Showing posts with label Data Center. Show all posts
Showing posts with label Data Center. Show all posts

Daily Tech Digest - June 28, 2026


Quote for the day:

"Hard work beats talent when talent doesn't work hard." -- Tim Notke

🎧 Listen to this digest on YouTube Music

▶ Play Audio Digest

Duration: 17 mins • Perfect for listening on the go.


Ford learned the hard way that AI can't replace experienced engineers

Ford recently discovered that artificial intelligence cannot substitute for the nuanced judgment of experienced engineers. In an effort to modernize its manufacturing and engineering systems, the automaker integrated AI to accelerate decision making and streamline vehicle development. Executives assumed that automated systems and adjusted design requirements would naturally yield high quality products. However, this approach backfired. As veteran engineers left the company, their undocumented institutional knowledge was excluded from the datasets used to train Ford’s AI models. Consequently, the technology struggled to identify and prevent defects, contributing to quality control issues and leading the industry in vehicle recalls. To resolve these challenges, Ford rehired and promoted over 350 seasoned engineers. Rather than replacing human expertise, AI now serves as a supportive tool. These veteran engineers are currently guiding how data is collected, interpreted, and fed into the AI systems to rebuild a reliable foundation. Furthermore, Ford created a dedicated software quality assurance team and introduced automated AI driven testing to catch defects early in the development cycle. This transition reflects a balanced strategy where the company relies on both advanced computing power and decades of practical automotive experience to prevent problems before they occur.


Where AI meets OT: Cybersecurity for a physical world

Integrating artificial intelligence into operational technology requires a careful approach because, unlike business software, industrial systems have physical consequences. While artificial intelligence offers clear benefits for manufacturing, such as improved maintenance and quality control, it introduces unique risks when connected to machines and factory floors. Industrial environments often rely on older, existing systems and operate on strict schedules with limited downtime, making new technology harder to test and implement safely. Furthermore, software models can become inaccurate over time as physical equipment naturally ages, which means these tools require ongoing checks against actual physical outcomes rather than just historical data. The level of risk also depends on how much control the system has. An advisory tool leaves the final decision to a human, whereas a system that directly alters machinery settings requires far stricter oversight. True human oversight means operators must fully understand the technology's recommendations and know when to override them. Adding these new digital connections also expands the cybersecurity risk, as attackers could manipulate the data feeding the models. Ultimately, these tools hold steady value for industrial operations, but they must be introduced with strong discipline, clear operating limits, and reliable backup plans.


How to Build a Powerful LLM Knowledge Base

Building a knowledge base powered by large language models is a practical, reliable way to store and retrieve your personal or company information, leading to better decision-making and clearer team alignment. To create an effective system, you must start by identifying all your daily information sources, such as meeting notes, project management tools, and coding assistants. The critical step is fully automating the collection process; requiring any manual entry virtually guarantees that valuable context will eventually be forgotten and lost. Once your data is automatically synced into the system on a regular schedule, you can use a coding agent to extract insights. You can do this actively by directly asking your agent questions when you need specific answers. Alternatively, you can configure your agent to passively draw on the knowledge base while it works on routine tasks. This passive retrieval can be managed either through a centralized index file or via an embedding-based search that pulls relevant information as needed. Ultimately, consistently capturing and accessing your unique, everyday context creates a distinct long-term advantage, ensuring that valuable insights are preserved and always ready to assist you in your daily work.


Is the CIO Role Merging Into the Business?

For decades, the role of the Chief Information Officer followed a predictable path, slowly shifting from managing basic operations to supporting broader strategy. However, recent trends indicate that this steady progression is becoming obsolete. The middle ground is collapsing, forcing a clear divide in the profession. On one hand, some leaders remain stuck in traditional management, treating technology as a separate, functional necessity. On the other hand, a new breed of technology executives is emerging as true enterprise operators who share responsibility for revenue and actively shape commercial models. In the most effective organizations, technology is no longer just a supporting layer; it is the central system for making decisions. As companies embed artificial intelligence deeply into their core operations and bring critical capabilities inside the firm, the person leading technology must also architect these decision-making systems. Consequently, the traditional boundary between technology leadership and business leadership is rapidly fading. Instead of simply elevating the position to a more strategic level, the core responsibilities are dissolving directly into the business itself. Ultimately, the future landscape will be defined not by better technology departments, but by whether the conventional title needs to exist at all.


Deep dive: Do underwater data centers make sense?

The article evaluates the practicality of underwater data centers as an alternative to land-based facilities, which struggle with high energy consumption and space limitations. Traditional data centers use tremendous amounts of power, largely just to keep servers cool. Submerging these facilities allows companies to use the ocean as a natural cooling system, significantly reducing energy requirements. Beyond energy savings, placing data centers offshore brings them closer to coastal populations. This proximity shortens the distance data travels, leading to faster loading times for end users. Research also indicates that underwater servers are surprisingly reliable. Because they are sealed in a nitrogen-rich environment without human foot traffic or temperature swings, hardware fails much less frequently. Despite these benefits, the underwater model has distinct disadvantages. Routine maintenance is virtually impossible; broken servers cannot be quickly swapped out. Furthermore, researchers are still studying how the continuous release of heat might alter local marine ecosystems. There are also valid concerns regarding the physical security of underwater cables. While the approach provides clear advantages in efficiency and speed, these formidable logistical and environmental challenges complicate the decision of whether underwater data centers are a sensible long-term investment.


5 T-SQL features that should already exist (2026 SQL Server wish list)

In a recent article by Edward Pollack on Simple Talk, the author reflects on the state of Microsoft SQL Server in 2026 and outlines five practical features he believes should be natively supported in T-SQL and the platform. While SQL Server remains a highly mature database system, Pollack highlights specific areas where daily tasks for developers and database administrators could be made far more efficient. First, he argues for the native ability to import data from compressed file formats, specifically Apache Parquet, which would eliminate the need to deal with cumbersome plain text files like CSV. Second, he requests native support for arrays, providing a straightforward alternative to using text strings or XML to store lists of values. Third, he advocates for an "OVERLAPS" function to simplify complex date logic into a single line of code. Fourth, Pollack points out that the current licensing model is overly complicated and suggests it should be as transparent as the monthly estimates provided for Azure SQL. Finally, he suggests expanding cloud blob storage integration so that files and scripts can be managed centrally in the cloud rather than on local drives.


Shaping a lasting AI strategy in a fast-changing world

As artificial intelligence becomes a standard tool in business, simply having access to the technology is no longer enough to stand out. Because most companies will use the same core platforms and models, a well-defined strategy is what will truly set an organization apart. The current landscape is marked by more capable and affordable systems that act as helpful assistants rather than outright replacements for human workers. Development teams are already showing how humans and these tools can work together effectively. To succeed, leaders need to shift their focus from the technology itself to how it supports their long-term goals over the next three to five years. This requires answering difficult questions about the company's future direction, understanding current weaknesses, and identifying the specific skills needed for tomorrow. Decision-makers must also practice restraint, choosing a few reliable platforms and focusing on clear priorities rather than chasing every new trend. By thoughtfully integrating these tools into daily workflows and supporting human decision-making, businesses can improve their customer experience and operations. Ultimately, the tools are just the vehicle; a steady, clear strategy is the route that determines long-term success.


The Unglamorous Side of Rust Web Development

In 2026, Rust remains a powerful choice for web development, offering excellent performance and safety. However, developers still face notable friction before their code even compiles. The current ecosystem often requires teams to assemble their own setups from scratch, lacking the complete, ready-to-use frameworks seen in other programming languages. Several specific challenges slow down the daily development process. Asynchronous programming in Rust provides great flexibility, but it complicates debugging and creates lengthy, hard-to-read error traces. Database management is another hurdle, as developers frequently have to write and maintain the same database structure in multiple places instead of using a single unified approach. Additionally, error handling across different tools remains inconsistent. The heavy reliance on generated code and complex type systems significantly increases compilation times, making it harder for developers to test small changes quickly. Despite these hurdles, the community is actively working on solutions. New frameworks are emerging to provide more complete starting points and reduce repetitive setup tasks. Ultimately, while Rust requires a larger initial investment of time and effort compared to simpler alternatives, its long-term reliability and speed make it a sensible choice for projects where stability is a core requirement.


The AI Agent Tech Stack Explained

The article outlines the seven fundamental layers required to build and deploy functional artificial intelligence agents. It moves beyond basic models to explain the complete technical infrastructure needed for real-world applications. The guide begins with the foundation model, which acts as the central brain for reasoning. The second layer is the orchestration framework, serving as a nervous system to manage actions and control flow. Next, the third layer covers memory systems that provide essential context by tracking working, episodic, semantic, and procedural information. The fourth layer focuses on vector databases and document retrieval, allowing agents to access private information securely. The remaining layers detail tool integrations for performing outside actions, observability platforms for monitoring performance, and the final deployment infrastructure necessary for hosting. By breaking down the architecture into these distinct components, the text clarifies that successful systems rely heavily on a well-connected technology stack rather than just a single language model. It provides a clear, practical roadmap for software engineers and technical leads who want to understand how to assemble these exact pieces, whether they are building a simple prototype or scaling an application for production.

A Case for a Human-Centric AI Legislative Framework in India

In "A Case for a Human-Centric AI Legislative Framework in India," the author argues that India’s current approach to governing artificial intelligence is insufficient for protecting its citizens. While the Ministry of Electronics and Information Technology recently suggested relying on existing laws and self-regulation to foster innovation, the article points out that AI is fundamentally different from traditional software. Because AI programs operate as highly complex systems, relying on outdated frameworks like the Information Technology Act leaves users vulnerable to fraud, manipulation, and bias. Furthermore, the author critiques recent amendments for placing unreasonable takedown burdens on tech companies without providing clear state-defined guardrails. By comparing India’s strategy with the European Union’s user-focused risk models and China’s strict algorithm rules, the article advocates for a new Artificial Intelligence Regulation Act. This proposed legislation would introduce a risk-based grading system, establish an independent AI ombudsperson, and mandate transparency in training data. It even suggests giving citizens a copyright over their own faces to prevent unauthorized data usage. Ultimately, the piece makes a strong case that responsible innovation requires specific, human-centric laws to ensure safety and accountability for all users today.

Daily Tech Digest - June 25, 2026


Quote for the day:

“If we are growing, we are always going to be out of our comfort zone.” -- John C. Maxwell

🎧 Listen to this digest on YouTube Music

▶ Play Audio Digest

Duration: 22 mins • Perfect for listening on the go.


When IT loses sight of enterprise low-code

When information technology departments lose oversight of low code development, organizations often face significant operational risks. Low code platforms are designed to let everyday employees build applications quickly, which can improve efficiency and solve immediate business problems. However, without proper technical supervision, this newfound freedom can lead to a heavily fragmented digital environment. Employees might create software that handles sensitive data without following standard security protocols, exposing the company to serious breaches and costly compliance failures. Furthermore, these independently built applications often overlap in function, creating unnecessary complexity and increasing ongoing maintenance costs. When employees eventually leave the company, the specialized tools they built can easily become unsupported and difficult to fix, leaving critical business processes vulnerable to disruption. To effectively manage these persistent challenges, technical teams must maintain a strong guiding role in all low code initiatives. By establishing clear rules and providing structured, reliable support, IT can help employees build useful tools safely. This collaborative approach ensures that new applications integrate smoothly with existing systems and adhere strictly to company standards. Ultimately, balancing employee autonomy with technical oversight allows businesses to benefit from faster software creation without compromising their security, stability, or long term operational health.
The article outlines a theoretical framework and engineering approach known as Observer-Patch Holography, which treats the physical world as a highly structured, interactive system rather than a static container. According to this framework, fundamental elements like space, time, and gravity are not absolute background features but emergent properties that arise from the consistency between different observational perspectives. By understanding the underlying mechanics of this shared reality, the author argues that it is possible to interact with the universe much like a hardware program. The core thesis is that reality can be directly manipulated by exerting control over small, bounded physical areas called patches. Engineers could theoretically use specialized devices to adjust boundary data and stabilize these patches into desired states. This process allows them to effectively rewrite the local rules of physics by managing how information and observations synchronize. Specifically, the engineering note proposes that this method of hacking reality provides a practical, low-cost pathway for achieving localized control over gravity and inertia. By manipulating the consensus of information at a micro-level, engineers could produce macroscopic effects, potentially paving the way for advanced technologies like hoverboards and hoverbikes.


Choosing your AI stack: The benefits of vendor lock-in

In the past, IT departments could easily mix and match different hardware and software, but modern artificial intelligence systems require a different approach. Because AI demands immense computing power, technology providers now build hardware and software that work strictly together to maximize efficiency. This tight integration means organizations must commit to complete ecosystems rather than choosing individual components, leading to a modern form of vendor lock-in. While switching platforms might seem simple on paper, it brings serious hidden costs, including wasted engineering effort, deep system dependencies, and poor timing during critical growth phases. As a result, IT leaders need to shift their perspective. Instead of viewing vendor lock-in as a failure to avoid at all costs, they should see it as a strategic choice that can deliver a crucial performance advantage. The most effective organizations understand that openness is not always better than lock-in. They treat platform commitment as a dynamic issue, weighing where raw performance matters most against where flexibility is needed. True leaders do not run from vendor lock-in; they carefully decide when to embrace it, limit it, or move past it before market pressures force their hand.


Why CIOs should be prioritising stability as the foundation for transformation

As local governments face significant structural changes and reorganizations, chief information officers often feel pressured to use the opportunity for immediate, widespread digital overhauls. However, this approach can be risky. The real priority during these transitions must be operational stability. When a new authority takes over, residents expect basic services, like trash collection and benefit processing, to continue working exactly as they did before. Managing technology in local government is already complicated by older systems and disjointed applications. Merging these environments adds another layer of difficulty. Instead of rushing to rebuild every system or process right away, technology leaders should focus on keeping current operations running smoothly. A practical first step is to map out how services actually function today, identifying where delays or manual tasks exist. This clear understanding allows teams to stabilize the foundation and maintain service continuity. By prioritizing resilience and control, councils can reduce the risk of service failures during the transition. Once the foundational systems are secure and the new organizational structure is clear, leaders will have the breathing room needed to implement thoughtful, long-term improvements. Success comes from stabilizing first, then changing at a measured pace.


Cybersecurity is no longer about protection. It’s about survival

Cybersecurity strategy must evolve from a mindset of pure prevention to one focused on organizational survival. While traditional defenses like firewalls, multi-factor authentication, and patching remain necessary, relying solely on keeping attackers out is no longer a realistic strategy in an era where breaches are inevitable. The rapid advancement of artificial intelligence and the increasing complexity of supply chains have dramatically expanded the attack surface, meaning defenses will eventually fail. Therefore, the core objective of modern security is to ensure an organization can continue to function during and after an attack. This shift requires a deep commitment to resilience, business continuity, and rapid recoverability. True security means knowing precisely which systems are critical, isolating the impact of a breach, and having a tested plan to rebuild cleanly. Furthermore, this survival approach cannot be confined to the IT department. It demands active involvement and clear accountability from the board, executive leadership, legal, engineering, and human resources. Ultimately, an organization that collapses the moment its protective walls are breached was never truly secure. Success is now defined by the ability to absorb systemic shocks and recover quickly.


The uptime questions every engineering leader should ask this week

In a recent interview, Mattias Geniar, CTO at Oh Dear, discusses practical strategies for preventing system outages and improving uptime. He observes that engineering teams often monitor isolated metrics and absolute numbers, which leads to alert fatigue and unnecessary middle-of-the-night wake-up calls. Instead, he advises monitoring actual user outcomes—such as the ability to log in or complete a purchase—and establishing baselines to detect meaningful changes over time. Geniar highlights that while front-facing issues are easily tracked, sudden outages frequently stem from unmonitored internal DNS misconfigurations and expired TLS certificates buried deep within complex systems. To manage reliance on third-party vendors, he recommends developing clear failover alternatives to contain the impact of external failures. He cautions that tired engineers are highly prone to making mistakes during late-night incident responses. To mitigate this risk, recovery processes must be thoroughly tested until they become entirely routine and predictable. Finally, Geniar urges leaders to ask their teams direct questions to uncover hidden vulnerabilities. This includes identifying the most fragile infrastructure, ensuring backups are fully tested by actually restoring them, confirming that monitoring catches errors before customers do, and removing dependencies on a single indispensable team member.


Bridging the Divide: How Data Centers Are Addressing Community Concerns

As the development of data centers accelerates to unprecedented scales, developers are facing increased scrutiny from local municipalities and residents. Communities are raising valid concerns regarding the substantial impact these facilities have on power grids, water resources, and local infrastructure. In an era of high inflation and rising utility bills, residents are particularly skeptical of tech companies receiving large tax incentives while household expenses continue to climb. Recognizing these tensions, industry leaders are acknowledging that their traditional approach of operating quietly behind the scenes is no longer effective. Instead, they must proactively engage with the public to dispel misinformation and highlight the tangible benefits these facilities offer, such as high-paying union jobs, infrastructure improvements, and increased tax revenues. However, developers also point to significant challenges, including slow permitting processes and outdated zoning laws that struggle to accommodate modern, large-scale projects. Moving forward, overcoming this divide will require a coordinated effort. Developers, policymakers, and government entities at all levels must collaborate to create cohesive regulations, streamline development processes, and ensure that new projects deliver clear, measurable value to the communities that host them.


AI security doesn’t require a brand-new architecture

The rapid adoption of artificial intelligence brings new security challenges, from rogue applications to invisible software agents, but keeping your organization safe does not require building a completely new architecture. Instead of looking for magical fixes, security experts suggest returning to core fundamentals like granting minimal access and designing systems securely from the start. Rather than blocking AI adoption out of fear, companies can build on their existing tools to detect threats and manage access rights in real time. Because attackers now use automation to find network flaws instantly, defenders must also use artificial intelligence to quickly identify and isolate vulnerabilities before permanent patches are ready. At the same time, internal policy approval needs to speed up; waiting several weeks for permission is simply no longer practical. By writing policies directly into the system code, organizations can safely match the pace of modern technology. Employee education also remains vital, requiring clear guidelines on how to interact with new tools responsibly. Finally, keeping costs manageable is a critical part of a safe deployment. By using existing platforms and combining cloud resources with local hardware, companies can effectively protect both their data and their budgets.


Beyond CLEAN and MVP: Architecting an Offline-first Reactive Data Layer in Android

The provided article introduces the Reactive Data Layer Architecture (RDLA), a practical approach designed to improve data management in Android applications. Traditional structures, such as Model-View-Presenter and Clean Architecture, often create unnecessary complexity or struggle with the continuous updates required by modern mobile interfaces. RDLA addresses these challenges by establishing the local device storage as the single, reliable source of truth. Instead of forcing the user interface to request data repeatedly, RDLA uses a continuous stream that automatically pushes updates to the screen whenever the underlying data changes. This design is particularly useful for applications that must function without an internet connection, such as health tracking tools. When a user makes a change, the application instantly updates the local interface while silently scheduling the network synchronization in the background. By relying on tools built into the Android system, these background tasks are guaranteed to finish even if the user closes the app. Furthermore, RDLA simplifies the testing process. It separates the database and network configurations, allowing engineers to verify their core logic without relying on fragile mock setups. Ultimately, this architecture provides a more reliable foundation for complex mobile applications.


Agentic AI Security: Wrong Context, Wrong Decisions at Machine Speed

The effectiveness of automated artificial intelligence in cybersecurity fundamentally depends on the quality of its context. While organizations are looking to these advanced systems to manage the rapid volume of modern threats, these tools can only make accurate decisions if they possess a complete and updated view of the environment. When fed incomplete or inaccurate data, the artificial intelligence will make incorrect decisions at machine speed, carrying out flawed actions with unwavering confidence. Security leaders caution that any automation system lacking verified context is simply a faster way to make widespread mistakes. For instance, an automated security operations center might shut down a critical device to isolate a threat, completely unaware of the disastrous business impact because it lacked the broader operational context. Given these significant risks, experts suggest that artificial intelligence is not yet mature enough for fully independent action. Instead of allowing the system to execute automated responses, the current best practice involves using it to quickly gather relevant context across various security tools and provide clear, reasoned recommendations. Ultimately, human experts must remain in the loop to make final decisions until context gathering methods become significantly more reliable over time.

Daily Tech Digest - June 21, 2026


Quote for the day:

“Any architecture that is too complex to explain is probably wrong.” -- Martin Fowler

🎧 Listen to this digest on YouTube Music

▶ Play Audio Digest

Duration: 20 mins • Perfect for listening on the go.


Compliance Without Chaos In Modern Delivery

Treating compliance as a sudden, stressful emergency before an audit is both painful and unnecessary. Instead of bolting rules onto the very end of software delivery, engineering teams can build straightforward checks directly into their daily routines. When you integrate requirements into the tools developers already use, the process stops feeling like an obstacle course. By tying approvals to code reviews and enforcing standards through automatic checks, your regular deployment systems naturally generate all the proof an auditor needs. This approach removes the need to hunt down scattered evidence across chat logs and spreadsheets, turning documentation into an automatic background task. Furthermore, managing system permissions carefully and continuously monitoring critical settings helps keep minor oversights from escalating into major incidents. Preparing for reviews should look much like preparing for a standard software update, relying on simple, repeatable checklists rather than frantic last-minute efforts. Ultimately, compliance works best when it functions as a shared operational habit across every department. By making security guidelines clear, practical, and automated, teams can maintain momentum while turning complex audits into routine, minor administrative checks.


SDLC Data Governance Critical as AI Systems Outpace Human Oversight

As artificial intelligence rapidly accelerates the pace of software development, engineering teams face a growing challenge in overseeing vast changes made with minimal human involvement. With AI systems now capable of independently writing thousands of lines of code, running tests, and deploying product features overnight, traditional manual reviews are no longer practical or safe. This shift requires organizations to move away from treating governance as a slow, end-of-process afterthought. Instead, they must build active controls directly into the software delivery pipeline. Currently, a significant gap exists because many companies lack the automated audit trails needed to track these autonomous activities, creating serious compliance and security vulnerabilities. To address this, organizations must establish systems that enforce policies and validate code at the exact moment it is generated. This approach demands a clear focus on traceability and explainability, ensuring that every automated decision can be clearly understood and audited. As a result, software engineers are evolving from daily implementers into strategic orchestrators who manage and direct these pipelines. Success ultimately depends on fostering a culture of shared responsibility across departments to ensure that autonomous delivery remains fully accountable and easy for humans to monitor.


Agentic AI’s challenge is getting agents to act like a team, not a crowd

Adding more artificial intelligence agents to a company does not automatically improve operations; in fact, uncoordinated agents can create confusion and conflicting decisions. As businesses expand from single experimental tools to multiple agents working across departments like finance and supply chain, the main obstacle is getting these units to cooperate. To solve this, companies need a central coordination system that acts as a manager. This system relies on four key functions: distributing tasks appropriately, maintaining a shared memory so all agents access the exact same data, enabling instant communication during unexpected events, and providing strict safety and compliance oversight. When agents share a single version of the truth, operations run much smoother. For example, connected systems can automatically identify and fix IT issues, noticeably reducing downtime. However, significant hurdles remain. Organizations struggle with fragmented and poor-quality data, which inevitably leads to flawed automated decisions. Furthermore, balancing automated freedom with necessary human judgment on sensitive or high-risk matters continues to be difficult. Ultimately, the true value of multi-agent systems relies entirely on the strength of their shared infrastructure rather than the sheer number of agents deployed.


When Everyone Uses AI, Companies Risk Losing Critical Skills

As companies adopt artificial intelligence for everyday tasks, they face a quiet but serious risk: losing the essential human skills that keep their businesses strong. When employees rely on technology to write reports, analyze numbers, and solve standard problems, they miss out on the daily practice required to build deep expertise. Traditionally, junior staff develop intuition, critical thinking, and sound judgment by working through basic, practical assignments. By handing these core learning opportunities over to automated systems, organizations accidentally break their internal development paths. Over time, a company's shared knowledge can fade, leaving future managers without the practical foundation needed to judge automated answers or steer the business through unexpected crises. To prevent this talent gap, executives must rethink how daily work and professional growth fit together. Instead of focusing only on immediate speed and cost savings, leaders need to deliberately create moments where staff are forced to practice independent reasoning. Companies must protect their core capabilities by treating technology as a helpful assistant rather than a complete replacement for human thought. Ultimately, true resilience comes from capable people who know how to think for themselves.


The Attack Surface Your Security Team Isn’t Governing Yet

The rapidly rising use of artificial intelligence agents introduces a growing attack surface that standard security tools cannot effectively monitor. While security teams have historically focused on managing human users, machine accounts now outnumber them and create severe vulnerabilities. Unlike regular human users who log in, complete a specific single task, and leave a simple audit log, these autonomous agents operate continuously across multiple systems at once. They make independent decisions and link tasks together in ways that older software cannot track. To maintain control, organizations must move beyond basic identity management, which only asks who has access, and focus instead on tracking the actual actions these software agents perform. Adding these controls after the systems are already live is a failing approach, because the behavior is too complex to untangle later. Security leaders must build clear rules and full visibility directly into the core infrastructure from the very beginning. By creating permanent, reliable records of every single action an agent takes, companies can protect their sensitive data and easily provide concrete proof of safe operation to external regulators, board members, and internal executive leadership teams.


We Had a Perfectly Good Data Store. That Was the Problem

In this article, a data engineering professional shares the realization that recurring data quality issues are often architectural flaws rather than problems with the information itself. When an organization faces constant complaints about late or incorrect data, engineers usually waste time fixing symptoms instead of addressing the underlying cause: forcing an operational database to serve analytical users. To solve this, the team successfully migrated reference data from MongoDB to a governed platform without replacing the original database. Their approach relied on three major decisions: retaining MongoDB as the definitive source of truth, consolidating four independent extraction pipelines into a single path using Kafka and Iceberg tables on S3, and treating published data as a clear product. This effectively separated data truth, transport, and consumption into distinct layers. Interestingly, the primary hurdles during this transition were not technical pipeline components, but rather social and organizational friction. Overcoming disagreements around data ownership, naming conventions, and searchability proved to be the most demanding part of the process, demonstrating that a successful architecture relies just as much on clear human alignment as it does on the underlying software.


How Application Control Engines Support Zero Trust Security Strategies

This article explains how application control engines serve as a foundational enforcement layer within a zero-trust security architecture. Traditional workplace security practices often assume that software initially installed by internal IT departments is inherently safe. In contrast, zero-trust strategies reject this premise, operating under a default-deny rule where no software is trusted automatically. An application control engine translates this philosophy into technical enforcement by dictating exactly what programs can run, how they operate, and what data they can access. Crucially, the engine does not just evaluate applications at the time of installation; it continuously monitors their behavior in real time during execution. This ongoing runtime oversight is vital for stopping sophisticated threats, like fileless attacks, that hijack legitimate, pre-approved software to bypass traditional filters. By establishing centralized policy management, these engines ensure consistent rules across an entire network, which also simplifies compliance with major regulatory frameworks and cyber insurance mandates. Ultimately, integrating an application control engine moves an organization away from fragile assumptions of trust, replacing them with a reliable, data-driven system of continuous verification that protects software at the execution layer.


Metal-to-agent is the foundation of scalable enterprise AI

As artificial intelligence usage expands rapidly inside enterprises, relying entirely on metered external cloud services is becoming financially unsustainable. Red Hat chief technology officer Chris Wright argues that organizations must transition from renting outside models to operating their own internal computing infrastructure. To solve this, the company proposes a unified framework that connects raw physical hardware directly to automated software assistants. This layered setup organizes the technology stack into five distinct tiers: a stable operating system that shares expensive processors efficiently, an optimized delivery tier that speeds up response times, a central control gateway that enforces usage limits and prevents system overloads, a secure management hub for software agents, and a flexible hardware base that avoids strict vendor dependency. Wright notes that because open source models are advancing fast enough to match major commercial options in a matter of months, signing rigid contracts with a single provider is a dangerous gamble. By adopting a platform run entirely on their own servers, businesses maintain the freedom to choose the best tool for each job, keeping operating expenses predictable while ensuring sensitive company data remains strictly protected.


Why resilient data centres are built, not just designed

In this article, the author explains that true data centre resilience cannot merely exist on paper; it must be proven through careful, real-world execution. While power distribution plans often look flawless during the design phase, the actual construction and implementation introduce significant practical challenges. A major hurdle involves working within live operational environments, where upgrades or expansions must occur without interrupting existing services. This requires meticulous coordination, detailed risk assessments, and precise sequencing, particularly when working near energized systems. Furthermore, electrical setups are deeply tied to critical mechanical components like cooling systems, which often consume a massive portion of the facility's total energy. Misalignment between these teams during installation can create serious operational risks. Long-term success also depends heavily on high-quality commissioning and thorough documentation to ensure the infrastructure remains fully maintainable over time. Ultimately, as growing demands from digital services and artificial intelligence put more pressure on infrastructure, building a reliable facility requires an understanding of how systems interact under real conditions. True resilience is not just an abstract concept; it is something that must be built, tested, and verified on-site.


5 Strategies for Reinforcing Supply Chain Cybersecurity

As digital tools become deeply integrated into manufacturing, interconnected supply chains face greater exposure to online threats. A single breach at an outside supplier can halt operations, compromise private data, and create severe legal liabilities. To secure these systems, companies can adopt five straightforward practices. First, monitoring early threat indicators helps teams spot and block minor attacks, such as phishing schemes targeting smaller vendors, before they hit main production lines. Second, businesses should build and regularly practice an incident response plan that covers traditional computer networks as well as physical factory equipment. Third, digital security must be built into new technology from the very beginning rather than added as a quick fix later. Fourth, executives must encourage open cooperation across all internal departments, ensuring that legal, purchasing, and factory operators share responsibility instead of working alone. Finally, organizations need a thorough oversight program for their external contractors, relying on upfront evaluations, clear contract rules, and routine audits. Treating defense as a normal part of daily operations allows manufacturers to grow safely while keeping their essential infrastructure running smoothly without sudden disruption.

Daily Tech Digest - June 20, 2026


Quote for the day:

"Outstanding leaders go out of their way to boost the self-esteem of their personnel." -- Sam Walton

🎧 Listen to this digest on YouTube Music

▶ Play Audio Digest

Duration: 21 mins • Perfect for listening on the go.


Why AI coding debt is different

The rapid adoption of artificial intelligence in software development is generating an entirely new challenge: cognitive debt. Unlike traditional technical debt, which usually involves poorly written or messy code, cognitive debt arises when software works perfectly but no human understands exactly how or why it was built. Because AI tools generate code at unprecedented speeds, developers often bypass the crucial, slower process of thinking through specific scenarios and internalizing the underlying logic. Furthermore, many AI tools operate without essential background knowledge, such as past design choices or specific security rules, resulting in code that may function in isolation but lacks overall coherence. To prevent this accumulation of invisible debt, organizations must shift their focus from merely generating code to rigorously checking it. This involves building strong internal practices that provide AI with necessary historical knowledge before it writes a single line. Most importantly, engineering teams must establish strict human ownership, ensuring a developer takes the time to thoroughly review and comprehend the final product. By balancing the speed of AI generation with careful oversight and deep understanding, companies can maintain healthy, reliable systems without sacrificing their future stability or falling into irreversible complications.


Why Every CISO Needs a Head of AppSec in the Age of Vibecoding

The rise of AI-assisted software development has drastically increased the speed at which code is generated and deployed. While this shift enhances developer productivity, it also introduces subtle flaws and misconfigurations at a scale that outpaces traditional security measures. For a Chief Information Security Officer (CISO), directly overseeing application security is no longer practical. To maintain control without slowing down engineering, organizations must introduce a dedicated Head of Application Security. This role acts as a vital bridge between the security and development teams, turning abstract vulnerabilities into clear, actionable fixes that fit naturally into everyday workflows. Instead of treating security as a roadblock, a capable Head of Application Security enables developers to build safely and efficiently. Furthermore, while automated tools handle known issues, this leader ensures human testers remain focused on uncovering complex attack paths that machines miss. By delegating the daily operational details of application security to a specialized leader, the CISO can step back and focus on broader risk management and strategy. Ultimately, restructuring security leadership is essential for companies wanting to build software quickly without taking on unmanaged risks.


A perfect storm: data centers and tornadoes

The article examines the growing collision between data center expansion and the rising threat of tornadoes. As the demand for digital infrastructure pushes these vital facilities into regions known for volatile weather patterns, operators face a complex challenge. The piece highlights that relying on standard commercial building practices is no longer sufficient to protect critical hardware and ensure uninterrupted operations. Instead, modern data centers must incorporate specialized physical hardening from the ground up. This involves constructing reinforced concrete walls and specialized roofing designed to withstand extreme wind speeds and dangerous flying debris. Beyond structural defenses, the analysis strongly emphasizes the necessity of implementing comprehensive disaster recovery strategies. A key component is building geographic redundancy into the network architecture, ensuring that if one specific facility goes offline, other locations can seamlessly manage the computing load. Maintaining reliable backup power generation and secondary cooling systems is also essential to survive the immediate aftermath of a storm when local utility grids fail. Ultimately, securing digital assets against nature's unpredictability requires a steady, proactive approach, blending structural engineering with thorough contingency planning to keep essential services running smoothly.


OT vs IT Security: Key Differences Explained for Controls Engineers

Operational Technology (OT) security and Information Technology (IT) security serve different purposes and operate under distinct priorities. While IT security safeguards corporate data networks with a primary focus on keeping information confidential, intact, and available, OT security protects industrial control systems like programmable logic controllers and manufacturing lines. Because a failure in these industrial environments can lead to damaged equipment or physical harm, OT flips the traditional model to prioritize availability and safety above all else, often minimizing confidentiality. A major challenge for controls engineers is that standard IT practices do not easily transfer to the plant floor. For example, you cannot simply update an industrial controller the way you patch a laptop. These devices require uninterrupted operation, rigorous testing, and strict vendor approvals, making routine updates costly and disruptive. Furthermore, as enterprise networks increasingly connect with industrial systems to share data—a trend known as IT/OT convergence—traditional boundaries disappear. This connectivity introduces new vulnerabilities to legacy equipment that was never designed for modern internet threats. Bridging this gap requires careful network segmentation and a shared understanding between IT departments and plant engineers to keep production running safely.


AI Governance vs Data Governance: Why They Need Opposite Approaches

The article highlights the distinct but complementary needs of data and artificial intelligence governance within modern organizations. It points out that traditional data management programs often fail within their first year because they rely on rigid, centralized control that internal teams actively resist. To succeed, these data initiatives must instead link directly to specific business goals and decentralize their efforts across departments. Conversely, managing artificial intelligence requires the exact opposite organizational approach. Because AI development usually begins in isolated, scattered teams, it actually requires a centralized strategy to mature effectively and deliver consistent value. To resolve this structural tension, the text advocates for an adaptable framework that thoughtfully balances central standards with flexible, everyday execution. This method adjusts the level of control based on the organization's maturity and the specific risks involved in each project. Furthermore, the rapid adoption of modern AI tools demands a renewed focus on unstructured information, such as plain text documents, which is inherently harder to organize than traditional databases. Companies are strongly advised to systematically discover, tag, and connect this unstructured information to ensure their automated systems remain reliable and safe for long-term enterprise use.


Security considerations for adopting Claude Code and Cowork for SMBs

When small and medium-sized businesses decide to adopt AI tools like Claude, security leaders must carefully balance rapid deployment with essential safety measures. The primary step is understanding the specific plan your organization requires, as advanced security features like single sign-on and compliance tools are restricted to higher-tier subscriptions. Rather than granting broad access, it is safer to control your exposure by selectively assigning licenses for different products—such as Chat, Code, or Cowork—based on actual employee needs. As you introduce these tools, avoid turning on every feature at once. Instead, evaluate the risks of each capability and roll them out gradually. Features like web search or automated skills introduce vulnerabilities, making strict management of API keys and data access critical. Limit the number of people who can generate administrative keys to maintain tight control. Additionally, remember that you cannot outsource your data governance. It is your responsibility to monitor what information flows into the system and verify the accuracy of what comes out. By relying on a phased approach and leveraging existing security vendors, you can confidently integrate new technologies while keeping your business secure.


Every AI Agent Is an Identity. Most Organizations Don't Treat Them That Way

As AI agents evolve from simple productivity tools into powerful actors that can trigger workflows, write code, and update records, they are effectively becoming new digital identities within enterprise networks. However, most organizations are failing to secure them as such. According to the article, security teams traditionally focus on managing the identities of human employees and service accounts, leaving AI agents largely ungoverned. These agents are frequently connected to critical business platforms like Salesforce, GitHub, and production databases, often receiving overly broad permissions just to ensure they work smoothly. This creates a sprawling network of hidden actors with high levels of system access. While much of the AI security conversation has centered on software risks like bad prompts or incorrect outputs, the greater threat lies in what these tools can actually access. An overprivileged AI agent compromised by a malicious plugin can become a dangerous pathway for major data theft or system damage. To safely adopt AI technology, organizations must start treating AI agents exactly like standard network identities. This requires continuous tracking, strictly restricting their permissions to match their exact purpose, and systematically applying the same exact security rules used for human employees.


CIOs: tear down the wall between resilience and data security

For years, organizations have treated keeping systems online and keeping data safe as two separate jobs handled by different teams. However, the rapid adoption of artificial intelligence is proving that this separation is no longer practical. Rather than creating entirely new problems, AI is exposing existing flaws in how companies manage their files and information. When employees use AI assistants, these tools can easily find and share old or sensitive documents that were left unsecured, revealing a severe lack of basic organization and control. To solve this, technology leaders must unite their safety and system recovery efforts. First, companies need to understand exactly what information they have, where it lives, and who should see it before they roll out new tools. Second, they must use automated systems to manage rules and access, because human review simply cannot keep up with the speed of automated requests. Finally, businesses must clearly track what automated programs are doing and why, to ensure they meet future legal standards. Ultimately, attempting to block these new tools will fail. Instead, leaders must safely guide their use by building a unified, trustworthy foundation.


France and Germany Boost Digital Sovereignty Push

France and Germany are strengthening their commitment to European digital sovereignty through a coordinated approach and substantial new funding. To reduce reliance on foreign technology, the French government announced an initial 13 billion euro investment fund, expected to grow to 15 billion euros by the end of the year, aimed at supporting domestic and regional technology firms. Institutional investors, including aerospace and defense partners, are backing this initiative. Half of the capital is dedicated to deep technology sectors such as artificial intelligence, quantum computing, biotechnology, and space exploration. This focus on artificial intelligence is particularly timely given recent United States export controls that restricted European access to advanced models from companies like Anthropic. These restrictions have intensified demands for regional self-sufficiency and highlighted the strategic importance of European developers like France's Mistral AI. The new funding represents the third phase of a broader effort to close the financing gap for scaling tech businesses in the region. Although Germany previously approached such initiatives with caution, shifting geopolitical dynamics and concerns over the reliability of American technology services have united the two nations in their drive to secure technological independence.


Data Observability: Guidance for Data Leaders

Many organizations struggle to ensure their artificial intelligence systems receive reliable information. Although experts recognize the necessity of tracking data as it moves through systems, many leaders still treat this practice as a future goal rather than an immediate requirement. Without a clear view into their data systems, companies are left guessing whether their information is accurate and safe to use. As artificial intelligence shifts from simply providing answers to taking independent actions, relying on guesswork is no longer acceptable. Information pathways are becoming increasingly complicated, making it easier for mistakes to happen or for incorrect details to reach the wrong destination. Proper oversight helps address these complications, including the growing challenge of fragmented systems. Fundamentally, observing your data means proving that the right information arrives exactly when and where it is needed. This practice requires finding and fixing errors before they impact the business. Instead of merely checking if a system is turned on, organizations must validate that the information flowing through it is completely trustworthy. By maintaining a continuous, clear view of their data, organizations can confidently support their advanced technologies and ensure reliable outcomes.

Daily Tech Digest - June 17, 2026


Quote for the day:

"The most difficult thing is the decision to act, the rest is merely tenacity." -- Amelia Earhart

🎧 Listen to this digest on YouTube Music

▶ Play Audio Digest

Duration: 25 mins • Perfect for listening on the go.


The Rise of Agentic Internet

The internet has reached a significant milestone where automated web traffic now exceeds human activity. According to recent data, bots currently account for over fifty percent of all internet traffic, crossing this threshold much earlier than industry experts had predicted. This shift is primarily driven by the rapid emergence of autonomous artificial intelligence agents. Unlike older, simple programs or connected devices that only follow rigid instructions, these new agents possess true autonomy. They interpret user intent, adapt to context, and make independent decisions without needing constant human guidance. As a result, autonomous software traffic has experienced exponential growth over the past year. A major area affected by this change is how we search for information. Traditional search engines that return simple lists of links are being replaced by conversational interfaces. When a person asks a complex question, the software dispatches numerous agents to visit hundreds of pages, synthesize the data, and return a complete answer. Because a single human request can generate thousands of automated web actions, we are entering a new era where machines discover information, evaluate options, and execute tasks on our behalf.


Building data centers in space is an intriguing idea on paper, but major engineering challenges must be solved

The proposal to establish data centers in space presents a captivating concept that aims to address the growing energy and cooling demands of our digital infrastructure. By positioning servers outside of Earth's atmosphere, we could theoretically harness constant solar energy and utilize the natural vacuum of space to simplify heat management. While this idea appears promising on paper, it faces significant engineering and logistical hurdles that currently make it impractical. A primary obstacle is the immense difficulty and cost associated with launching and maintaining complex hardware in orbit. Unlike terrestrial facilities, space-based data centers would require specialized, radiation-hardened equipment to withstand the harsh orbital environment, including extreme temperature fluctuations and debris impacts. Furthermore, servicing or upgrading these systems would be exceptionally difficult, requiring sophisticated robotic interventions or costly human missions. There is also the critical issue of signal latency; transmitting data between Earth and space-based servers introduces delays that could disrupt many time-sensitive applications. While the idea reflects creative thinking regarding future infrastructure needs, these formidable technological and economic constraints must be thoroughly addressed before such a project could realistically transition from an interesting theoretical model to a functional reality.


Firms pursue continuous identity in push to meet agentic paradigm shift

The cybersecurity industry is rapidly evolving to address the growing presence of artificial intelligence programs operating autonomously within corporate networks. As organizations increasingly rely on these automated tools, traditional security systems built exclusively for human users are no longer sufficient. To resolve this, major technology firms are developing continuous identity verification systems that monitor and secure both human and machine activities simultaneously. Recently, a new company called NewCore secured significant funding to launch a platform that maps and protects all active network identities from the ground up. Similarly, established companies are expanding their capabilities through acquisitions and updates. SailPoint plans to acquire Entro to improve its tracking of machine credentials, while CrowdStrike has introduced a system that constantly verifies automated actions rather than granting permanent access. Additionally, Akamai has established a structured framework to safely manage automated commerce and interactions, and Silverfort has integrated instant identity checks specifically for Microsoft Copilot Studio to prevent unauthorized actions before they occur. Together, these industry developments highlight a crucial transition from one time authentication to ongoing and instant security models that ensure automated tools operate safely and responsibly within modern enterprise environments.


Beyond the ERP system: The autonomous value chain

Traditional enterprise resource planning systems have reached a performance ceiling because they rely on people to manually move and approve data. This manual approach creates expensive delays and inefficiencies that minor adjustments can no longer fix. To move forward, organizations must abandon these outdated structures in favor of an autonomous value chain. In this modernized setup, intelligent algorithms handle routine daily procurement, production, and delivery coordination in real time. Instead of functioning as manual data processors, employees are freed to focus on high level strategic design and system oversight. Transitioning to this level of autonomy requires more than just installing new software; it demands a deep organizational shift. Companies need to establish centralized, reliable data sources and build automated processes governed by clear rules and boundaries. Equally important is fostering a supportive culture built on trust and psychological safety. Teams must feel secure collaborating with automated systems, knowing they have the authority to intervene without facing blame for machine errors. Ultimately, the goal is to stop managing slow, manual workflows and instead design a fully independent system that coordinates seamlessly. This shift delivers greater operational efficiency and frees human talent for more valuable work.


Four Ways To Develop Emotional Intelligence In The Workplace

While technical skills are often highlighted on resumes, emotional intelligence is the defining trait of an effective leader. It involves recognizing and managing your own emotions while understanding those of your team. Without it, organizations face turnover and burnout; with it, they build resilience and trust. Fortunately, you can develop emotional intelligence through four practical methods. First, practice self-awareness by taking time to reflect on your emotional state before entering important conversations or meetings. This prevents unexamined stress from guiding your behavior. Second, master the strategic pause. Instead of reacting immediately to frustration, give yourself time to process the situation, such as waiting a day before replying to a difficult email. Third, use active empathy to understand the motivations and pressures your team members face. Ask how you can support them rather than demanding explanations for setbacks. Finally, create an environment of psychological safety where employees feel comfortable taking risks and making mistakes without fear of punishment. When leaders openly admit their own errors, it encourages the rest of the team to work authentically. By investing in these areas, you can build a stronger, more resilient organization.


The AI Accountability Gap CIOs Can't Ignore

According to a recent IBM survey of 2,000 technology executives, chief information and technology officers are facing a significant accountability gap as artificial intelligence moves into everyday production. While eighty percent of these leaders are under direct pressure from chief executives to adopt AI quickly, two-thirds find themselves responsible for AI outcomes they do not fully control. By the year 2027, organizations expect to manage over sixteen hundred AI models, yet only eleven percent of technology leaders feel ready for this rapid growth. A primary challenge is the steady rise of untracked AI use. Seventy percent of executives report that internal business departments deploy AI tools much faster than their technical teams can monitor. This lack of oversight has clear consequences. Over the past year, organizations experienced an average of fifty-four AI-related incidents. These events led to notable problems, including data breaches for thirty-seven percent of respondents and widespread system failures for thirty-three percent. Consequently, AI adoption is currently moving faster than organizations can secure it. Seventy-seven percent of leaders admit their deployment speeds outpace internal governance, forcing many to pause expansion until they can establish proper visibility and control.


Do Software and Programmers Still Have a Future?

In their 2026 update, the team behind the software tool NocoBase reflects on how rapid advancements in artificial intelligence initially caused intense anxiety about the future of traditional programming. Despite these fears, their revenue doubled in the first half of the year. The small team realized that while artificial intelligence can generate code quickly, large businesses still require stable, secure, and standardized foundations to run their daily operations. Companies cannot rely on raw code generation alone; they need reliable systems with proper access rules, clear steps, and visual screens that humans can easily read and adjust. Rather than fighting these rapid market changes, NocoBase adapted its main focus. They shifted from basic visual programming to providing the essential structure that allows artificial intelligence to safely interact with complex business records. By integrating advanced models internally, the team also doubled their own productivity without hiring more staff. Their direct experience with major corporate clients in life sciences and renewable energy proves that actual businesses adapt much slower than internet technology trends. By acting as a practical bridge between new tools and older manual operations, programmers and thoughtful software projects still have a secure and valuable future.


Develop smarter AI agents with data fabrics

As organizations manage data scattered across numerous platforms, data fabrics offer a practical way to centralize access and enforce consistent policies. This centralized approach is especially relevant for teams developing artificial intelligence agents. AI agents require extensive, reliable information to function effectively, relying on both structured data and unstructured formats like documents or emails. Without a shared business context, these agents struggle to make accurate decisions and can even operate counter to one another in complex systems. A data fabric acts as a central system that connects AI models to diverse information sources. It provides agents with the current data and historical memory they need to act appropriately. Furthermore, this structure allows teams to resolve data quality issues before the information reaches the AI, ensuring the agents operate on accurate, compliant, and secure inputs. By consolidating data access, organizations can also establish stricter security controls and monitor exactly what information agents use. Moving forward, data fabrics are expected to improve how they handle multimedia files and complex documents. Ultimately, a carefully planned data fabric helps organizations deploy AI agents with a clear understanding of the rules, leading to more reliable outcomes.


AI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to Ask

Artificial intelligence is changing cybersecurity, presenting both new defensive capabilities and complex security challenges. Based on insights from dozens of industry professionals, the current landscape of AI in security can be understood through five primary categories: generative AI, agentic AI, shadow AI, machine learning, and artificial general intelligence. Currently, generative AI serves as the foundation. While it offers practical benefits for security teams, such as summarizing incident logs, drafting response plans, and assisting with coding, it is not inherently trustworthy. Because these models predict statistically probable answers rather than relying on absolute facts, they can produce confident but incorrect responses. Therefore, AI should act as a supportive tool rather than a replacement for human judgment. Without proper governance, organizations risk unintentional misuse, where employees rely too heavily on unverified outputs or use external, unsecured AI tools. At the same time, malicious actors are actively exploiting these technologies. They move quickly to adopt AI for creating highly convincing phishing campaigns, writing evasive malware, and executing advanced social engineering attacks. Ultimately, understanding both the practical applications and the inherent risks of AI is essential for navigating the modern security environment.


The checklist problem behind critical infrastructure cyber safety

Recent research from George Mason University highlights a significant gap in how the United States approaches the safety of critical infrastructure. Currently, operators of industrial controls, medical devices, and transportation systems often rely on standard IT security compliance to prove their systems are safe. However, this approach is fundamentally flawed because data protection rules do not easily translate to the physical world. In fact, standard IT practices can sometimes introduce physical hazards. For instance, locking down a system to protect data might trap people during an emergency or disrupt safety controls that require real-time responses. The researchers note that current regulations rely too much on administrative checklists and generic technical standards, ignoring the specific engineering needs of physical machinery. When failures occur, regulations typically only require companies to report the incident rather than prove the equipment can naturally revert to a safe state. To fix this, the study suggests shifting the legal standard of care away from basic compliance. Instead, operators should be expected to provide concrete engineering evidence showing their systems are physically resilient. This includes implementing mechanical backups and hazard-specific safety measures, ensuring that if digital defenses fail, the physical equipment remains secure.