What Role Will Storage Play in Supporting AI Applications and Your Cyber Resilience Posture in 2025? A Big One.

By Paul Speciale, Chief Marketing Officer, Scality

The IT industry stands at a pivotal juncture where speed, resilience, and security will define success in key business initiatives that leverage data. Advancements in AI are converging with cyber defense strategies, forcing IT organizations to adjust quickly. Foundational on-prem and hybrid cloud storage solutions are set to become essential, not only as a framework for AI innovation but as a critical shield against escalating ransomware threats. 

In the year ahead, we anticipate a resurgence of data architectures that support two key IT priorities: 1) accelerating AI-driven initiatives, and 2) strengthening end-to-end cyber-resiliency to counter the persistent rise in ransomware attacks. 

To meet the demands of these two priorities, we see the IT leadership in organizations we work with considering five new trends to accelerate their business outcomes:

  1. Object storage will emerge as the go-to data storage model for AI application developers.

Application developers are under intense pressure to leverage AI to boost efficiency and outpace the competition. Global 2000 enterprises, government agencies, and cloud service providers are pouring resources into AI and machine learning projects, racing to demonstrate returns on these investments.

Time-to-market for applications is key, with today’s designs centering on cloud-native, container-based services. For these stateless applications, API-based methods of accessing external business logic, databases, networking, security services — and now data storage — are a natural fit.

Moreover, no developer wants to deal with capacity, performance or other limitations inherent to legacy file and block storage. Object storage, with its flat, virtually unlimited namespace, offers a clear advantage for large-scale data lakes and tools that access data in the AI data pipeline.

In 2025, I predict that object storage will become the de facto storage model of choice for high-performance AI applications, especially for model training and fine-tuning.

2. The next phase of ransomware defense will focus on cyber resilience against data exfiltration.

Immutable storage has proven to be a game-changer in the fight against ransomware, providing an unbreakable defense against encryption attacks by ensuring backups remain impervious to modification or deletion. Widespread adoption of this technology has been one of the major industry trends of the last few years, with our data showing 94% of IT leaders now rely on immutability as a cornerstone of their ransomware defense strategy. 

That said, defending against cyber threats has always been an arms race. As organizations adopt new defenses like immutable storage, cybercriminals don’t just give up; they adapt.

We’re now witnessing one such adaptation in real-time, with threat actors currently shifting from encryption-based attacks toward more sophisticated data exfiltration tactics where sensitive data is stolen rather than encrypted. Because these attacks don’t rely on encrypting or altering data in order to extract a ransom, immutability alone can’t stop them. These tactics are spreading fast, threatening to catch organizations off guard — despite being practically unheard of only a few years ago, 91% of ransomware attacks now include a data exfiltration component.

What does this mean for 2025 and beyond? I predict that while immutable storage will remain a powerful and essential tool in the fight against ransomware, going forward, it must be paired with additional layers of active cyber resilience to address emerging threats like data exfiltration. Organizations need to secure sensitive data wherever it exists — in production, in transit, and even in stored backups. The best defense will combine the unyielding protection of immutability with advanced measures to prevent data from falling into the wrong hands.

  1. EU data privacy regulations will drive a new wave of data decentralization

Just as GDPR pushed organizations around the world to rethink their approach to data privacy, the new European NIS-2 and DORA regulations coming into effect in 2024 and 2025 will soon force organizations to adopt stronger cybersecurity measures, improve incident responsiveness, and increase their resilience to cyber-attacks.

The increased emphasis on data sovereignty found in these regulations will have the likely side effect of greatly complicating data transfers for EU organizations, especially those handling cross-border data flows. Organizations managing critical infrastructure will likely face burdensome restrictions on exporting data outside the EU.

As a result, in 2025, we will see organizations move to establish new, separate EU data centers to comply with stringent data sovereignty, cyber resiliency, and cross-border transfer requirements.

  1. Backup-as-a-Service (BaaS) offerings will thrive as businesses prioritize cyber resilience and data sovereignty.

As threat actors leverage AI to supercharge phishing attacks and other ransomware vectors, organizations will increasingly turn to Backup-as-a-Service (BaaS) for protection. The most effective defense against ransomware is a robust backup strategy, and BaaS offers managed, automated backup solutions while offloading the complexity of maintaining secure backups in-house.

Stringent new data sovereignty laws will make BaaS even more attractive. These regulations require enterprises to store and process data within specific geographic boundaries depending on where the data was collected, adding significant complexity to data management, especially for multinational organizations.

Cloud service providers can address both these issues by offering geographically distributed backup solutions, allowing organizations to meet regulatory requirements and ensure data security and availability, without needing to invest heavily in their own infrastructure and expertise.

Given these two trends — the increased threat from ransomware and the growing complexity of data sovereignty requirements — I predict that demand for BaaS solutions will surge as businesses seek to safeguard data and meet rising global compliance standards.

5. Emerging workloads will demand storage systems that scale beyond capacity and performance alone

In 2025, the next generation of AI, cloud-native, and large-scale media workloads will test the limits of traditional storage systems, pushing many to their breaking point.

Capacity and performance have long been the primary metrics for storage scalability. But with emerging workloads now stressing storage infrastructure in novel and unpredictable ways, the ability to scale across other dimensions — such as metadata handling, objects per second, and access speed — is increasingly becoming critical.

For example, the challenges presented by modern AI data pipelines go far beyond the need to store massive datasets. You also need to efficiently manage enormous volumes of metadata tied to these datasets and ensure near-instantaneous access for training models. Similarly, modern media workflows often require rapid access to tens of thousands of objects per second, not just large storage pools. Workloads like these expose the limitations of legacy systems that are built to scale primarily on capacity and throughput, but struggle in areas like transactional scalability and managing massive numbers of small objects.

To remain competitive, storage systems must evolve to handle the complexity of these new demands. Going forward, I predict that organizations will increasingly prioritize solutions that can scale across multiple dimensions — not just in terms of raw storage, but in their ability to handle unpredictable data patterns, rapid access speeds, and the simultaneous management of massive data sets and metadata. The future of storage lies in systems built for this type of flexibility and power, capable of scaling in ways that go far beyond simple capacity.

Conclusion

2025 presents enormous opportunities that underscore the critical need for robust IT infrastructures that power AI-centric projects while keeping data protected from cyber attacks. Multidimensional scaling capabilities are required to meet the demands of AI-centric projects. And, cyber-resiliency will continue to emerge as a crucial line of defense to sustain the integrity, reliability and performance of business critical data. 

There is no ‘one size fits all’ approach when it comes to data storage management. As such, 2025 is the year organizations will invest in implementing a storage management infrastructure that addresses their unique business needs, supporting their growth in a modern data-driven landscape.

You may also like...