Brussels has already set global standards for personal data protection and privacy with the GDPR regulation Copyright POOL/AFP Jade GAO
How will information technology tackle the increased use of artificial intelligence in a way that is proactive and agile? The advance of AI is expected to extend even further in 2025 compared with the previous year. Withing in on the likely direction is Theis Nilsson, vice president global advisory practice, at the firm Omada.
Nilsson’s assessment includes a consideration of the tricky balance that needs to be struck between regulating the excesses of technology and the need to ensure innovation continues.
Prediction: Organizations Will Increasingly Embrace AIDriven Innovation and CrossPlatform Interoperability
On the issue of good governance, Nilsson predicts: “The Identity Governance and Administration (IGA) sector will continue to see rapid innovation spurred by AI/ML. As vendors consolidate, interoperability will be key, with companies striving for seamless integration across platforms. The winners in this space will be those who can harness crossdomain capabilities and implement agile solutions for cloud application management, enabling tasks like application onboarding in a matter of hours.”
Prediction: Navigating Infrastructure Complexity Will Become a Bigger Challenge
On the matter of balancing regulatory and security spend, Nilsson predicts: “The complexity of infrastructure and system landscapes will continue to present challenges and setbacks. Companies will need to navigate competing priorities, with governance, risk and compliance investments often clashing with spending on perimeter security and efficiencydriven AI/ML initiatives. Regulation will play a crucial role in maintaining a balanced corporate focus amid these competing demands.”
Prediction: Balancing Regulation and Innovation for Enhanced Security
Developing the regulatory theme further, Nilsson expresses the view: “Regulation will continue to shape Identity Governance and Administration (IGA), with frameworks like the Network and Information Systems 2 (NIS2), Digital Operational Resilience Act (DORA) in the EU reinforcing compliancedriven initiatives. At the same time, a push toward corporate effectiveness will highlight the efficiency benefits of automated and AIsupported IGA solutions. In both instances, security will remain a priority, with principles like “least privilege” becoming crucial to limit hacker access, aiming to ensure that if an attacker gains entry, their ability to move across systems and platforms is restricted, mitigating potential damage.”
Drawing another example, Nilsson finds: “Another hot spot where regulation and innovation are coming together is the EU AI Act. As AI is offered in highrisk applications such as Identity and Access Management (IAM)/IGA, there’s plenty of analysis and preparation for vendors as well as customers. The EU AI Act represents a landmark regulatory effort as it attempts to balance safeguards to protect individuals from potential harm but must not restrict innovation.”
Prediction: GenAI/ML Will Enhance Identity Governance
The easiest form of AI to adopt for a firm is generative AI. On this matter, Nilsson states: “GenAI/ML are likely to play a more significant role in Identity Governance and Administration (IGA) by simplifying tasks like access requests and approvals, where they can provide valuable guidance and support. However, the effectiveness of GenAI/ML in the deepest aspects of IGA, such as business logic analysis and role mining, may be limited due to bad data hygiene.
This often results from inconsistent governance and could skew GenAI/ML insights. Nonetheless, AI/ML will be useful at a higher level, potentially aligning regulatory requirements, business processes and jobrelated permissions more effectively. The goal of this particular innovation is can a user and chat assistant accomplish their goal with a time and cost reduction? We estimate that the cost per transaction of a user and AI chat assistant will be a fraction of a help desk call price.”
