Cloud Computing Predictions for the 2020s

The 2010s have been an incredible decade for cloud computing; the term itself moved from relative obscurity to being the operating model of a good portion of the world’s internet services. Startups, and the capital surrounding them, flooded into tech hot spots as cloud computing offered new ways to develop, deploy, operate, and scale the infrastructure powering these new companies. Existing enterprises, including a majority of the Fortune 1000, rapidly adopted cloud computing, moving a collective trillions of requests per second from their own data centers and into the data centers of Amazon, Microsoft, and Google.

At the beginning of 2010, almost no one could have predicted that the cloud would be adopted as quickly as it had been, let alone entirely new paradigms of compute would be invented — “serverless,” containers, Kubernetes, and more.

Despite the unpredictability of this new world in which we now operate, I still find it to be a fun and interesting exercise to attempt to predict trends that will impact cloud computing in the coming years. While I believe some of these may be “safe,” in the sense that the writing is already on the wall, others are a bit more extreme. Let’s see how close we wind up getting!

Congress will pass a law that makes cloud providers responsible for large-scale data breaches.

After the CapitalOne breach of 2019, several members of congress, including presidential candidate Elizabeth Warren, sent letters not only to CapitalOne, but also to Amazon, demanding information on the provider’s role in the incident.

While many security experts quickly pointed out that Amazon was not technically at fault in the incident (no more than a manufacturer of doors would be responsible for a burglary if the lock was left open), I predict that the alarming increase in these kinds of cloud breaches will force congress to act. Regardless of whether this will be due to an uninformed lawmaking body looking for a scapegoat, or a carefully planned law designed to protect users’ data, the result will likely have profound effects on how cloud providers onboard new users and allow developers to rapidly deploy new services.

B2B startups will be forced to move away from Amazon Web Services to satisfy competing enterprise customers.

It’s no secret that some big retailers demand that their vendors avoid hosting their customer data on AWS. This began with Wal-Mart in 2017, but as Amazon rapidly expands into the competitive territory of more and more companies, I predict that we will see an accelerating number of B2B startups questioning whether hosting their data on AWS will prevent them from signing deals with the large enterprises they seek to attract. Any CTO looking to do business with these companies will need to explore alternatives, most likely Microsoft Azure.

Google will shutter or significantly disinvest in Google Cloud Platform.

I was surprised recently to learn that GCP is actually the fourth most-used cloud, behind Alibaba Cloud. This makes their recently-set deadline of 2023 to beat Microsoft and Amazon all the more aggressive. While I have no doubt that Google will continue to attempt to reach this milestone in the near-term, I have also seen the speed at which Google launches and shutters products that fail to live up to their expectations. I predict that GCP will be folded, or at least significantly reorganized with a smaller focus, by the end of the decade.

Very few companies will succeed at a true multi-cloud deployment.

After rapidly adopting the cloud in the early 2010s, many enterprises shifted to questioning their lock-in to a single vendor during the second half of the decade. This, along with a desire to maintain uptime in the event of a provider outage, has led to a significant rise in interest in “multi-cloud” deployments.

However, I predict that these companies are fighting a loosing battle. They are pushing against the forces of a competitive hiring environment where the skills of a single-cloud practitioner are difficult enough to hire for, let alone entire departments skilled in multiple clouds. They have also underestimated the cloud providers themselves who will resist these multi-cloud efforts through even more lock-in, competitive pricing, and other means.

I predict that only the largest enterprises will have the time, skill, and capital to invest in a true multi-cloud environment.

At least one cloud provider will release AI-based services trained to detect “deep fake” videos and doctored images.

It’s no question that the rapid rise of “deep fakes” has led to concerns about public trust in political systems around the world. The technology behind these videos will only continue to improve to the point where doctored content becomes impossible for the human eye to detect.

I predict that the cloud providers, most likely AWS at first, will release an AI-based service that has been trained to detect deep fake videos. They will likely partner with news organizations, Facebook, Twitter, and other online platforms for the purposes of content review and training.

The cloud providers will launch “green” computing as a service.

As companies continue to shift more and more information into the cloud, the single biggest environmental footprint for many will become their compute power. Although Amazon, Microsoft, and Google have announced efforts to eventually shift to 100% renewable power, realizing that goal may still be over a decade away.

Until then, many environmentally-conscious cloud customers will likely seek ways to offset the carbon footprint of their compute power directly via their provider. I predict that this will lead the cloud providers to either launch a separate, “green” compute service (e.g. a new compute instance class) or carbon offsets as a service.

A significant portion of America’s malls will be purchased by Amazon, Microsoft, Google, and Facebook and converted into data centers.

While America’s demand for data services continues to rise exponentially, its interest in physical retail continues to drop. The new decade will accelerate this trend, leading to the closure of even more shopping malls across the country. As the malls close, the big cloud providers will continue to have an insatiable appetite for new data centers, leading them to purchase many of these shuttered facilities for repurposing into data centers.

A misplaced wildcard in an IAM policy will cause a security breach like none seen in history.

Cloud security can be incredibly complicated, especially for large businesses with hundreds of cloud services and thousands of developers operating in its cloud accounts. While 2019 saw some relatively large breaches occur (~100 million credit card application records from CapitalOne), I predict that a cloud security incident in the new decade will put every previous IT security disaster to shame.

I predict that this breach will be unfathomably large. Perhaps a government contractor will loose 500+ TB of sensitive military documents leading directly to a military incident. A hospital network may loose sensitive patient records for a majority of the country’s population. Or perhaps a bank the size of JP Morgan Chase will experience a breach so large its forced to seek a 2008-sized bailout due to lost cash reserves.

AWS will launch an SDK for autonomous self-driving cars.

By the middle of the new decade nearly every traditional car manufacturer will also be embedding self-driving capabilities into their vehicles. AWS will capitalize on this trend by releasing a service that enables manufacturers to leverage its vast network of AI-powered self-driving vehicle training material.

AWS will price this service by miles driven with a free tier of 100 miles/month.

The cloud providers will make multi-region deployments easier.

While it’s currently quite easy to get up and running on any of the largest cloud providers, creating a resilient, multi-region service with automatic failover still requires quite a bit of architecting for all but the simplest deployments.

I predict that, having exhausted the “core” services (e.g. compute, database, storage) that can be built, cloud providers will begin exploring ways to make previously-difficult deployment models simpler for cloud developers. This could be in the form of one-click multi-region deployments or additional “add-on” services that serve to expand existing services into a multi-region format.

Azure will allow developers to deploy in the “Atlantic Ocean North” region.

In 2018, Microsoft tested a data center design that could be submerged in the ocean for cooling purposes. By 2025, Microsoft will commercialize this as a data center offering and it will become their 115th region.

Cloud providers will significantly expand their “no code” offerings.

Imagine being able to point, click, and deploy a fully functional API and front-end web service without writing a single line of code. I predict that the cloud providers will begin realizing that the entangled mess of code powering interactions between their services (e.g. AWS step functions invoking Lambdas that interact with S3 or SQS) prohibits rapid prototyping and limits the use of cloud services to those with exceptional expertise, and begin releasing interfaces that serve to simplify these offerings.

A large cloud provider evokes public outrage after releasing gene-editing-as-a-service (GEaaS).

While I don’t claim to be an expert in biology or advances in the life sciences, I do believe that there will be plenty of developments in the coming decade that push the boundaries of what is considered morally acceptable by society. However, time has shown that our collective morality tends to evolve, and the coming decade promises to test those limits.

That being said, I predict that at least one cloud provider may jump the gun on this evolution and release a service that, while technically admirable, forces society to question whether we should, just because we can.

Microsoft Azure will maintain the pentagon’s JEDI cloud contract after 6 years of contested legal battles from Amazon.

The awarding of the JEDI contract to Microsoft Azure was rife with accusations of political interference, leading Amazon to file suit in response. I predict that this will lead to multiple years of legal battles as Amazon works to protect its current lead in the cloud. Regardless of how it plays out, we certainly have not heard the last word about this $10+ billion deal.

A cyber attack will impact AWS and Azure simultaneously, taking down over half of the internet’s public websites.

It’s March 15th, 2026 and the East Coast awakes to find they are unable to access nearly any media content. Cell phone networks are down, smart devices are blinking “disconnected,” and most people can’t open their Peloton Refrigerators because they haven’t been able to ping a health check endpoint for over 4 hours and have entered “cooling save” mode.

While the cloud providers have been relatively resilient to DDoS attacks, I predict that a DDoS attack of military scale (either launched by a government or someone with a botnet the size of one) will take down a significant portion of cloud-hosted services in the coming decade. In fact, as military strikes shift from physical to cyber space, I predict this will happen more than once.

All the rest.

Here are my other predictions that were either too small or too crazy to fit into the above callouts:

Do you agree with the above? What do you think will happen in the world of cloud computing in the next 10 years?

Founder of @CloudSploit , acquired by @AquaSecTeam . Former Infra / Security / Manager @Adobe , @Aviary & @Mozilla intern, @RITtigers grad, @NYC resident