Why Predictions Suck and How to Fix Them

Every year from November onwards, we start to receive press releases, “thought leadership” reports, LinkedIn posts and DMs about predictions around how the technology and cybersecurity markets will develop during the following year. This year the volume has increased, but the noticeable uniformity of the content points to the wider use of GenAI tools, producing a mass of generic predictions. So many people commenting on their experiences made us ask: should we just avoid making predictions for 2026?

In early December, we created a poll on LinkedIn to gauge interest. Given the “predictions fatigue” that many followers and listeners had already talked about, we offered three variations on “No” for an answer, and one for “Yes”. After a week, the results were as follows:

Q. As 2025 draws to a close, would you like to hear our predictions for the cybersecurity market in 2026?

a.        Please, no more predictions… 9%

b.        Honestly, stop already! 5%

c.        Not listening, not listening!! 0%

d.        Yes, but not AI-generated! 86%

The topic of predictions clearly struck a nerve, but it is also clear that there is a strong appetite, albeit for those produced without AI. Given the volume of slop arriving in our inboxes, we couldn’t agree more. Encouraged by the results of the poll, we decided to go ahead.

So, with a morass of GenAI-produced content out there, how can analysts provide a forward-looking perspective that offers genuine insight and guidance?

The ‘Art’ of Predictions

Some believe that a scientific approach is best when making predictions. Careful analysis of trends; creating formulae that calculate future market or category values;

looking at past performance to model future results etc. A scientific approach uses observation and recorded data to conclude a potential future state. While this is an extremely good way to predict, e.g. the orbit of a planet around the sun, on its own, a scientific approach works less well in fast-changing, evolving technology market.

We believe that predictions are more of an artform. Why is that? Because – like it or not -making predictions in the technology sector involves gutfeel, combined with a creative approach to new or emerging ideas and trends, and the ability to articulate the story of the unknown or the yet-to-come. Making predictions requires an understanding of the “wisdom of the crowd”, given that this comes from a pool that is diverse, independent and informed.

As analysts, we are in the somewhat unique position of building our understanding of the future from the collective judgements of those we have talked with during the year: technology vendors, service providers, security professionals and others, through briefings, presentations, interviews and chats over coffee (or something stronger). Synthesizing all that input, weeding out the hype and hyperbole, and coming up with insightful, thought-provoking predictions is the goal.

Predictable vs. Unpredictable Predictions

In cybersecurity, it’s easy to make predictions that are… predictable. For example, no-one will be surprised when M&A activity continues next year. Ransomware will be important in 2026, but that has been the case for many years. AI is sure to continue to “disrupt” the market, but unless the world comes to a sudden end, that is a safe prediction to make. Likewise, robots will be able to do more complex physical tasks, and the capabilities of Artificial General Intelligence (AGI) will continue to improve, but humans are not going to be completely replaced any time soon – if at all.

The challenge therefore is to look ahead at what is likely to be of immediate concern in the near term (12 months), but that has a realistic chance of shaping the market in the medium term (two to three years). Beyond that timeframe, we would argue that the value of predictions diminishes significantly, given the rapid rate of change in the cybersecurity market and the wider tech sphere. Looking ahead three to five years should involve a multitude of possibilities and outcomes. Directional indicators? Sure. Scenario modelling? Go for it.

Sadly, the temptation to make predictions that follow past outcomes are likely to appear stale and/or repetitive. Taking a cookie-cutter approach - “In [insert year], [insert %] of companies will be [insert behavior] in order to [insert outcome]” – might gain some headlines but will probably result in ridicule 12 months later.

Don’t Forget the Black Swan!

The nemesis of those doing regular forecasting or predicting is a black swan event: those rare and unexpected happenings that have significant ramifications. The 2008 financial crisis and the COVID-19 pandemic were unforeseen, but highly consequential. In hindsight, some say that such events are inevitable, but at the time, virtually no-one was predicting their potential occurrence. The technology market is highly unpredictable. In March 2022, who could have predicted the significance of the launch of ChatGPT 4 in March 2023, let alone the effect it would have on global IT infrastructure spending, datacenter build-outs and promises of trillions of dollars of future investment?

Perhaps it would it be easier to stop making predictions, given that the most consequential events are generally those that are the least foreseen? It is worth remembering however that black swan events are considered rare. One can still make reasonable predictions that also recognize the potential for the unpredictable. Subtlety and nuance can be included; best- and worst-case scenarios described; a range of probable outcomes outlined.

This approach may seem like a predictions cop-out, i.e. introducing other possible outcomes, sowing uncertainty, being less prescriptive and definite. I learnt early in my analyst career however that the real value of predictions is to help inform the opinions of the recipient. They may not agree with you, but by offering perspectives that include other possibilities, it helps them make their own decisions.

What About Our Own Predictions?

We hope that this short piece helps readers understand the rationale behind our approach. Keep an eye out for Richmond Advisory Group’s own 2026 predictions for the cybersecurity market – coming soon to this blog!