Industry executives and experts share their predictions for 2025. Read them in this 17th annual VMblog.com series exclusive.
By
Andrea Malagodi, CIO, Sonar
With AI leading the charge in innovation this
year, it's no surprise that in 2025, we'll continue to see this technology
advance and play a vital role in software development. Our increasing reliance
on software in our daily lives, too, will only serve to foster AI advancement
in code generation.
As a company dedicated to helping developers
maintain code quality and security, I and several other colleagues came
together to discuss how we see AI transforming the software development
landscape -and how that landscape relies on an organization's ability to write
and release high-quality, error-free code. Here are some of our perspectives
for next year:
Developers Will Embrace Automated Testing Tools to Ensure
AI-Generated Code Quality
1. We should
embrace AI innovation to benefit the future trajectory of software
development. AI-generated code and testing tools can amplify developers'
productivity, enabling them to focus more on projects that align with
broader business goals. However, AI is a complement, not a replacement, of
developers' skills, and business leaders must recognize this important
distinction. The activity of conceiving, designing, and architecting a
system or a feature is not only a coding detail, it is a craft and should
not be ignored.
Humans must remain
integral to the testing and verification process, whether the code is
AI-generated or written by developers. The demand and rising use of AI in the
coding process means developers are writing more code, all of which must be
tested for security and quality. At a minimum, all code should undergo rigorous
testing, with multiple control checks established by developers to trust and
verify code at each stage of development.
While AI will
continue to boost developer productivity in the coming years, if underlying
issues in the code development process aren't addressed, more AI-generated code
will only lead to more code to fix. Software teams need to utilize trusted,
automated code testing tools and apply a human lens and critical thinking to
ensure the delivery of high-quality code they can be confident in. - Andrea Malagodi, CIO
"Starting Left" Will Take a "Shift Left" Approach One
Step Further
2. We can't
ignore the importance of teams incorporating early testing and analysis in
the development process. Only by catching issues and vulnerabilities
quickly from the very beginning can they have confidence in the software
they deploy. I believe more organizations will come to this realization
next year and we will start to see a real move from a "shift left"
approach to "start left" - taking the concept a step further to ensure the
security, viability, and longevity of software as code is written and developed.
Especially as AI
adoption grows to boost code writing, code quality and detecting
vulnerabilities should remain at the top of companies' priorities for 2025,
making a proactive investment in security tools and methods to mitigate
business risks. Doing so enables teams to significantly reduce the risk of
critical vulnerabilities and save themselves time as well as increase
productivity. By adopting robust code quality measures early, companies can
prevent vulnerabilities, safeguard data, and maintain compliance, reinforcing
AI's value in the development process. - Johannes Dahse, Head of R&D
A "Trust and Verify" Approach Will Bolster Code Quality
Assurance in the Age of AI
3. AI is
already transforming the way developers work, streamlining processes and
alleviating the repetitive nature of writing code. By 2027, 70% of professional developers will be
using AI-powered coding tools. Google's CEO recently said that already
more than a quarter of all new code at Google is generated by AI. However,
as adoption grows, a major challenge is emerging: code accountability. AI-generated
code must undergo rigorous review to identify potential security
vulnerabilities and quality issues early on - before they can lead to
costly problems. Yet, the responsibility for ensuring this review often
gets overlooked.
In 2025, as AI tools
become essential for developers, they'll need to take greater responsibility
for code accountability. By integrating a "trust and verify" approach
early in the Software Development Life Cycle, developers can save time and increase
their capacity to tackle large-scale projects that drive business success. The
same level of scrutiny applied to human-written code must be extended to
AI-generated code. With human oversight embedded throughout the workflow,
development teams can ensure that AI-driven code meets established quality and
security standards. - Tariq Shaukat, CEO
Business Success Will Depend on the C-Suite Putting
Software Center Stage
4. Next year,
we will see more executives and boards of directors put "software as a
critical business asset" to the top of their agenda. When bad code costs
organizations $2.41 trillion in the U.S. alone, it
shouldn't be a question anymore of how important software is to business,
but how do we ensure it is a competitive differentiator and doesn't put
our business at risk?
Organizations strive
to protect their codebase against risks, yet often, the focus on code security
tends to emerge later in the development lifecycle rather than as an initial
investment in secure-by-design practices. I believe we will see the C-suite mindset
shift to see software in a new strategic light and build software quality into
the fabric of the way business is done. Especially as AI-generated software
development continues to pick up steam, it is the responsibility of CEOs and
boards to put mechanisms in place that uphold and maintain code quality and
security during development. The future of digital business depends on it. - Tariq Shaukat, CEO
Channel Partners Will Provide AI Integration Solutions
for Developers
5. This past
year, all the buzz was about AI. Companies are looking to AI for
innovation and efficiency. The question is, how do we take advantage of
the promise of AI and get measurable business-impacting results? My
prediction is that channel partners will bring the answers and the
solutions. Especially when it comes to ensuring proper integration of AI
in the software development lifecycle - partners have a tremendous
opportunity being that they're so in tune with the industry, what
technology problems to solve, and what solutions can address them best. It
would be great to see some sort of metric around Return or AI investment,
possibly R.O.A.I.I if you will. - Jim
DeCarlo, VP of
Channel, AMERS
This year, we watched AI dominate
conversations about the future of software and, consequently, how software
development is done. As this technology advances and becomes a central part of
the Software Development Life Cycle (SDLC), developers and organizations that
employ AI tools will need a sound strategy to ensure quality and security stay
intact. This includes leading with a "trust and verify" approach to ensure what
is being deployed is high-quality, adds value to the business, and lasts
long-term. Organizations should make 2025 the year in which code quality and
security takes center stage. By prioritizing that, they'll put themselves in a
place to succeed not just next year but in the years to come.
##
ABOUT THE AUTHOR
Andrea Malagodi is
the CIO at Sonar. Andrea joined Sonar in 2021 after having worked at J.P.
Morgan Chase & Co. as a CTO for over two decades, leading global technology
teams across Private Banking and Consumer Banking. Andrea's role at Sonar spans
IT Operations, Information Security, Data Ecosystem, and Product Engineering,
helping lead and enable the company to scale.