The Agent Did Exactly What the Attacker Told It To

The capital request that lands on your desk for an enterprise agent control plane needs a different diligence standard than the one that worked for the last decade of SaaS. A category of vendor announcements is converging on the same offer. ServiceN…

A vendor shipping a comprehensive-sounding agent control tower is not the same as your enterprise having an answer for agent management. The architects who conflate the two will inherit a control plane by default, along with a definition of the prob…

Phil Wainewright's latest piece on diginomica does the useful work of naming something most enterprise AI conversations skip: the decision threads buried in Slack, email, comments, and team apps are where the why of enterprise activity actually live…

The current generation of enterprise AI pitches is more sophisticated than the skeptics give them credit for. The orchestration vendors have done real work on making agent behavior inspectable. What most of them have not done is push that inspectabi…

Diginomica's write-up of NatWest's Venture Banking launch with AWS is being read as an AI announcement. It is not. It is a story about institutional discipline — about a bank that accepted the boring, expensive, multi-year work had to come before th…

This piece walks through a failure mode most enterprise RAG pipelines have but no one is measuring: retrieval works, the right documents come back, and the model still answers wrong because two of those documents contradict each other. A preliminary…

Enterprise AI is crossing from experimentation into operation, and the cost structure of that transition is not what the first wave of business cases assumed. AI Business reported in mid-April that Salesforce, Databricks, and AWS each released agent…

Derek du Preez's coverage of Google Cloud Next '26 cuts to the decision that actually matters for agentic systems: who owns the audit and policy plane when your agents start acting on enterprise data. Not the model. Not the framework. The control la…

The system prompt that tells your agent "never refund more than $500" is not a control. It is a suggestion the model will follow most of the time, ignore some of the time, and abandon entirely when an adversarial input finds the right shape. If the…

The shift this quarter is not what AI can do next, it is what enterprises can actually govern once AI is running across their systems. AI Business reported in mid-April that Salesforce, Databricks, and AWS all rolled out agent governance and registr…

Gartner estimates that 85% of AI projects fail to deliver value. McKinsey places enterprise AI success rates below 20%. These aren't rounding errors. They're systemic failure. The explanations vary. Insufficient data. Poor model selection. Organizat…

The real AI shift isn't the next model — it's control. The part I'd underline from this piece: the context layer. We've seen large implementations where context got stuffed into oversized prompts — dazzling in the demo, and initially celebrated as l…

Structure-aware retrieval is having a moment. A steady stream of papers, product launches, and polished blog posts is making the case for embedding document structure — section hierarchies, breadcrumbs, parent-child relationships — directly into the…

Most organizations confuse agentic AI with conversational interfaces. They treat agents as chatbots with memory, then wonder why their deployments fail in production. The confusion is expensive. An agentic system doesn't just respond — it acts. It m…