Live Webinar | 26 June 2025 9AM PT
From Black Box to Boardroom: Operationalizing Trust in AI Governance
November 29, 2024
November 29, 2024

10 key takeaways from G2's State of Software report

Amrita Agnihotri

2024 has been an action-packed year for software. The combined pressures of artificial intelligence (AI), enhanced regulatory requirements, and economic pressures made it one for the history books. G2 recently released its “State of Software" report, and in this post, we'll take a look at its key takeaways.

We'll break them down through the lens of governance, risk, and compliance (GRC), focusing on how these trends impact the way businesses manage risk and stay compliant.

Read now: G2's State of Software Report: Scrut ranked #3 in GRC Momentum

1. AI dominates market growth

AI is the fastest-growing software category, with a 38% year-over-year (YoY) increase. Generative AI tools like image generation, chatbots, and code generation continue exploding in popularity as organizations seek scalable content creation solutions.

This is no surprise two years after the generative AI movement exploded with the release of ChatGPT. As we've written about before, though, these AI tools can both solve GRC problems and create new ones.

2. Voice recognition leads in AI return on investment (ROI)

Voice recognition software is the fastest in AI for ROI. With widespread use in call centers and IoT applications, it enables users to quickly leverage AI for operational efficiency.

From a security perspective, however, the explosion in voice cloning and deepfake capabilities could present a potential challenge.

When heavily regulated industries like financial services rely entirely on voice recognition for authenticating customers, the risks are substantial. Companies leveraging voice recognition should think carefully about the use cases for it, how attackers might exploit them, and what controls to put into place (multi-factor authentication, etc.).

Read also: Why organizations need Multiple Authentication protocols

3. AI adoption sees hurdles in enterprises

Despite the explosive growth of AI solutions, enterprise buyers show lower satisfaction rates with AI products compared to small and medium businesses (SMBs). This indicates potential challenges in scaling and integration.

Similarly, enterprise security teams remain cautious about AI deployments from a data protection and privacy perspective. Justified or not, companies selling AI to the enterprise will need to address a range of customer concerns before closing deals.

4. GRC and data privacy solutions have the top momentum, along with AI

The GRC space itself has been heating up, according to G2. The cybersecurity threat environment is hostile, and regulatory requirements are piling up. This makes buyers and sellers more security-conscious, driving demand for GRC solutions.

Scrut Automation is an ideal solution because it simplifies compliance, reduces overhead, and scales with your business. This makes it easier to stay audit-ready and manage risks.

See how Scrut helped Balboa Travel simplify risk management and accelerate its compliance process.

5. Cloud security tool growth continues alongside GRC

In addition to GRC solutions, pure-play security software like Wiz continues to expand in popularity. As customers expand their presence in the cloud, they also increase their potential risk surface. Automating tasks like configuration and vulnerability management becomes increasingly important as security teams remain understaffed.

Watch now: Securing the future: Strategies to master cloud security

6. Buyers demand quick ROI

Over 78% of buyers seek ROI within six months, although only 44% report achieving it within this timeframe. These pressures mean sales cycles will be more demanding, and faster-moving teams will have an advantage.

Consider building a dedicated Trust Vault to quickly share security and compliance information with customers. By addressing customer concerns proactively, software companies can potentially beat out the competition.

7. Vertical-specific solutions drive buyer interest

Industry-focused software categories attract significant buyer traffic, driven by demand for specialized solutions that align with specific vertical needs, particularly within sectors leveraging AI.

From a GRC perspective, this means companies are likely to deploy more specialized point solutions to solve business problems. While there are definitely business benefits to specialization, vendor management becomes more challenging. This can potentially create security and compliance gaps for companies that are not paying close attention.

8. The fastest ROI overall comes from design software

79% of buyers report achieving ROI within one year with these tools. While design software isn't traditionally seen as a critical GRC concern, the integration of AI capabilities into popular ones like Figma raises questions about intellectual property ownership and privacy.

Companies leveraging these tools should carefully examine their terms, conditions, and data controls. The risk is generally lower if you create content meant to be publicly available. But if you use them to build proprietary designs for software user interfaces or similar projects, consider how you can protect your data while still reaping their benefits.

Read also: How to create strong ROI for multi-cloud solutions using security and compliance

9. Business entertainment software leads design ROI

Over 80% of users in categories like photo and video editing report seeing ROI within six months, emphasizing the high value of visual content tools. Regulations like the European Union (EU) AI Act, however, are certain to have major impacts in these categories. The law will eventually require labeling “deepfakes" generated by AI.

Compliance and security teams must be alert to these regulatory needs and design Responsible AI programs, potentially based on ISO/IEC 42001, to address these challenges.

Read also: The Great AI Regulation Road Trip through ISO 42001, NIST AI, and Beyond

10. High growth in environmental, social, and governance (ESG) reporting tools

On top of security and related compliance needs, companies need to adjust to the broader demand for corporate ESG. The entire product category is growing at a 28% YoY rate, demonstrating how much demand there is in the market.

Managing ESG concerns is part of a broader enterprise risk management program that includes cybersecurity and privacy. Designating accountable business leaders to manage all of these is a key task for companies in every jurisdiction and industry.

Read also: Sustainable strategies: Environmental, social, and governance (ESG) risk management

Conclusion

G2's “State of Software" report highlights the unstoppable rise of AI, with businesses across industries racing to integrate it into their products and processes. But as AI reshapes industries, it also brings challenges—particularly in managing third-party risks, meeting regulatory requirements, and protecting reputations.

To tackle these challenges, companies need a GRC solution that addresses the unique risks AI introduces. Scrut Automation simplifies compliance, automates risk monitoring, and keeps your operations secure and audit-ready, even as new complexities emerge. Built for scaling businesses, Scrut reduces manual overhead by seamlessly integrating into your workflows, allowing you to stay focused on growth without the chaos.

With Scrut, you can quickly establish compliance with frameworks like SOC 2 and ISO 27001, collect evidence effortlessly, monitor cloud assets in real time, and proactively communicate your security posture using tools like the Trust Vault. As AI continues to transform how businesses operate, Scrut ensures your compliance and risk management stay ahead of the curve.

Ready to embrace a smarter approach to compliance in the AI era? Book a demo now!

Liked the post? Share on:
Amrita Agnihotri

Amrita Agnihotri is a seasoned marketing leader and the Head of Demand Generation and Marketing at Scrut Automation specializing in Governance, Risk, and Compliance (GRC) related content. With over a decade of experience in strategic marketing and demand generation, Amrita excels at building impactful campaigns that drive business growth and elevate brand visibility. Her expertise spans digital marketing, content strategy, and lead generation, with a focus on creating customer-centric approaches that resonate with key audiences in regulated industries.

Authored by
Table of contents
Example H2
h3
Example H3
h4
Example H4
h5
Example H5
h6
Example H6
Subscribe to our newsletter
Get monthly updates and curated industry insights
Subscribe
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Join our community and be the first to know about updates!

Subscribe
I agree to receive marketing insights and other communications from Scrut Automation.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Related Posts

Risk Management
MAS TRM implementation made simple: A practical guide for 2025
ISO 27001
ISO 27001 change management: Meaning, process, and template
Scrut Updates
Scrut innovations: June 2025 snapshot

Ready to see what security-first GRC really looks like?

The Scrut Platform helps you move fast, stay compliant, and build securely from the start.

Book a Demo
Book a Demo
Platform
Why ScrutExplore the PlatformSimplify ComplianceStreamline AuditsEmpower Your EmployeesMonitor Cyber RiskAssess Third-Party RiskValidate User PrivilegesManage Asset InventoryDemonstrate TrustAI-Powered GRCIntegrate Your Tech Stack
Frameworks
SOC 2ISO 27001GDPRPCI DSSHIPAANIST AI RMFCustom FrameworksAll Frameworks
Company Stages
StartupGrowthEnterprise
Industry
Enterprise SoftwareFinancial ServicesHealthcareTravel and TourismEducation
Resources
BlogEbooksPodcastSuccess StoriesWebinarsEventsGlossaryFAQs
Hubs
SOC 2 HubISO 27001 HubHIPAA HubExplore All Hubs
Partners
Become a PartnerFind a Partner
Company
CustomersAboutCareersNewsroomSecurity
TrustTerms of UsePrivacy PolicyCookies Policy
© 2024 Scrut Automation. All Rights Reserved.