Ten Predictions for Where AI and Software Are Headed

Every few years I capture a snapshot of where I think things are going. The goal isn’t clairvoyance. It’s documenting patterns that seem durable and revisiting them later to see which ones held up. These aren’t moonshots. They are practical shifts already forming in the market.

Here are my top ten predictions for the next two to three years.

1. AI becomes embedded in everything

AI stops feeling like a separate tool. It becomes part of every workflow, service, and platform. Most people will interact with AI through the products they already use rather than dedicated chat interfaces.

2. Compliance becomes an engineering function

The separation between compliance, risk, and engineering narrows. Controls move into pipelines, infrastructure modules, and platform services. Treating compliance as an engineering problem becomes the normal way companies operate.

3. Fewer vendors; more in-house automation

AI-driven automation reduces the need for sprawling vendor ecosystems. Companies rely more on internal agents, internal pipelines, and custom logic rather than dozens of SaaS tools that exist solely to shuffle data between systems.

4. A partial pivot back to data centers

Cloud remains dominant, but cost pressure and predictable workloads push some organizations back toward on-prem compute. Specialized hardware for AI inference and control over data locality make hybrid strategies more appealing.

5. Security becomes a platform product

Platform teams absorb a significant portion of application security. IAM baselines, ingress patterns, policy-as-code, and hardened deployment paths ship as features of the internal developer platform. Security evolves from “review and approve” to “provide secure defaults that can’t be bypassed without intent.”

6. Compliance frameworks evolve toward automation evidence

SOC 2, ISO, NIST CSF, PCI, and emerging AI-specific regulations shift toward system-generated evidence. Control maturity is measured by continuous signals rather than static documents.

7. Agentic workflows replace traditional dashboards

Teams move from dashboards filled with findings to autonomous agents running playbooks. Agents triage issues, file tickets, verify fixes, and escalate exceptions. Humans oversee prioritization and judgment instead of doing manual triage.

8. Data becomes the new perimeter again

As compute shifts closer to on-prem and more models run locally, the control plane around data becomes more important than the one around networks. Lineage, classification, entitlements, and context-aware access policies become central.

9. Audit cycles shorten

With continuous evidence exports, audits happen in smaller increments. Auditors pull from real-time data rather than scheduling long annual fieldwork cycles. Teams operate closer to continuous readiness.

10. Vendor consolidation pressures the large suites

Demand for unified data models pushes major platform vendors to simplify and consolidate their tools. Customers want fewer dashboards, deeper integration, and consistent data models that feed cleanly into AI systems.

Looking Ahead

Whether all ten predictions land isn’t the point. The pattern is clear: engineering, automation, and business operations are converging. The lines between software teams and the functions they run are already blurring. AI accelerates the trend. Context, good design, and simplicity still win.

I look forward to revisiting this in a few years to see what aged well and what didn’t.