What will come in the future for Information Security?  Here is a list of things I see clearly becoming relevant in the next 20 years.

1. Standardized definition of a file - An ISO (universal) standard defining a "file".  this standard will allow for more robust security measures such as signatures, thumbprints, reliable timestamps, content validation, etc.  Making a file more into a container with approved slots for required features.  This will place more integrity in the files.  A previous post I made about secret sharing can be combined with this to appease any Board of Directors.
2. Full auditing computer systems - A computer designed to fully audit every single change to it for providing a reliable audit trail.  This will require isolated logging features, likely open source analysis, and an insane amount of storage space, memory and features.
3. Multi-factor authentication - Two ain't enough. Eight may be.  See next entry.
4. Split secrets - The old missile launch key solution to major risks will become more pervasive in corporate environments where data security is mandated.  An erosion of trust masked in a technological solution will be quickly accepted by management.
5. Templatized security code analysis - This is already found in limited capabilities at some large companies.  But the days of 300Kb exe's is going the way of the dodo.  Imagine MBs of security code to protect the actual code.  Writing a C++ app for the government? You need to implement at least one of 3 possible security enhanced services within your code or no acceptance.  This will protect from all known exploits for a language and provide the intense logic analysis needed to actually do its job.  I imagine protected updates will be mandatory.  Think TPM here.
6. Restrictive Operating Systems - So locked down, you may be able to revert to a mainframe concept and reduce usage to specific commands and applications options.  Corporate users will cry today, but thank us later, when millions of social security numbers, credit card numbers are actually abused in a vast breach.  All those unknowing employees fired/jailed without a thought by their companies to protect their investors.  Then not being able to run Solitaire will bring a sigh of relief to the worker bee who fears some strange program from ruining their career.
7. Big Brother - Think you have someone watching your every move today?  Ha!  Its nothing like will be present in 20 years.  Mandatory recording, tracking, home auditing will all be part of getting a job in the future.  Remember Back to the Future 2, they'll watch every transaction you perform at home as well and be able to act instantly on it.  All because you'll want a job that pays well.  Cheap jobs will still be generally unmonitored.  Homeland Security will push for this program design, you'll see.
8. Open source - After years of struggling with acceptance open source solutions will go critical as technology provides some of the solutions above.  Once code security is modularized, implementing secure open source solutions raises their trust factor significantly.  I imagine modularized solutions for code performance and feature provisioning will also occur reducing the effort in producing well built open source solutions that don't require a degree to use.  Most open sources apps today have a handful of active developers and likely numerous hackers attacking the published code, with opposite goals.  The changes mentioned will make hacking much more difficult at the code level.