Quote for the day:
"People may forget what you say, but they won't forget how you them feel." -- Mary Kay Ash
Throwing AI at Developers Won’t Fix Their Problems
Organizations are spending too much time, money and energy focusing on the tools
themselves. “Should we use OpenAI or Anthropic? Copilot or Cursor?” We see two
broad patterns for how organizations approach AI tool adoption. The first is
that leadership has a relationship with a certain vendor or just a personal
preference, so they pick a tool and mandate it. This can work, but you’ll often
get poor results — not because the tool is bad, but because the market is moving
too fast for centralized teams to keep up. ... The second model, which generally
works much better, is to allow early adopters to try new tools and find what
works. This gives developers autonomy to improve their own workflows and reduces
the need for a central team to test every new tool exhaustively. Comparing the
tools by features or technology is less important every day. You’ll waste a lot
of energy debating minor differences that won’t matter next year. Instead, focus
on what problem you want to solve. Are you trying to improve testing? Code
review? Documentation? Incident response? Figure out the goal first. Then see if
an AI tool (or any tool) actually helps. If you don’t, you’ll just make DevEx
worse: You’ll have a landscape of 100 tools nobody knows how to use, and you’ll
deliver no real value.Anatomy of a Scattered Spider attack: A growing ransomware threat evolves
Scattered Spider began its attack against the unnamed organization’s
public-facing Oracle Cloud authentication portal, targeting its chief financial
officer. Using personal details, such as the CFO’s date of birth and the last
four digits of their Social Security number obtained from public sources and
previous breaches, Scattered Spider impersonated the CFO in a call to the
company’s help desk, tricking help desk staff into resetting the CFO’s
registered device and credentials. ... The cybercriminals extracted more than
1,400 secrets by taking advantage of compromised admin accounts tied to the
target’s CyberArk password vault and likely an automated script. Scattered
Spider granted administrator roles to compromised user accounts before using
tools, including ngrok, to maintain access on compromised virtual
machines. ... Scattered Spider’s operations have become more aggressive and
compressed. “Within hours of initial compromise — often via social engineering —
they escalate privileges, move laterally, establish persistence, and begin
reconnaissance across both cloud and on-prem environments,” Beek explained.
“This speed and fluidity represent a significant escalation in operational
maturity.” ... Defending effectively against Scattered Spider involves tackling
both human and technical vulnerabilities, ReliaQuest researchers noted.Data governance: The contract layer that makes agentic systems possible
Today, AI has changed everything. Lineage, access enforcement and cataloging
must operate in real time and cover vastly more data types and sources. Models
consume data continuously and make decisions instantly, raising the stakes for
mistakes or gaps in oversight. What used to be a once-a-week check is now an
always-on discipline. This transformation has turned data governance from a
checklist into a living system that protects quality and trust at scale. ...
One of the biggest misconceptions is that governance slows down innovation. In
reality, good governance speeds it up. By clarifying ownership, policies and
data quality from the start, teams avoid spending precious time reconciling
mismatches and can focus on delivering AI that works as intended. A clear
governance framework reduces unnecessary data copies, lowers regulatory risk
and prevents AI from producing unpredictable results. Getting this right also
requires a culture shift. Producers and consumers alike need to see themselves
as co-stewards of shared data products. ... Enterprises deploying agentic AI
cannot leave governance behind. These systems run continuously, make
autonomous decisions and rely on accurate context to stay relevant. Governance
must move from passive checks to an active, embedded foundation within both
architecture and culture.How CIOs Are Navigating Today’s Hyper Volatility
“When it comes to changing dynamics, [such as] AI and driving innovation,
there are several things that people like me are dealing with right now. There
is an impact on how you hire people, staffing, how to structure your
organization,” says Johar. “There is an impact on risk. I’m also responsible
within my organization for managing the risk of data, privacy and security,
and AI is bringing a new dimension to that risk. It’s an opportunity, but it's
also a risk. How you structure your organization, how you manage risk, how you
drive transformation -- these things are all connected.” ... “[CIOs] are
emerging as transformation leaders, so they need to understand how to navigate
the culture change of an organization, the change in people in an
organization. They must know how to tell stories so they can get the
organization on board,” says Danielle Phaneuf, a partner, PwC cloud and
digital strategy operating model leader. “Their mindset is different, so
they're embracing the transformation with a product model that allows them to
move faster [and] allows them to think long term. They’re building these new
muscles around change leadership and engaging the business early, co-creating
solutions, not thinking they must solve everything on their own, and doing
that in an agile way.” What Is AI Agent Washing And Why Is It A Risk To Businesses?
You’ve heard of greenwashing and AI-washing? Well, now it seems that the
hype-merchants and bandwagon-jumpers with technology to sell have come up with
a new (and perhaps predictably inevitable) scam. Analysts at Gartner say
unscrupulous vendors are increasingly engaging in "agent washing" and say that
out of “thousands” of supposedly agentic AI products tested, only 130 truly
lived up to the claim. ... So, what’s the scam? Well, according to the report,
agent washing involves passing off existing automation technology, including
LLM-powered chatbots and robotic process automation, as agentic, when in
reality it lacks those capabilities. ... Tools that claim to be agentic
because they orchestrate and pull together multiple AI systems, such as
marketing automation platforms and workflow automation tools, are stretching
the term, too, unless they are also capable of autonomously coordinating the
usage of those tools for long-term planning and decision-making. A few more
hypothetical examples: While an AI chatbot-based system can write emails on
command, an agentic system might write emails, identify the best recipients
for marketing purposes, send the emails out, monitor responses, and then
generate follow-up emails, tailored to individual responders.Agentic AI Architecture Framework for Enterprises
/filters:no_upscale()/articles/agentic-ai-architecture-framework/en/resources/96figure-2-1752043185139.jpg)
The critical decision point lies in understanding when predictability and
control take precedence versus when flexibility and autonomous decision-making
deliver greater value. This understanding leads to a fundamental principle:
start with the simplest effective solution, adding complexity only when clear
business value justifies the additional operational overhead and risk. ...
Enterprise deployment of agentic AI creates an inherent tension between AI
autonomy and organizational governance requirements. Our Analysis of
successful MVPs and on-going production implementations across multiple
industries reveals three distinct architectural tiers, each representing
different trade-offs between capability and control while anticipating
emerging regulatory frameworks like the EU AI Act and others coming. These
tiers form a systematic maturity progression, so organizations can build
competency and stakeholder trust incrementally before advancing to more
sophisticated implementations. ... Our three-tier progression manifests
differently across industries, reflecting unique regulatory environments, risk
tolerances, customer expectations and operational requirements. Understanding
these industry-specific approaches enables organizations to tailor their
implementation strategies while maintaining systematic capability
development.Rewriting the rules of enterprise architecture with AI agents
In enterprise architecture, agentic AI systems can be deployed as digital
“co-architects”, process optimizers, compliance monitors and scenario planners
— each acting with a degree of independence and intelligence previously
impossible. So why agentic AI and simulations for governance…and why now?
Governance in enterprise architecture is about ensuring that IT systems,
processes and data align with business goals, comply with regulations and
adapt to change. ... These methods are increasingly inadequate in the face of
real-time business dynamics. Agentic AI introduces a new composability model
that is achievable: Governance that is continuous, adaptive and proactive.
Agentic systems can monitor the enterprise landscape, simulate the impact of
changes, enforce policies autonomously and even resolve conflicts or escalate
issues when necessary. This results in governance that is both more robust and
more responsive to business needs. Gartner’s research reinforces the impact of
agency and simulations on enterprise architecture’s future. According to its
Enterprise Architecture Services Predictions for 2025, 55% of EA teams will
act as coordinators of autonomous governance automation by 2028 and shift from
a direct oversight role to that of model curation and certification, agent
simulations and oversight, and business outcome alignment with machine-led
governance.With tools like Alpha and Coherence, we’re turning risk management from reactive to real-time
Those days when it was more of a very reactive and process-heavy system, where you had to follow a set of dilutive processes all the time and react to risks being observed in the system, and then you had a standard operating procedure to deal with it step by step. Those days are behind us. That scenario was there for a number of decades. But with AI and intelligent-led solution capabilities transforming the landscape, it has become proactive and extremely real-time. So what we propose, we always have lived by our Digital Knowledge Operations framework. The three words in it: digital, knowledge, and operations. Digital makes you proactive because you’re building solutions not for today but for the future. You rely on knowledge, and you transform your operations. That’s our philosophy that unlocks this proactive ability of capturing the possibilities of risk in real time. That drove us to build something like Alpha. It’s essentially a very strong and effective transaction monitoring framework and tool that can detect a whole lot of false alerts with over 75% to 80% accuracy. Now, in risk management, what happens is that a lot of operational bandwidth, effort, and talent capability is lost in assessing all of these false positives that are generated because of risk management procedures. Most of them can be taken care of by a combination of machine learning, artificial intelligence, and some sort of robotics.Banking on Better Data: Why Financial Institutions Need an Agile Cloud Strategy
The urgency to migrate to the cloud is particularly pronounced in the banking
sector, where legacy institutions are under mounting pressure to keep pace
with digital-native competitors. These agile challengers can roll out new
features in a matter of weeks, while traditional banks remain constrained by
older mainframes. It is clear that the risk of standing still is no longer
theoretical. Earlier this year, over 1.2 million UK customers experienced
banking outages on pay day, a critical moment for both individuals and
businesses. Several major retail banks reported widespread issues, including
login failures and prolonged delays in customer service. Far from being
one-off glitches, these disruptions point to a broader pattern of structural
fragility rooted in outdated technology. Unlike legacy systems, cloud-native
platforms are engineered for adaptability, resilience, and real-time
performance, which are traits that traditional banking environments have been
struggling to deliver. These failures weren’t just accidents; they were
foreseeable outcomes of prolonged underinvestment in modernization. This
reinforced a critical truth for traditional banks, which is that cloud
transformation is no longer a future aspiration, but an immediate requirement
to safeguard customer trust and remain viable in a rapidly evolving market.
Why knowledge is the ultimate weapon in the Information Age
To turn AI into an asset rather than a liability, organisations must rethink
their approach to knowledge management. At its core, knowledge management is a
learning cycle centred on people, with technology acting as a force
multiplier, not a substitute for judgment. The objective is to establish a
virtuous loop in which data is collected, validated, and transformed into
actionable insight. The tighter and more disciplined this cycle, the higher
the quality of the resulting knowledge. In practice, this means treating AI as
just another tool in the toolkit. ... In an age of information warfare,
perception is the battleground. To stay ahead, decision-makers must be trained
not just in AI tools but in understanding their strengths, limitations, and
potential biases, including their own. The ability to critically assess
AI-generated content is essential, not optional. More than static planning,
modern organisations need situational awareness and strategic agility,
embedding AI within a human-centric knowledge strategy. We can shift the
balance in the information war by curating trusted sources, rigorously
verifying content, and sustaining a culture of learning. This new knowledge
ecosystem embraces uncertainty, leverages AI wisely, and keeps cognitive bias
in control, wielding knowledge as a disciplined and secure strategic asset.
