Quote for the day:
"Remember that stress doesn't come from what is going on in your life. It comes from your thoughts on what is going on in your life." -- Andrew Bernstein
Agentic AI in IT security: Where expectations meet reality
The first decision regarding AI agents is whether to layer them onto existing
platforms or to implement standalone frameworks. The add-on model treats
agents as extensions to security information and event management (SIEM),
security orchestration, automation and response (SOAR), or other security
tools, providing quick wins with minimal disruption. Standalone frameworks, by
contrast, act as independent orchestration layers, offering more flexibility
but also requiring heavier governance, integration, and change management. ...
Agentic AI adoption rarely happens overnight. As Checkpoint’s Weigman puts it,
“Most security teams aren’t swapping out their whole SOC for some shiny new AI
system, and one can understand that: It’s expensive, and it demands time and
human effort, which at the end of the day could appear be too disruptive and
costly.” Instead, leaders look for ways to incrementally layer new
capabilities without jeopardizing ongoing operations, which makes pilots a
common first step. ... “An agent designed to carry out a sequence of actions
in response to a threat could inadvertently create new risks if misused or
deployed inappropriately,” says Goje. “For instance, there’s potential for
unregulated scripts or newly discovered vulnerabilities.” ... “Pricing
remains a friction point,” says Fifthelement.ai’s Garini. “Vendors are playing
with usage-based models, but organizations are finding value when they tie
spend to analyst hours saved rather than raw compute or API calls.”Anthropic, surveillance and the next frontier of AI privacy
Democratic legal systems are built on due process: Law enforcement must have
grounds to investigate. Surveillance is meant to be targeted, not generalized.
Allowing AI to conduct mass, speculative profiling would invert that
principle, treating everyone as a potential suspect and granting AI the power
to decide who deserves scrutiny. By saying “no” to this use case, Anthropic
has drawn a red line. It is asserting that there are domains where the risk of
harm to civil liberties outweighs the potential utility. ... How much should
technology companies be able to control how their products are used,
particularly once they are sold into government? Better yet, do they have a
responsibility to ensure their products are used as intended? There is no easy
answer. Enforcement of “terms of service” in highly sensitive contexts is
notoriously difficult. A government agency may purchase access to an AI model
and then apply it in ways that the provider cannot see or audit. ... The real
challenge ahead is to establish publicly accountable frameworks that balance
security needs with fundamental rights. Surveillance powered by AI will be
more powerful, more scalable and more invisible than anything that came
before. It has enormous potential when it comes to national security use
cases. Yet without clear limits, it threatens to normalize perpetual,
automated suspicion.How attackers poison AI tools and defenses
AI systems that act with a high degree of autonomy carry another risk:
impersonating users or trusting impostors. One tactic is known as a “Confused
Deputy” attack. Here, an AI agent with high privileges performs a task on behalf
of a low-privileged attacker. Another involves spoofed API access, where
attackers trick integrations with services like Microsoft 365 or Gmail into
leaking information or sending fraudulent emails. ... One crucial step is to
make filters aware of how LLMs generate content, so they can flag anomalies in
tone, behavior or intent that might slip past older systems. Another is to
validate what AI systems remember over time. Without that check, poisoned data
can linger in memory and influence future decisions. Isolation also matters. AI
assistants should run in contained environments where unverified actions are
blocked before they can cause damage. Identity management needs to follow the
principle of least privilege, giving AI integrations only the access they
require. Finally, treat every instruction with skepticism. Even routine requests
must be verified before execution if zero-trust principles are to hold. ... The
next wave of threats will involve agentic AI-powered systems that reason, plan
and act on their own. While these tools can deliver tremendous productivity
gains to users, their autonomy makes them attractive targets. If attackers
succeed in steering an agent, the system could make decisions, launch actions or
move data undetected.
‘AI and ML the main focus in tech right now’
AI and machine learning are undoubtedly the main focuses in technology right now, with mentions everywhere. A great way to upskill in this area is by attending talks and seminars, which are frequently held and provide valuable insights into how these technologies are being applied in the industry. These events also help you stay up to date on the latest developments. If you have a strong interest in the field, taking an online course, even a free one, can be a great way to grasp the fundamentals, learn the terminology, and understand how to effectively apply these technologies in your current role. Cloud technology is another area that’s here to stay. It’s widely adopted and incredibly versatile. Cloud certifications are highly accessible, with plenty of resources available to help you prepare for the exams and follow the learning paths they offer. ... Being a people person is incredibly beneficial in this field. A significant part of the job involves communication – whether it’s sharing ideas or networking with coworkers in your area. Building these connections can greatly enhance your ability to perform and succeed in your role. Problem-solving is another key aspect of software engineering, and it’s something I’ve always enjoyed. While it can be particularly challenging at times, the sense of accomplishment and reward when your efforts pay off is unmatched.Better Data Beats Better Models: The Case for Data Quality in ML
DORA 2025: Faster, But Are We Any Better?
The newest DORA report — the “State of AI-Assisted Software Development” — lands
at a time when AI is eating everything from code generation to documentation to
operations. And just like those early DORA reports reframed speed versus
stability, this one is reframing what AI is actually doing to our software
delivery pipelines. Spoiler alert: It’s not as simple as “AI makes everything
better.” ... Now here’s the counterintuitive part. For the first time, DORA
shows AI adoption is linked to higher throughput. That’s right — teams using AI
are moving work through the system faster than those who aren’t. But before you
pop the champagne, look at the other half of the finding: Instability is still
higher in AI-heavy teams. Faster, yes. Safer? Not so much. If you’ve been around
the block, this won’t shock you. We saw the same thing in the early days of
automation — speed without discipline just meant you hit the wall quicker. ...
Another gem buried in the report is the role of value stream management. AI
tends to deliver “local optimizations” — an engineer codes faster, a test suite
runs quicker — but without VSM, those wins don’t always roll up into business
outcomes. With VSM in place, AI-driven productivity gains translate into
measurable improvements at the team and product level. That, to me, is
vintage DORA. Remember when they proved that culture — psychological safety,
autonomy, collaboration — wasn’t just a warm fuzzy HR concept but directly
correlated with elite performance? Same here. VSM turns AI from a toy into a
force multiplier.
The 5 Technology Trends For 2026 Everyone Must Prepare For Now
In recent years, we've seen industry, governments, education and everyday folk
scrambling to adapt to the disruptive impact of AI. But by 2026, we're starting
to get answers to some of the big questions around its effect on jobs, business
and day-to-day life. Now, the focus shifts from simply reacting to reinventing
and reshaping in order to find our place in this brave, different and sometimes
frightening new world. ... In tech, agents were undoubtedly the hot buzzword of
2025, representing a meaningful evolution over previous AI applications like
chatbots and generative AI. Rather than simply answering questions and
generating content, agents take action on our behalf, and in 2026, this will
become an increasingly frequent and normal occurrence in everyday life. From
automating business decision-making to managing and coordinating hectic family
schedules, AI agents will handle the “busy work” involved in planning and
problem-solving, freeing us up to focus on the big picture or simply slowing
down and enjoying life. ... Quantum computing harnesses the strange and
seemingly counterintuitive behavior of particles at the sub-atomic level to
accomplish many complex computing tasks millions of times faster than "classic"
computers. For the last decade, there's been excitement and hype over their
performance in labs and research environments, but in 2026, we are likely to see
further adoption in the real world.
GreenOps and FinOps: Strategic Convergence in the Cloud Transformation Journey
FinOps, short for “Financial Operations,” is a cultural practice designed to
bring financial accountability to the cloud. It blends engineering, finance, and
business teams to manage cloud costs collaboratively and transparently. The goal
is clear: maximize business value from the cloud by making spending decisions
grounded in data and aligned with business objectives. ... GreenOps, on the
other hand, is all about sustainability in cloud operations. It’s a discipline
that encourages organizations to monitor, manage, and minimize the environmental
footprint of their cloud usage. GreenOps revolves around using renewable
energy-powered cloud resources, recycling or reusing digital assets, optimizing
workloads, and selecting eco-friendly services, all with the aim of reducing
carbon emissions and supporting broader sustainability goals. ... In practical
terms, GreenOps activities such as deleting unused storage volumes, rightsizing
virtual machines, and consolidating workloads not only shrink the carbon
footprint but also slash monthly cloud bills. Thus, sustainability efforts act
as “passive” cost optimizers—delivering FinOps benefits without explicit
financial tracking. ... FinOps and GreenOps aren’t one-off projects but ongoing
practices. Regular reviews, “cost and sustainability audits,” and optimization
sprints keep teams focused.
Rethinking AI’s Role in Mental Health with GPT-5
GPT-5 has surfaced critical questions in the AI mental health community: What
happens when people treat a general purpose chatbot as a source of care? How
should companies be held accountable for the emotional effects of design
decisions? What responsibilities do we bear, as a health care ecosystem, in
ensuring these tools are developed with clinical guardrails in place? ... OpenAI
has since taken steps to restore user confidence by making its personality
“warmer and friendlier,” and encouraging breaks during extended sessions.
However, it doesn’t change the fact that ChatGPT was built for engagement, not
clinical safety. The interface may feel approachable, especially appealing to
those looking to process feelings around high-stigma topics – from intrusive
thoughts to identity struggles – but without thoughtful design, that comfort can
quickly become a trap. ... Designing for engagement alone won’t get us there,
and we must design for outcomes rooted in long-term wellbeing. At the same time,
we should broaden our scope to include AI systems that shape the care
experience, such as reducing the administrative burden on clinicians by
streamlining billing, reimbursement, and other time-intensive tasks that
contribute to burnout. Achieving this requires a more collaborative
infrastructure to help shape what that looks like, and co-create technology with
shared expertise from all corners of the industry including AI ethicists,
clinicians, engineers, researchers, policymakers and users themselves.
No comments:
Post a Comment