and store data across regions. This emphasis on data sovereignty will lead companies to adopt multi-cloud strategies to stay compliant with evolving regulations while ensuring flexibility and security. As businesses and critical services become increasingly dependent on cloud services, some countries may prioritize cloud availability in national emergency plans, recognizing that stable cloud access is mandatory for crisis management. This shift could lead towards the establishment of a new program like Cloud Service Priority (CSP), treating cloud infrastructure as important as utilities like electricity and telecoms.

Zero Trust: Zero trust architectures, which do not assume any inherent trust within or outside an organization’s network, will likely become the default approach for cybersecurity in organizations with hybrid or remote workforces. As employees work from various locations on different devices, zero trust will gain importance for securing both on-premises and cloud environments. This approach will drive investments in identity and access management, endpoint security, and continuous monitoring technologies, changing how companies secure both internal and external access.

TJ Sayers | Director of Intelligence & Incident Response

A Bolstered Cybercriminal Market for Phishing as a Service Models. AI-Driven tools have all but eliminated classic human errors within traditional social engineering activity. Typos and formatting mistakes in text-based phishes are increasingly rare, and advanced voice and video deepfakes are near-indecipherable from reality. Exploiting the human as an initial attack vector still reigns supreme, and customizable phishing kits under a fee-for-service model will lower the bar of entry for threat actors and greatly increase their social engineering successes against end users.

My predictions from last year will also apply in 2025. Ransomware and associated extortion-based threats will undoubtedly remain the leading and most disruptive threat facing SLTTs, and blurred lines between threat actor groups will grow increasingly opaque.

Valecia Stocchetti | Sr. Cybersecurity Engineer, CIS Critical Security Controls

AI Embedded in Software: AI has exploded in many ways over the past 1–2 years. This rise in the use and abuse of AI will likely continue to grow in 2025. Organizations will face many complex challenges because of this. For one, vendors will continue to embed AI features into their software and applications, producing a forcing-function for organizations to either adopt or drop these new features. In some instances, these AI features can't be turned off or removed. Organizations will need to be vigilant in what is acceptable risk in terms of using AI features. Questions to ask include the following: Where is my data being stored? Is it being kept confidential and is it protected? Am I still in compliance with certain regulations I need to comply with? Regulations on AI are still emerging. It remains to be seen whether end-organizations will be able to keep up with demands on the vendor side.

AI-Based Threats: On the other hand, AI-based threats will continue to grow, impacting both our personal and professional lives. Organizations will face an increase in phishing attacks created with AI, making them more lifelike and less like the former “Nigerian prince” email scams we once solely faced. This means that users will need to be even more observant and, more importantly, “think before they click.” According to the 2024 Verizon DBIR, human elements are still responsible for 68% of data breaches. While that figure may have fluctuated somewhat over the years, it still remains quite high. Organizations will need to continue to implement a defense-in-depth strategy in order to block these threats and prevent themselves becoming tomorrow’s news headline.

AI For The Better: While AI can pose all sorts of “doom and gloom” in the cybersecurity world, it can also do a lot of good. Depending on the technology, we can become more efficient at our jobs, reducing the need for manual work. For example, it can help us with intrusion prevention systems so that we can detect and prevent the less “noticeable” threats as well as reduce the rate of false positives. There is also the benefit of AI models learning from the data that is fed into the system, making it (hopefully) more effective.

Overall, AI will continue to spark innovation, bring about new threats, and continue to raise privacy concerns. As with anything in the field of technology, it’s a balance between usability and security. This is why it is important for organizations to:

Practice due diligence when it comes to vetting software vendors
Consider the benefit that AI can bring and weigh it against the risk
Keep up to date with emerging threats

Stay Current with Multidimensional Threats

The predictions above are what stand out to us. They're not all-inclusive of everything that's changing in cybersecurity. If you think we missed something, let us know on Twitter, LinkedIn, or Facebook.

You then need to focus on keeping up with all the changes discussed in the blog post. One of the ways you can do this is by taking a proactive approach to understanding new developments among cyber, physical, and hybrid threats. To simplify this process, we created ThreatWA™. It brings together the expertise of CIS analysts to illuminate emerging multidimensional threats that matter to you.

Ready to stay aware and protected with clear, actionable threat insights?

QUOTED FROM CENTER FOR INTERNET SECURITY DEC 2024