As organizations navigate an increasingly complex digital landscape, Joe Kim, CEO of Sumo Logic, and John Visneski, the company’s CISO, share their predictions for how technology and security practices will evolve in 2025.
From a more integrated DevSecOps model to the rise of autonomous AI agents, Kim foresees advancements that streamline workflows and foster collaboration across development, security, and operations. Meanwhile, Visneski envisions a future where AI-powered tools revolutionize security operations centers (SOCs) and security teams take the lead in embedding robust practices within enterprise applications. Together, their insights point to a year of innovation and transformation in the tech industry.
2025 Predictions from Joe Kim, CEO of Sumo Logic
"DevSecOps will evolve into an integrated model, where capabilities in observability and security will be embedded across the development lifecycle:
DevSecOps has been more of a vision than a reality as budgetary pressures and office politics regarding tooling and technologies prevented teams from collaborating.
In 2025, technology advancements and the unifying of ecosystems will relieve this pressure as DevSecOps evolves into an integrated model where Observability and Security capabilities become shared and embedded into the development lifecycle. Organizations will leverage AI-powered platforms that not only automate steps like security checks, compliance assessments and vulnerability scannings, but also pre-tagging context for Observability purposes directly into log files as a critical component of a well-functioning CI/CD pipeline. This approach will streamline processes and ensure quality, performance and security remain a shared responsibility across all teams.
There will be some initial stumbles, but ultimately we will see a rise of Agentic AI:
As development efforts using Generative AI to build better "mouse traps" occur throughout the industry, we will see rapid evolution of the technology on our way to achieve Agentic AI – AI that can operate more autonomously without much human intervention.
In 2025, we will see an increase in the number of autonomous agents that help in all areas of a business – development, operations, security, marketing, sales, customer success, etc. – and inevitably, these agents will eventually be consumable via marketplaces. New platform capabilities will rise to allow multiple of these autonomous agents to work, communicate or orchestrate with each other and with people."
2025 Predictions from John Visneski, CISO of Sumo Logic
"Integrating AI within the SOC will become essential, providing organizations with more efficient and effective security:
AI has proven to be a game-changer in threat detection and response, enabling organizations to become more efficient and secure. Utilizing AI in the SOC can also alleviate the strain on overburdened security teams, reducing burnout and stress. In 2025, organizations will be better equipped to identify true AI solutions that meet their business objectives as AI within the SOC is standardized and reputable AI-powered tools emerge. Security teams will also be taking a bigger role in AI initiatives across organizations as they build out the proper GRC mechanisms to vet and protect solutions.
Security teams will take the lead in applying DevSecOps to enterprise application security:
In 2025, security teams will actively support developers to drive DevSecOps practices, breaking down siloes between security and development teams to foster improved collaboration and vulnerability detection. The sophistication of modern threats requires enterprises to integrate security practices earlier within the software development cycle to prevent catastrophic losses. Security teams will play a key role in this shift by helping developers adopt security practices in a way that supports their workflow rather than hindering it. The friction between security and development teams will decrease next year, fostering the positive collaboration envisioned by implementing DevSecOps principles."