IBM Technology Atlas
→ Updated April 2023
Security roadmap
→ on target
2023
Security journey Unified threat management
leverage foundation models
to protect high-value assets
Strategy overview In 2023, the protection of high-
value assets will tighten with
unified threat management in
the hybrid cloud, and compliance
with regulations. This will raise
the mean time to failure and
lower the mean time to recovery
to within an hour.
Why this matters With an evolving security
to our clients and threat landscape, unified threat
the world management and compliance
will protect businesses from
growing threats and allow faster
response across hybrid cloud
environments.
The technology or Standardized industry controls,
innovations that will the development of an advanced
make this possible assessment platform, and
compliance management tools
will protect the attack surface.
A cloud-native and enterprise-
grade log management
solution, behavior analytics,
and foundation models will
monitor the attack surface, and
automation with AI will enhance
the response time.
The platform or A cloud-native, open unified
infrastructure will threat management platform
these advancements will be delivered, differentiated
by delivered on with AI, simple to use, and
integrated with infrastructure,
the multi-cloud platform,
applications, and data.
Unified threat management, quantum-safe cryptography,
and semiconductor innovations secure multi-cloud,
decentralized environments.
→ on target
2024
Zero-trust-based security and
compliance drives multi cloud
cyber resiliency
By 2024, full-stack zero-trust
architectures that provide
continuous compliance and
digital sovereignty will make
organizations more resilient.
This will raise the mean time to
failure and lower the mean time
to recovery to minutes.
As digital transformations
expand the attack surface,
advances in 2024 will help
organizations ensure risk-based
access across multi-cloud
environments to protect from
cyber threats, and automated
and continuous compliance.
Prescriptive zero trust-based
controls with continuous industry
monitoring and confidential
containers built on secure
enclaves for adaptive policy
management with distributed
enforcement will provide
protection. AI foundation
models on multiple telemetry
sources will automate the threat
management lifecycle and evolve
into a risk operations center.
The hybrid cloud will be
enhanced with built-in
zero trust guarantees and
continuous compliance added
at all levels and integrated with
deployments across sovereign
and hybrid clouds.
2025
Quantum-safe cryptography
and a secure supply chain
are the norm
In 2025, we will protect
multi-cloud deployments with
quantum-safe cryptography and
a secure supply chain of software
and services that addresses the
threat of quantum computing
and open-source software
vulnerabilities.
Quantum-safe cryptography
protects classical cryptography
from quantum attacks, while a
secure software supply chain
protects enterprises with
provenance and security checks
to filter vulnerabilities.
Quantum-safe cryptography
standards and crypto agility will
enable the migration to a quan-
tum-safe future. A software bill of
materials and industry certifica-
tions like the supply-chain levels
for software artifacts (SLSA) will
be enabled by software genome
technologies for software com-
position analysis across legacy
and closed-source code.
A governance mechanism based
on crypto agility will ease the
migration to quantum-safe
cryptography. We will deliver
innovations in the software
supply chain security in a cloud-
native manner to meet SLSA
level 4 for containers.
2027
Robust AI and fully homomor-
phic encryption secure insights
and data while in use
By 2027, technologies like fully
homomorphic encryption (FHE)
and robust AI will be widely used
to protect enterprises against
data breaches and adversarial AI.
Fully homomorphic encryption
enables analytics and privacy on
always encrypted data, including
when it is in use, and robust AI
will protect against adversarial
attacks on AI services.
Fully homomorphic encryption
and AI robustness toolkits
will produce privacy-enabled
and robust AI. Model security
operations (ModelSecOps)
will discover and remediate
vulnerable services and clear
text data.
Frameworks for developing
robust and secure AI
applications on encrypted data,
crypto libraries with hardware
acceleration, and AI robustness
toolkits will become embedded
in AI developer tooling.
2029
Security brings trust to a
decentralized digital world
2029 will bring security and
management of trust across
decentralized computing /
digital environments with self-
sovereign identity and digital
assets. This will bring protection
and trust to IT deployments and
sovereign clouds.
The innovations we will deliver
in 2029 will enable organiza-
tions to solve the security chal-
lenges posed by the expanded
attack surface of decentralized
IT deployments like sovereign
clouds and virtual worlds.
Open standards and privacy-
preserving techniques
will secure decentralized
environments like sovereign
clouds, digital assets,
decentralized identity, etc.
Breach and attack simulations
with a risk-driven approach will
help address threats proactively
and prevent breaches. A mature
risk operation center will
improve monitoring.
Sovereign hybrid cloud and
other distributed deployments
will have decentralized identity
and compliance, ensuring and
managing trust everywhere.
IBM Technology Atlas
2030+
Secure semiconductor chips
power ubiquitous controls
By 2030, security controls will
be incorporated along the full
computing stack, from the lowest
level up, and across multi-cloud
applications and systems.
Security controls for the lower
levels of the stack and across
multi-cloud deployments counter
adversaries trying to attack the
very technologies driving the
shift to the multi-cloud.
A multi-cloud security control
plane anchored in hardware
security mechanisms such as
chiplet security and secure,
cloud-native electronic design
automation (EDA) will be
developed to track and counter
adversaries. It will be used to
protect and monitor the attack
surfaces across applications
and data.
The multi-cloud platform will be
available with trusted hardware
designed by secure, cloud-native
processes and embedded in
chips in trusted foundries.