UBS estimates that just four technology companies – Alphabet, Amazon, Meta, Microsoft – will have spent $222 billion on AI capex in 2024, as a GPU, network and associated infrastructure feeding frenzy continues.
The investment bank, looking ahead in its 2025 outlook, had AI on its mind but also electrification: “The rise of AI data centers, industrial electrification, electric vehicles, and global climate goals [mean that] that electrifying the economy will require $3 trillion annually by 2030.”
The Swiss firm was among the many pushing out predictions for 2025.
The Stack digested the outlooks of its peers in the investment banking space (most are also emphasising the infrastructure pressures and opportunities afforded by rampant demand for electricity) and the enterprise technology world to serve up a snapshot of outlooks for 2025. Read on...
As CIO Ash Jokhoo of Direct Line Group put it:
"Those that believe that traditional approaches to established technology patterns (regardless of sector) will suffice, will be left standing still. This next phase of capability will create competitors that continue to experiment and use augmentation to create value and extract value of historic assets faster than you if you don’t have a roadmap..."
Hardware, meet software…
Citi sees robotics on the rise, not least amid a “further push to bring manufacturing activity back to the U.S… especially in key sectors such as technology. This onshoring is likely to see much activity carried out via robotic technology in state-of-the-art facilities,” it suggested this week.
More at the enterprise technology level, Nutanix’s engineering VP Debo Dutta suggests that cloud robotics will... enter the enterprise.
"This will lead to shared services and data infrastructure spending, especially in the manufacturing sector [whilst] new technology and architecture will emerge to fuel the next gen models and multi-agent systems.
ARM will proliferate; to overcome the memory wall, in-memory compute will get popular (similar to how Apple M4 style converged architectures with very high memory bandwidth); smart NICs will run entire storage controllers.
See also: Oracle Database comes to Arm
Want an even more specific emerging robotics meets AI use case?
YC Combinator startup Perceptive, backed by Mark Zuckerberg’s dad, is working to “improve access to dental care in underserved populations by combining novel imaging technology with AI and surgical robotics to automate surgery in the $452 billion dental industry.” Open wide!
The Stack says: Look out for more news from companies looking to bridge more traditional hardware and software; e.g. the likes of Viam, founded by former MongoDB CTO Eliot Horowitz, who holds that the advancement of robotics is being slowed by poor software, not hardware bottlenecks and increasing convergence around open standards and open source, via the Open Source Robotics Foundation
Compound, open, small... AI
UBS expects that by 2027 AI will create “a directly addressable market of $395 billion in revenue opportunities for the application layer. We anticipate successful generative AI applications across a range of industries, including in health care, cybersecurity, and fintech”, it said.
Steven Webb, UK Chief Technology & Innovation Officer at Capgemini predicts that “in 2025, we’ll see wider adoption of small language models (SLMs) and AI agents as we move into an era of Agentic AI…”
“In my work with clients, I’m seeing a growing interest in SLMs, and I believe we will see significant adoption in this space in 2025.
"SLMs are streamlined versions of LLMs and are faster to develop and scale, offering greater efficiency… our recent data shows that over half of businesses are planning to adopt SLMs in the next three years” said Webb.
See also: Dropbox's vector search: Challenges and model choices...
“Multi-agent systems, where multiple AI agents work collaboratively to solve complex tasks, will become a major player within the next years.”
Peter Guagenti, president of Tabnine, an AI coding assistant, is optimistic that 2025 will bring the first truly open-source LLM: “The ‘source’ in an LLM is the content used to train them, and in 2025 we will see the first models that are not only free to use but are also fully transparent and that allow the community to contribute. We will soon have models where the content used to train them is completely publicly documented, and where the community of users can contribute additional training data…”
The Stack says: Look out for those intelligently optimising how a plethora of LLMs and SLMs are allocated tasks, including the likes of Fireworks.ai.
The Cyberz...
Ransomware didn't go anywhere in 2024, even if data from some suggests attacks involving endpoint encryption actually fell. Rapid7, for example, saw widespread exploitation of:
- CVE-2024-3400 in Palo Alto Networks PAN-OS
- CVE-2024-24919 in Check Point Security Gateways
- CVE-2024-1709 in ConnectWise ScreenConnect
- CVE-2023-48788 in Fortinet FortiClient
- CVE-2023-48365 in Qlik Sense Enterprise for Windows
- CVE-2023-36025 in Windows SmartScreen
- CVE-2020-14882 in Oracle WebLogic Server (Oracle Fusion Middleware)
- CVE-2018-15961 in Adobe ColdFusion
... as well as "social engineering... geared toward easy initial access via exploitation of support services. One customer case involved a help desk employee being tricked into configuring a new MFA device and resetting a user password. A separate incident involved an SEO poisoning attack and the download and installation of a trojanized version of the freeware disk analyzer tool SpaceSniffer. Analysis and cleanup tools are popular targets for fake advertisements and bogus downloads."
So what does the future hold on the cybersecurity front?
Every prediction The Stack has received has been a medley of buzzwords that are mostly intended to up-sell products or solutions ("Zero Trust" vendors anticipate more adoption of that; disaster recovery specialists claim the world will recognise the importance of immutable, segmented backups, etc.) We'll roll with just one:
"Supply Chain Long-Cons Become the Norm: Threat actors will increasingly adopt long-term infiltration strategies, targeting lesser-known software dependencies to exploit vulnerabilities while maintaining a façade of legitimacy" – Marc Laliberte, Director of Security Operations at WatchGuard.
It's hard to disagree with that take.
Outside of the security world, the XZ Utils security incident of early 2024 is a fuzzy memory if it is on the mind at all, but the incident deserves remembering. In March, a backdoor with a CVSS rating of 10 made it onto beta releases of major Linux distributions. It was slipped into the upstream tarballs, or compressed files, of XZ Utils, a data compression tool widely deployed in Linux distributions and only found because it triggered SSH performance issues.
As security researcher The Grugq noted on X, if it had not been caught,“the end game would be the ability to login to every Fedora, Debian and Ubuntu box on the internet. If it isn’t a state actor it should be…”
We anticipate a more successful, gnarly upstream security incident in 2025. The Stack says: Look out for continued growth of the likes of Chainguard which "provide the building blocks for a secure software supply chain", a rise in SASE as CISOs look to outsource network security risk, and perhaps more conversation around the extent to which improved security is not a "buy it" problem, but a "build it right" one, with CISOs and their peers continuing to aggressively consolidate security tools.
What do you predict for 2025, across the platform engineering and developer space; cloud; culture and hiring. Email us.
