Industry executives and experts share their predictions for 2025. Read them in this 17th annual VMblog.com series exclusive.
By Blake Brannon, Chief
Product & Strategy Officer, OneTrust
While
the M.O. used to be maximizing the collection and use of data, many companies
are now shifting their strategies to responsibly collecting and using data. But
managing data responsibly has never been more complicated or difficult.
Organizations are up against:
-
The expanding
regulatory landscape, with new and evolving privacy and AI laws
-
The acceleration of
generative AI adoption and deployment, with growing pressure to show return on
investment (ROI)
-
Data sprawl-petabytes
of data spread across the business without visibility into where it lives, what
type of data it is, or how it's being used
These challenges have been a catalyst for
change across privacy, risk, and compliance. In the next year and beyond,
businesses will undergo organizational transformations, embrace new tools and
technologies, and design future-proof processes that support the underlying
goal of using data and AI responsibly.
With this in mind, here are a few of my
predictions for 2025:
Compliance demands will unify
teams across the business
The days of privacy, security, legal, and IT teams
working in isolation are long gone. Today, due to several key catalysts,
compliance must involve stakeholders from every corner of the business.
Businesses are no longer dealing with static
regulations. As supervisory authorities and legislators across the world
continually revise, expand, and refine legal frameworks to meet technological
and societal demands, organizations are faced with a moving target. And it's
not just privacy laws. The rise of AI and machine learning has led to a
proliferation of new requirements, implicating everything from ethical AI use
to data transparency.
It's a growing challenge to stay ahead of - or to
simply just keep up with - an increasingly complex backdrop of legal
frameworks. Fuelled by a rapid rise in AI usage and the need to maintain
compliance with the world's 130+ privacy and data protection laws,
organizations are designing integrated and cross-functional risk management
strategies that allow them to navigate this dynamic landscape.
The way compliance is effectively operationalized in
the business has also changed. Historically, compliance was a surface-level
exercise executed mostly in legalese. It focused on the management of risk with
minimal technical control implementations. Now, due to the advancement of
technologies and their associated risks, achieving regulatory compliance
requires an approach rooted in enforcement. Implementing active policies,
continuous monitoring, and data controls that reach deeper into the operations
of business could not be achieved without cross-functional collaboration.
AI agents will usher in a new
age of scalable privacy and compliance
In 2025, specialist AI agents for privacy and
compliance are poised to transform how organizations meet their regulatory
obligations.
As AI technology advances, organizations are starting
to deploy AI agents - intelligent software systems capable of autonomous
actions and decision-making - across operational workflows. These AI agents can
perform routine tasks and manage complex datasets, bringing a new level of
efficiency and scalability to business processes.
Several converging factors are prompting organizations
to adopt AI agents for privacy compliance. Privacy teams today navigate a
complex regulatory landscape, where new digital regulations expand compliance
responsibilities beyond traditional data protection laws. Adding to this
complexity is the sheer volume of data generated daily - traditional compliance
methods simply can't keep up with the scale and speed of today's data flows.
Specialized privacy-focused AI agents offer a powerful
response to these challenges. With their ability to process large volumes of
data, handle sensitive tasks, and automate compliance processes, privacy agents
will be able to supplement human efforts and enhance operational efficiency.
Organizations have long felt the need to automate more and rely less on manual
processes to stay ahead of compliance demands. Over time, privacy agents will
meet this need by autonomously tracking regulatory changes and implementing
necessary policy adjustments in real time.
Privacy, compliance, and risk management teams will
increasingly rely on dedicated privacy agents to extend their oversight as data
processing demands grow. These agents autonomously interact with other
operational AI systems, performing real-time compliance checks, validation, and
monitoring as data flows through various touchpoints. By embedding directly
into these systems, privacy agents help maintain regulatory alignment even as
workflows accelerate, marking a pivotal shift in how AI augments human expertise
to enhance business operations.
The symbiotic relationship between privacy agents and
broader operational AI ecosystems will be foundational to responsible data and
AI use. Privacy agents enable scalability, offering a level of automation and
agility that can keep pace with complex regulatory requirements at scale and
speed. This evolution will enable organizations to innovate more freely while supporting
responsible, well-managed data practices.
Companies embrace data
governance to drive AI ROI
The convergence of AI and data governance is becoming
essential not only for ensuring data integrity and ethical AI use but also for
maintaining compliance with evolving privacy regulations.
AI models often depend on vast datasets stored in data
platforms, and many organizations are now facing the challenge of building
robust data governance frameworks to manage them. With data governance becoming
a foundational element for AI's success, organizations will begin to adopt a
unified orchestration of purpose-based access policies to complement the
privacy-first architectures found within these data platforms.
In response to these growing demands, data storage
platforms are integrating more advanced intelligence and governance
capabilities into their offerings. According to a recent report, Snowflake saw
usage of every data governance feature increase by 70%-100% year-over-year
between 2023 and 2024. This is reflecting a broader industry trend where
organizations are turning to data platforms that offer not just storage and
processing capabilities but also embedded governance features that simplify
compliance and streamline data management.
Looking to the future, data governance teams will need
to transition from simply providing access to data sources to creating reusable
data products for internal stakeholders. By allowing AI and analytics teams to
work more efficiently with high-quality, governed data, organizations can see a
stronger ROI from their data initiatives.
The organizations that succeed in this space will be
those that prioritize building scalable, automated governance frameworks that
not only ensure compliance but also support the speed and performance required
for AI workloads.
##
ABOUT THE AUTHOR
Blake Branon is Chief Product and Strategy Officer at OneTrust, overseeing all aspects of OneTrust’s strategy, product offerings, technology partnerships, and sales engineering teams responsible for defining the privacy, security, and governance market and OneTrust’s capabilities.