Generative AI has moved quickly from experimentation into early production use in many enterprises. However, very few can confidently forecast what it’s going to cost them in six months.

For a technology that has consumed so much board-level attention and capital, that reflects a lack of certainty, and one that some technology leaders may privately recognize as true of their own organizations.

The spend is real and the direction is clear, but the number at the end of the year can remain genuinely uncertain.

To capture a glimmer of the confidence driving the infrastructure race, Amazon’s CEO has indicated it expects to spend heavily on IT infrastructure to support AI, with an estimated $200 billion in AI capital spending, arguing it is “not going to be conservative” in how it invests in the tech.

In practice, what makes AI different from the infrastructure investments that came before it is not the scale of the commitment but the nature of the consumption.

Cloud computing was unpredictable when it arrived too, but it eventually settled into patterns that finance teams could learn to model. AI hasn’t settled in the same way yet, and much of the reason comes down to how it is being used.

A great deal of enterprise AI use remains exploratory, which is part of what makes forecasting harder. And unlike cloud, which stayed largely within technical teams for years before spreading, AI is moving across the whole organisation almost immediately. That changes everything about how you try to govern it.

The limits of financial visibility

On the surface, some forms of AI appear to offer what earlier infrastructure lacked: clean, granular, real-time data and what it costs. But across the rapidly growing landscape of technology providers leveraging AI in some way, many do not.

In some cases, token-based pricing is precise in a way that early cloud billing never was, and for finance teams accustomed to working with far less, it can feel like a step in the right direction for solving the visibility problem.

We unfortunately still have a long way to go, since simply understanding what was spent last month tells you very little about what will be spent next quarter, particularly once adoption moves beyond the teams who originally shaped the business case.

One must consider that teams across legal, HR, and customer operations are not thinking about token economics (tokenomics). They’re only thinking about whether the tool works.

Cost exposure builds not through any single decision but through dozens of small expansions, each reason in isolation, none of them reflected in a comprehensive forecast. By the time anyone joins the dots, the demand curve has already moved.

Extending the disciplines that already exist

The organizations who are doing a better job managing AI spend have tenured experience managing consumption-based technology. IT asset management (ITAM) teams for example often have more experience dealing with more fixed constructs like users or seats, which makes the consumption-based nature of AI far more challenging.

FinOps teams on the other hand have grounded experience in managing consumption that originated in public cloud. FinOps teams may therefore better positioned to deal with the new tsunami of AI consumption and spending, ensuring that it is governed as adoption scales.

FinOps has also been broadening its scope beyond the initial roots in public cloud, with AI cost management now sitting firmly within that remit for many, a shift reflected in how the FinOps Foundation is increasingly incorporating AI into its guidance. Part of that expansion is about forecasting demand that behaves differently from conventional workloads.

There is also growing interest in whether AI itself can support FinOps practices, particularly in anomaly detection, optimization and, over time, forecasting, as consumption patterns become harder to model.

The challenge is applying FinOps practices early enough so that governance shapes how AI scales, rather than scrambling to restore control once spend has already outpaced oversight.

The compounding difficulty of legacy environments

For organizations whose technology estates were built around consistency, extending governance into AI is harder than it sounds.

AI-first organizations design with cost in mind from the beginning, treating inference the way they would any other product input, with economic constraints shaping architecture decisions before commitments are made.

Retrofitting AI into legacy infrastructure means something different. Existing commercial commitments and operating models do not adapt quickly to a consumption model that is inherently variable, and that friction has a direct bearing on cost.

The difficulty is often that AI is being introduced into environments built around very different assumptions about how demand behaves, and that is part of what makes forecasting harder.

The challenge is not simply new spend, but expenditure ballooning in environments where oversight and control are already difficult to maintain.

Organizations navigating this will tend to run controlled experiments before broad rollout and are deliberate about how adoption spreads. In practice, that is often about containing unmanaged adoption early, before usage patterns, costs and dependencies become harder to unwind.

That same exposure increasingly carries beyond internal governance. As AI appears more often in customer procurement conversations, questions that were once largely internal are starting to be probed externally too.

For organizations whose governance has not kept pace, those questions can force a level of clarity they may not yet be prepared to provide.

From activity metrics to business outcomes

Beyond governance and cost control, there remains a harder question, which is whether AI investment is producing meaningful business value. Most leadership teams are not yet in a position to answer that with confidence, and the metrics currently reaching the board are not making it easier.

Model usage, inference volumes and compute consumed describe activity without explaining value. It is easy to build a compelling board update from consumption data without addressing whether any of it is moving the business.

What gets closer to an answer is understanding whether individual inferences are delivering something a customer would pay for, or something that meaningfully reduces cost or risk.

Incremental business outcome per pound or dollar of AI spend is a harder measure to produce, but it is closer to the economics that matter because it requires a clearer position on what AI is actually delivering.

That is precisely where many organizations are still finding the work harder than it looks, particularly as AI deployment moves ahead of the models used to understand cost and value.

That disconnect matters more as the market expands, because where those economics remain unclear, cost exposure can build in ways that are harder to recognize early and harder to contain later.

For many enterprises, the challenge ahead is scaling AI without allowing spend to outrun the value it is meant to create.

The best cloud storage: tested, reviewed and rated by experts.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• 79% of data centers are exposed to climate hazards, 54% face chronic heat or drought
• Higher temperatures lead to more cooling demand, creating a vicious circle
• Component longevity is also at risk from heat and other impacts

According to new First Street research, four in five (79%) or the world's data center capacity is exposed to climate hazards like flooding, wildfire and winds, with more than half (54%) of data centers located in areas that face chronic heat or drought stress.

With hyperscalers investing billions to keep up with demands created by AI, First Street stresses that today's decisions could impact cloud computing for years to come.

But even without further investments, rising temperatures and the effects of climate change could put existing facilities under further pressure.

Hyperscalers are building data centers in at-risk areas

Besides the obvious risk of component damage, higher temperatures also mean that data centers need more cooling than they previously did, driving up electricity and water consumption. Because chips and other components operate best at an optimal temperature, higher temperatures could even cause them to fail sooner.

Flooding, winds and storms also threaten electrical systems, network connectivity and fiber networks, potentially leading to outages.

The revelation comes just weeks after a separate study from insurer MS Amlin found that half (56%) of all new projects are being located in disaster-prone areas.

"Most underwriting for real assets still uses historical data, but the climate is no longer behaving the way the historical record would predict," CEO Matthew Eby said.

But with part and utility costs soaring, companies are being forced to reduce costs elsewhere, including locating campuses in cheaper areas that are often more at-risk. With companies already having to consider compute capacity, power availability, connectivity and local opposition, "climate risk is becoming an increasingly important determinant of long-term performance," First Street warns.

"Together, these risks affect NOI stability, cash flow durability, and long-term asset performance," the company added.

With demand for artificial intelligence straining supply chains across the entire development cycle, the tech sector has never been under so much pressure to perform.

But the race to build even more AI tools, to train frontier models and to automate workflows has led to a global construction boom, with hyperscalers investing hundreds of billions in huge data center projects that are themselves under social and environmental scrutiny.

Companies now face backlash over resource use – electricity and water consumption, land occupation and grid expansion are some of the biggest challenges hyperscalers are now having to address, besides tackling strained supply chains.

We’re starting to see on-device, edge and local compute emerge as a viable alternative to cloud compute, and the benefits are broad. For example, besides tackling objections to large campuses, it also delivers lower latency connections and predictable costs for enterprise customers.

AI and cloud have been synonymous, but owning edge AI could be the next competitive advantage

Tighter integrations into hybrid and on-prem deployments could also be seen as the next progression of AI, because while generative AI chatbots and basic productivity tools are well served within browsers, workflow automation and full context requires us to rethink the infrastructure layer.

For Amit Shah, co-founder and CEO of InstaLILY AI, competitive advantage now comes in the form of owned intelligence, where company systems can learn from organizational operations, workflows and knowledge.

The company’s Small Data Center approach claims to have already cut logistics routing times from 15 minutes to three, and reduced field-team training time by 60% for industrial operators.

To better understand whether the future of enterprise AI is indeed becoming more distributed, I spoke with Shah about cloud’s limits, why enterprise-grade AI has different needs to consumer tools, and the role hyperscalers could play in this evolution.

• InstaLILY launched what it calls "The Small Data Center" approach. How is that different from edge installations that have been around for years? Is the secret sauce the middleware then?

Edge installations have historically been meant for single-purpose devices running narrow inferences at the perimeter. Our “Small Data Center” operates differently with a full intelligence stack.

Our reasoning, workers, and governance all run privately, close to where work happens, and connected to the cloud as one system.

Powered by the same InstaBrain, an intelligence layer built from proprietary enterprise knowledge, with InstaWorkers™, AI workers that execute directly inside existing systems that reason the cloud runs locally that centrally executes on-site and the same InstaControl governs both.

The secret sauce isn't middleware as we stopped treating cloud and edge as a tradeoff. Deep reasoning belongs where centralized computation makes sense and high-frequency operational execution belongs closer to the work. The intelligence layer knows the difference, that is the shift.

• What's wrong with relying exclusively on "massive remote cloud infrastructure"? For all intent and purposes, the fact that they offer redundancy by default and operate an OPEX model make them a perfect combination for businesses of any size.

There’s nothing wrong with relying exclusively on a massive remote cloud infrastructure as long as your work lives in a browser tab. The hyperscale cloud is excellent at elastic reasoning and pristine redundancy. Though it’s a poor fit for operational execution in the physical economy.

The assumption that industrial AI will simply live in the cloud ignores how industrial operations actually work. Factories, warehouses, and logistics networks operate under tight latency requirements, inconsistent connectivity, and relentless pressure to control costs.

Even when connectivity isn't an issue, a generic model endpoint lacks the operational context that matters most, which are company-specific catalogs, workflows, exception logic, and decades of institutional knowledge.

No matter how capable the model becomes, manufacturers won't hand critical decisions to systems they can't govern, audit, or ultimately trust. OPEX and redundancy are real benefits, but they solve the wrong problem when the workflow itself doesn't live in the cloud.

• We have had distributed computing for decades now: from Blockchain to P2P, from bit-torrent to Skype. What's different this time around? Is AI amplifying the need for something different and acting as a catalyst?

Earlier waves of distributed systems moved files, transactions, or compute cycles around networks. This time around, computing moves intelligence through a categorical change.

AI is the catalyst because it is the first workload where value compounds at the edge. Every decision, exception, and workflow contributes to a private intelligence layer that becomes more capable over time.

Previous distributed technologies helped organizations share resources more efficiently because they didn't create proprietary knowledge. BitTorrent doesn’t get smarter the more you use it although the intelligence layer does.

The next era of enterprise competition won't be defined by who has access to AI but instead will be defined by who owns the intelligence their operations create.

• If distributed computing is such a boon for all players in the AI ecosystem, why aren't we seeing hyperscalers putting their weight behind this technology set?

Economics reward centralized consumption. Distributed inference compresses per-token and complicates a roadmap built around ever-larger central training runs. They aren’t ignoring it. They’re moving carefully because cannibalizing centralized inference is uncomfortable when it is their core business.

The pull is coming from the physical economy outward, not from hyperscalers inward. The companies leaning in hardest are those whose customers feel the pain of cloud-only architectures most acutely, such as manufacturers, industrial operators, field service businesses and logistics networks. Anyone whose work doesn't happen in a browser tab.

• You've witnessed the evolution of AI (or rather generative AI) as an integral part of it. How do you see it evolving over the next 5 years? PS: Are we in an AI-induced bubble?

The defining divide in enterprise software over the next five years will be between companies that rent intelligence versus companies that own it. The frontier-model arms race continues, but value will accrue to the layer that turns model capability into operational execution.

Autonomous AI moves from suggestion to action, from interface to infrastructure, and from a tool you use to a system that runs work.

The capital environment is certainly exuberant, but the underlying technology shift is not. This kind of exuberance is how every major platform transition in history has started.

The long-term winners will be the companies that build operational intelligence into a compounding asset, not those that merely bought the most GPUs.

Satellite constellations are already transforming global connectivity, extending the Internet’s reach to nearly every corner of the planet. Now, as conversations turn toward compute in orbit, the focus is expanding from connectivity alone to how distributed infrastructure will shape the future of digital services.

But what does it really mean for connectivity when infrastructure extends beyond Earth? The answer is crucial, because space isn’t just another deployment site, it introduces fundamentally different opportunities and constraints that challenge how modern digital services are designed and delivered.

Understanding Space Infrastructure

Space will not replicate the data center environments we know today. Constraints like launch capacity, radiation, power generation, cooling, and physical size mean orbital compute resources will likely be smaller and more specialized than hyperscale infrastructure on Earth.

Rather than lifting existing data centers into orbit, space is likely to inspire new forms of distributed compute and storage nodes, designed to complement terrestrial systems.

Because these distributed resources need to work together seamlessly, connectivity becomes the critical enabler. In other words, the real shift isn’t about relocating data centers to space. It’s about extending the distributed architecture of the Internet itself.

The opportunity lies in distribution

For decades, application architecture has evolved to improve user experience. Content delivery networks moved content closer to users. Cloud platforms introduced elasticity and geographic redundancy. Edge computing pushed processing toward the point of data creation. Space introduces another dimension to this model.

Rather than relocating entire applications, organizations will likely distribute functions across multiple environments, including terrestrial clouds, edge infrastructure, and space based platforms, all depending on what makes architectural sense.

Satellite-based Earth observation systems, for example, generate enormous volumes of imagery and sensor data. Processing portions of that data in orbit before transmitting results back to Earth could reduce bandwidth requirements and accelerate insights.

Other use cases may involve distributing cached content, supporting connectivity in remote environments, or enabling services for moving platforms such as ships, aircraft, and industrial operations.

What matters most is that space becomes another place where parts of a service can run, alongside existing terrestrial and cloud infrastructure.

Orbital connectivity follows different rules

Designing systems that rely on orbital infrastructure also requires understanding how satellite connectivity differs from terrestrial networks.

Satellite constellations are dynamic by nature. Satellites move continuously, requiring constant handoffs between spacecraft and ground stations. Network paths change continuously as satellites move and the routing topology shifts with them.

Even when performance is strong, these dynamics introduce behaviors that traditional network architectures were not built to accommodate. Latency profiles differ too. Low-Earth orbit constellations operate at a fraction of the altitude of geostationary satellites, which matters, but a 20–40ms round-trip is still not terrestrial fiber.

Bandwidth characteristics also differ. Satellite connectivity is often asymmetric, with significantly more capacity for downloading data than sending it back upstream. Power constraints and radio transmission requirements make large uplink transfers more expensive than their terrestrial equivalents.

These realities mean that not every workload belongs in space. Instead, the most effective architectures will carefully consider which components should run where, based on latency sensitivity, data volume, and operational constraints.

The internet is extending its reach

Today's Internet already spans continents and oceans through vast terrestrial and subsea infrastructure. Satellite networks aren't a future concept, they are operational now, delivering connectivity globally and extending reach to places where traditional infrastructure is difficult or impossible. Future orbital compute may yet introduce new processing and storage capabilities as well.

For service architects, this means digital platforms may soon operate across a combination of terrestrial fiber infrastructure, subsea cable systems, wireless access networks, hyperscale cloud environments, edge compute platforms, and satellite constellations or other orbital systems.

From a user’s perspective, however, none of this complexity is visible. They simply expect the service to work. But when a single user interaction may traverse a local access network, a regional ISP backbone, a subsea cable system, a cloud region, and potentially a satellite link, performance issues can emerge anywhere along that path - from congestion on a terrestrial route to disruptions at a satellite ground station.

So while space based compute infrastructure may still be years away from large scale deployment, the architectural questions it raises are already relevant today.

Understanding how these pieces interact will be the key to building resilient digital services, whether the infrastructure supporting them sits in a data center, at the network edge, or hundreds of kilometers above the Earth.

We've featured the best cloud computing provider.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• Oracle says reports a Microsoft deal had broken down were "inaccurate"
• The two companies regularly explore further partnership options
• Microsoft is actively using rival clouds to support its customers

Oracle says that details reported about its cloud deal with Microsoft are "inaccurate" (via Reuters), and that Microsoft remains both an OCI customer and a partner as the two companies continue to collaborate.

"We have a tremendously collaborative and fruitful partnership, where we often talk about ways we ⁠can expand ​upon our ongoing work together," a company spokesperson said.

Business Insider had reported that a deal between the two companies was under pressure due to security and compliance concerns.

Microsoft and Oracle are still working together

Per earlier reports, the agreement could have been worth more than $3 billion, making it one of the largest cloud infrastructure leasing deals between any hyperscalers. The aim was to give Microsoft access to additional GPU and compute, which it could distribute between its own customers and for AI training and inference.

Microsoft has already had to turn to AWS for extra compute as it struggles to meet demand for GitHub's AI tools, with commits expected to increase 14x in the space of just one year.

According to the report, Microsoft was struggling with OCI's lack of Federal Risk and Authorization Management Program (FedRAMP), which it only offers to government cloud customers. Amazon and Google's public clouds, on the other hand, do have FedRAMP.

Oracle recently announced a 47% rise in cloud revenues – more than twice the growth of the entire business, which was already a very impressive 21%. At $9.9 billion, its cloud business is now worth more than half of its entire revenues.

Microsoft has not commented on the matter.

As physical AI enters our homes, workspaces and public infrastructure, it will have a transformative effect. Autonomous vehicles will become the norm on our streets, factories and warehouses will move to full automation, AI-enabled devices will assist in surgeries and medical procedures, and greater intelligence will be embedded into domestic devices.

Such is the emerging significance of physical AI, Gartner has identified it as a top strategic trend that will shape enterprise priorities over the next five years. There is no doubt the opportunities are great. But are organizations ready to roll out autonomous robots and drones, self-driving vehicles and industrial automation at scale?

Project leaders are finding that the deployment of AI in physical spaces, where they will coexist with humans, is very different from deployment of AI in an abstract cloud computing environment. Physical AI is requiring machines and systems to perceive what’s happening around them, interpret context and act autonomously in the real world.

For obvious reasons, these deployments must be proven safe and reliable. To successfully achieve this, leaders are required to overcome numerous practical complications, such as the constraints on edge devices, regulatory compliance and environmental considerations.

In addition to this, project leaders also need to convince their senior leadership teams that physical AI can be scaled across operations.

This will require them to show that the ongoing operational costs are manageable – and that a clear return on investment, be that through improved uptime, energy optimization or workforce efficiency, is evident. If they fail to demonstrate this, projects will never get past the pilot phase.

Embrace AI from the outset

To address these challenges, the first step for leaders is to ensure physical AI solutions and their benefits are factored in at the outset of any project. When organizations fail to include AI at the earliest stage – during the design and development of any product or operational environment – it creates challenges.

This typically results in fragmentation across hardware, firmware, applications and cloud computing – and results in a build-up of technical debt and diminishing returns. Siloed operational assets also result in disjointed workflows, operational bottlenecks and suboptimal performance.

Where this is the case, we often see organizations struggle to innovate and pivot whenever new commercial opportunities arise, such as through new smart consumer devices, factory robotics or in-vehicle infotainment.

Gartner estimates that the organizations taking a proactive approach in reducing, what it refers to as, “AI debt” will mature up to 500% faster over the next three years.

Enable edge inference

In contrast to cloud AI deployments, physical AI requires organizations to integrate real-time edge inference with several computing layers. Specific solutions will need to be engineered to compensate for the numerous hard constraints encountered on edge devices, including compute capacity, memory, power consumption, thermal limits and form factor.

These constraints typically force deliberate trade-offs in model size, update frequency, hardware selection and inference strategy. As edge capabilities continue to advance, these constraints can increasingly be addressed. Low power GPUs and specialized AI accelerators are expanding the range of workloads that can be executed locally.

Techniques such as model compression and quantization also help reduce computational demand while maintaining acceptable performance.

In particularly constrained environments, distributed edge architectures can be used to offload specific tasks to nearby devices. With these advances, what matters less is where intelligence runs, and more how deliberately edge constraints are engineered from the outset.

This will increase reliability, reduce reliance on cloud computing and lower the ongoing operational costs.

Run simulations

These edge engineering solutions will provide organizations with a proof of concept. But, to enable these to scale, project leaders also need to test scenarios and understand second-order impacts across operations. They will want to do this without disrupting production, compromising safety or committing capital prematurely.

Project leaders can derisk investments and validate their decisions, however, by leveraging advanced simulation platforms, such as NVIDIA’s Omniverse. This enables them to create digital twins of factories, assets and workflows, and allows teams to explore “what-if” scenarios.

Simulations allow teams to assess performance and identify constraints early. In energy intensive environments, for example, teams can assess power usage and sustainability trade-offs. This enables leaders to evaluate costs, right size capital investment, accelerate planning cycles and align stakeholders around a shared view of the future.

Build confidence

The use of simulations also helps to identify quick wins that will help leaders to demonstrate early success. This will provide crucial evidence that the technology is safe and reliable, but also that it can provide a clear return on investment.

This should act as the first phase of a staged rollout program. With physical AI, it is advisable that organizations take an incremental approach, as it will help to build confidence in the project among the senior leadership team – and remove the hesitancy that can hold projects back and prevent them from scaling.

To further instill confidence, project leaders should simultaneously roll out a structured organizational change management project too. This will prepare stakeholders and the workforce for the impact of physical AI within their operations.

Lead organizational change

The skill sets required in a physical AI project are different to those needed in a cloud AI deployment. Organizations need deeper expertise in embedded systems, real-time software and lower-level programming languages. As a result, there may be a need to augment workforces and evolve organizational structures.

To encourage acceptance of the technology, a clear communication strategy will also be necessary - one that explains how physical AI will provide value, and how the deployment will impact individual roles and processes. It may also be necessary to provide additional training and ongoing support throughout the roll out process.

Physical AI can no longer be considered a futuristic concept – it’s already transforming the world around us. It’s enabling organizations to innovate, go to market faster and seize commercial opportunities. It is also helping to optimize operational workflows, increase productivity and reduce costs.

If organizations want to take advantage and accelerate adoption, however, they must develop the solutions that work for their specific needs and derisk their deployment strategies. When they do this, organizations typically find they can scale physical AI quickly and reap the benefits sooner.

We've featured the best AI tool.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

The enterprise narrative around public cloud computing has been overly idealized, treating it as an intangible, failsafe resource.

Boardrooms frequently discuss geographic regions and compute instances as if they exist purely in the ‘digital ether’, divorced from the vulnerable reality of concrete, copper wiring and power grids.

However, as the enterprise landscape grows increasingly complex, that illusion is rapidly deteriorating.

World events have reiterated the reality that ‘the cloud’ is networking and compute, all around us; powered by tangible grids on the ground. Should those assets encounter disruption for any reason, the digital economy they foundationally support grinds to a halt.

The cloud, and public cloud in particular, has been the answer to many enterprise challenges and served as a powerful accelerant for growth and innovation.

And whilst the enterprise shift toward public cloud continues at pace (with industry analysts expecting 90% of organizations to adopt a hybrid cloud approach by next year), this high rate of adoption risks a critical vulnerability when adopted ineffectively, most notably through the ‘Single-Cloud Trap’.

Despite resilient enthusiasm with cloud adoption amongst organizations, more than half are likely to remain unsatisfied, failing to achieve their anticipated results.

This dissatisfaction frequently stems from common causal factors such as infrastructural siloing and a fundamental lack of integration. For UK businesses operating under the same mindset, this presents a notable disconnect between their strategic cloud investments and robust operational resilience.

Today’s Cloud Status Quo

In today’s environment, the risk profile for enterprises reliant on cloud computing is higher than traditional models accounted for. The recent discourse around advanced AI models, and the intense subsequent discussions regarding their potential cybersecurity implications, certainly suggest that the threat landscape has irreversibly evolved.

Beyond just redundancy planning around local power outages or software bugs, a deeper focus on outages triggered by sophisticated, AI-driven threats capable of degrading an entire geographic region are more front of mind than ever.

Such an evolution makes a disconnected, multi-cloud strategy problematic. Standard architectural wisdom dictates that distributing workloads across isolated data centers within a given territory provides sufficient redundancy. While this mitigates localized faults, it does not offer protection against macro-level disruptions.

If a vendor suffers a severe, widespread outage, the very diagnostic dashboards and control panels enterprises rely on to manage the crisis are frequently hosted on that same compromised IT infrastructure, When a provider’s entire infrastructure within a region is compromised, their management tools often fail alongside their servers, leaving IT teams flying blind.

Compounding the issue, during a crisis often enterprise continuity ‘runbooks’ remain as static documentation that can quickly become obsolete during the course of a developing incident. When a major service provider goes dark, IT personnel are thrust into a reactive scramble, desperately attempting to manually stitch together alternative routing and establish secure connections on the fly, all while the business loses revenue and customer trust.

And recent large-scale outages across the globe have demonstrated that recovery in such scenarios isn’t a matter of minutes but rather days. This delay occurs because the vital connections (between different cloud providers) had not been established prior to the crisis. Attempting to build a secure network bridge while the primary infrastructure is failing is a recipe for prolonged downtime.

The Path Forward

So, how do organizations meet these challenges head-on? The path forward requires a fundamental shift in how enterprises define reliability. True resilience today is defined by the secure fluidity of the connections between multiple providers and a robust, managed adoption of Disaster Recovery-as-a-Service (DRaaS) to mitigate issues that can occur.

The perception of networking must evolve from a ‘utility’ to a vital foundation for business autonomy. There are a few key steps organizations should keep in mind to help accelerate this shift:

1. Connectivity between cloud environments need to be established during periods of stability. These network paths should be ready, encrypted, allowing critical traffic to be redirected in seconds if needed. Waiting for a crisis to begin connecting to a secondary cloud provider invites failure.

2. Independent observability, managed from a safe, distant geography, is the only way to maintain a clear view of the situation when local infrastructure crumbles. If your monitoring tools and command center are hosted in the same region as your actual business data, they will likely fail when you need them most.

3. Resilience must transition from static documentation to automated, executable code. A modern disaster recovery strategy should allow a failover to be triggered seamlessly, removing human error and the need for improvisation during a critical incident.

In the modern cloud-led world, organizational infrastructure must become as ambitious and resilient as the economy it supports. The ultimate goal is not to merely ‘exist’ on the cloud, but to be architecturally elevated above any single point of failure. By overcoming this once ‘great disconnect’, organisations will be better prepared for new and emerging threats.

We've featured the best cloud storage.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Cybercrime isn’t random. Groups like ShinyHunters don’t just target vulnerable systems. They target moments in time when any disruption hurts most. From an attacker’s perspective, timing creates leverage.

Likewise, ransomware operators have long targeted hospitals because downtime has immediate consequences. When healthcare systems go down, hospitals can’t function normally and, in some cases, can’t deliver critical care.

Attackers understand this pressure and know it collapses timelines. It turns long internal debates into urgent decisions.

That’s why the recent attack on Canvas occurred during final exam season. For many schools, Canvas is where exams live, grades are finalized, and communication flows between students and faculty.

When a system like this goes offline in the middle of finals week, there’s no graceful fallback.

Stress Is the Point

This is the typical ShinyHunters playbook, but with flair: Students, already stressed during exam season, found Canvas inaccessible. Some were in the middle of exams. Others were locked out hours before critical deadlines. That uncertainty matters. Do you retake the test? Does it get rescheduled? Do thousands of students get to pass?

These aren’t theoretical problems. They hit instantly, and they ripple outward, from students to faculty to administrators to IT teams. Customers felt the impact while they were already stressed. Attackers know that stress amplifies pressure, and pressure drives response.

What made this incident especially effective wasn’t just the outage itself, but how visible it was. This wasn’t a quiet breach discovered by a SOC at 2 a.m.

Students logged in and saw a warning message and ransomware note attributed to ShinyHunters (“rooting your systems since 19”). saw it firsthand and flocked to TikTok. Schools couldn’t quietly contain the issue while they assessed the situation.

This kind of visibility strips organizations of one of their most helpful tools during incidents: time.

Forced Transparency Works

Modern extortion has evolved. It’s no longer just about stealing data and sending a ransom note quietly to IT and security teams. Groups increasingly aim to involve the victim’s own users in the pressure campaign.

By disrupting Canvas during finals, ShinyHunters made the impact unavoidable. Every login attempt and every student exam delay amplified the attack. That dynamic mirrors what attackers have learned in other sectors. Public facing disruption forces faster decisions than quiet, private threats ever could.

This Is a Familiar Playbook

While the scale of the Canvas attack is significant, the strategy behind it isn’t new. ShinyHunters has a long history of targeting large platforms with broad user bases, especially in cloud computing and SaaS environments, where a single compromise can affect thousands of downstream customers.

Online learning platforms are particularly attractive for that reason. They centralize massive amounts of data, serve large populations, and operate on rigid schedules. Finals happen when they happen. Grades close when they close.

There’s also a structural challenge at play. Learning platforms often include multiple account tiers, integrations, and access paths. Even when core systems are well protected, peripheral or lower security accounts can create exposure. Attackers only need a foothold to gain initial access.

Why Education Is a Prime Target Now

For a long time, education was treated as a lower risk sector. That assumption no longer holds. Schools and universities operate like digital enterprises. They rely heavily on third party platforms, store sensitive personal data, and include complex identity management environments, often with constrained security budgets and decentralized oversight.

At the same time, the tolerance for downtime is shrinking. Exams, graduation timelines, financial aid deadlines, visas, and accreditation requirements don’t wait for incident response plans to play out.

Attackers pay attention to those constraints. They also understand the sensitivity of education data. Learning platforms don’t just store names and emails. They contain internal messages, accommodation requests, instructor feedback, and deeply personal communications. Even limited exposure can create real risk for students and staff.

The Lesson From the Canvas Attack

The Canvas incident isn’t solely a story about one platform or one threat group. It’s a signal about how attackers, in general, think.

Attackers have long targeted holidays and weekends. They’re also getting very good about targeting moments, any points in time where disruption is likely to maximize confusion and minimize options for victims.

For education leaders and IT teams, the takeaway is uncomfortable but clear. Learning infrastructure should be considered mission critical. Decisions about account security, identity controls, monitoring, and third party risk don’t just affect systems. They affect real people trying to complete exams, graduate, and move on with their lives.

Finals week is already stressful. Attackers know that. And they’re increasingly willing to exploit it.

We list the best online cybersecurity courses.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

OpenAI's recent financial disclosures paint a bleak picture for the industry's economic model. The company missed internal revenue and user targets whilst projecting losses that could reach $14 billion in 2026.

According to The Wall Street Journal, CFO Sarah Friar has warned internally that ballooning compute costs may outpace incoming revenue, raising questions about the company's ability to fund future computing contracts.

These headlines are symptoms of a broader structural dysfunction across the sector, where companies inflate valuations to unprecedented levels and buy compute capacity far beyond what they can efficiently deploy. At an $852 billion valuation, OpenAI's revenue growth cannot keep pace with the IT infrastructure costs required to justify that figure.

OpenAI generates revenue primarily through API access fees and ChatGPT subscriptions. But every user query costs GPU time, meaning margins on inference are razor-thin or negative.

Revenue scales with subscribers, yet compute costs scale with usage intensity. Billions go toward training next-generation models that won't produce returns for months or years.

Yet while these companies burn through capital acquiring GPU capacity they cannot profitably deploy, the hardware itself sits largely unused, processing power that could be advancing healthcare, education or development in markets that need it most.

The idle capacity paradox

The deeper problem is that the GPUs these companies are hoarding aren't even being put to work. The prevailing narrative from major AI companies is one of scarcity, used to justify premium pricing. But Cast AI's 2026 State of Kubernetes Optimisation Report, drawing on data from roughly 23,000 clusters across AWS, GCP and Azure, found that 95% of enterprise GPU capacity sits unused. Billions of dollars worth of compute, provisioned and paid for, rarely being put to productive work.

This means everyone outside the leading model companies and cloud computing giants is, in a sense, locked out. Startups, scaleups and institutions from London to Lagos cannot access compute at an acceptable price point. The hardware exists, as does the demand, but the current model has no mechanism to connect the two.

Why utilization stays so low

The reasons are structural. Companies buy GPUs for worst-case scenarios, the equivalent of building a motorway for rush hour and leaving it empty the other 23 hours of the day.

Then there's the hoarding problem. In this market, owning GPUs is a signal to investors. Large enterprises keep buying well beyond what they actually need to operate. The hardware becomes a balance sheet asset first and a productive tool second.

Training runs make it worse. AI model training is intensive but periodic. A company might push its GPU cluster hard for a few weeks, then leave it largely idle until the next training cycle. There's no incentive to let anyone else use that capacity in between. So it just sits there.

The result is that the biggest players hoard hardware they barely use, while everyone else gets priced out. The people this hurts most are the smaller teams who would actually put compute to productive use, developers in Nairobi or São Paulo building applications for markets that big tech has never prioritized. These are the teams that will turn AI into something practical and useful for ordinary people, and they're locked out by pricing designed to subsidize someone else's idle infrastructure.

Distributed alternatives

The persistent presence of idle capacity suggests the need for a different approach. Rather than concentrating GPU resources behind corporate walls, distributed compute networks connect underutilized hardware with developers who need it.

The mechanics are straightforward. GPU owners, whether data centers with spare capacity, companies with idle hardware, or individuals with powerful machines, plug into a network that verifies what each machine can do. When a developer needs compute, the network handles the matchmaking. A job requiring fast response times gets routed to high-performance hardware nearby. A batch training job that can run overnight gets spread across cheaper, more distributed machines. The developer doesn't need to know where the hardware physically sits.

The orchestration layer groups compatible hardware into clusters, so a developer can deploy a workload across dozens of different machines as if they were one unified resource. The economics follow naturally. Idle GPUs represent sunk costs that could generate returns if put to work. Developers get access at lower price points. Hardware owners monetize assets that would otherwise sit dormant.

More importantly, distributed networks reduce the systemic risk of depending on a handful of centralized providers. When compute access isn't tied to one company's quarterly performance, the supply chain becomes more resilient.

The write-down clock is ticking

The AI industry is due a correction. Companies have loaded their balance sheets with GPU assets priced for full utilization. Actual utilization is 5%. At some point, the books have to reflect reality. When that reckoning arrives, compute access for the wider industry contracts with it. The companies that depend on centralized providers will feel it first. The ones already connected to distributed alternatives won't.

The infrastructure exists. The demand exists. The only thing missing is a model that matches the two without requiring trillion-dollar valuations to function. That model is already being built. The remaining question is how many write-downs it takes before the rest of the industry pays attention.

70+ best AI tools tested.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• Numerous EU businesses have backed the EC push for EU sovereignty
• OVHcloud, Nextcloud, Mastodon, ​Proton, Ecosia and more sign letter
• The cloud market is currently dominated by AWS, Microsoft, and Google

Thirteen European cloud providers have signed a letter backing the European Commission’s push to end European reliance on US companies, who have dominated the market for the past two decades.

The cloud providers, alongside NGOs and lawmakers, want to see local alternatives fostered and adopted by Europe-based businesses as the sovereignty movement grows.

European businesses are concerned about how US-based providers handle data and comply with European Union (EU) regulations.

Businesses call for EU sovereignty

In predictions made by Gartner earlier this year, European cloud Infrastructure-as-a-Service (IaaS) spend will surpass China and North America's, with spending set to triple from $6.7 billion in 2025 to over $23.1 billion in 2027.

"Our ​message is simple: Build European, buy European, protect European," said European Parliament lawmaker ​Alexandra Geese.

The call for EU cloud sovereignty has come from businesses across Europe, with numerous signatories signing the joint letter. Among the signatories are French ​cloud vendor OVHcloud, ⁠Germany's Nextcloud, social networks Mastodon and Monnett Social, Swiss privacy software company ​Proton, browser company Ecosia and Dutch quantum ​chip ⁠maker QuantWare.

Six civil groups including Defend Democracy and ⁠Save ​Social also signed the letter, alongside numerous European Parliament lawmakers.

“Technological sovereignty means that Europe has ​the capacity to freely design, understand, choose from different home-grown sources, ‌build, ⁠operate and effectively regulate the digital systems on which its society and economy rely,” the groups the joint open letter, seen by Reuters.

The European Commission announced in May that it would consider new rules on how US hyperscalers can process sensitive data from European governments, offering a chance for the comparatively smaller EU-based cloud providers to edge into the market and end US dominance.

• A Meta-owned cloud business would be "definitely on the table"
• Continued data center expansion will fuel the firm's ongoing AI efforts
• All compute is allocated, but any future surplus could be sold on to customers

At its annual shareholders' meeting, Meta CEO Mark Zuckerberg has revealed that a cloud business could be "definitely on the table" as the company continues to build out its data center footprint to support AI programs.

If Meta were to go down the cloud computing route, it would have to go up against very established hyperscalers. Amazon's business already occupies a third of the market, and Microsoft and Google jointly own another third.

Zuckerberg ultimately noted that, if Meta ends up with a surplus of compute infrastructure as part of its ongoing AI efforts, it could sell or rent that extra capacity to external customers.

Meta would consider selling excess compute via a cloud business

"Almost every week there are different companies that come to us from outside asking us to both stand up an API service or asking if we have compute that they could buy from us at some premium to what we've bought it at," he added.

Although the company doesn't currently sell cloud to customers, it continues to spend big on artificial intelligence. AI-related capex for 2026 is now estimated to be between $125 billion and $145 billion. That's only a touch behind the capex estimates of Google parent company Alphabet ($175 billon to $185 billion), Microsoft ($190 billion) and Amazon ($200 billion).

Zuckerberg explained the reason that Meta hasn't launched its own cloud compute yet is that it currently has a use for all of the capacity it's set to build, but that the company has confidence in continued investments because if it weren't to use all of that capacity, it could ultimately sell it on to customers.

The UK’s critical national infrastructure (CNI) is entering a converged threat era - one where cyber, physical and aerial risks are overlapping attack surfaces targeting the same high-value assets. Furthermore, data centers have been formally designated as CNI, elevating both their strategic importance and their exposure to attack.

Historically, organizations responsible for critical assets have approached security in distinct domains, silos maybe. Cybersecurity teams protect networks and data, physical security teams manage access control and perimeter protection and airspace, in most cases, has remained largely ungoverned - until the past decade or so.

But the structure, and manner of threats, has evolved somewhat. According to the UK’s National Cyber Security Centre, (NCSC) the country is now facing around four nationally significant cyber incidents per week, many linked to hostile state activity. At the same time, geopolitical tensions are increasingly playing out through infrastructure disruption - both physical and digital.

We are living in the converged threat era, and attackers are not constrained by organizational silos any longer, rather they are actively exploiting the gaps between them, and hybrid threats - whether state-backed, or criminal - are combining multiple factors to achieve their objectives.

Hybrid threats in practice

A typical campaign might begin with cyber reconnaissance, identifying vulnerabilities in IT infrastructure or operational technology (OT) environments. This may be followed by physical surveillance, potentially conducted via drones, to map access points, movement patterns, or security weaknesses.

Drone incidents near sensitive UK sites have more than doubled year-on-year, demonstrating low-cost, accessible technology can now bypass traditional perimeter controls entirely. And the physical infrastructure underpinning the digital economy remains exposed - with 95% of global data traffic dependent on subsea cables vulnerable to disruption.

Securing distributed, high-value infrastructure

For CNI environments, which are often lightly staffed, and in remote or hard to reach locations, the security challenges have escalated. Data centers are a prime example. While they underpin the digital economy, many operate with minimal on-site personnel, relying on remote management and automation.

There are now between 11 and 12,000 data centers globally, supporting everything from financial services and cloud computing to AI workloads and critical government systems. In the UK alone, the sector generates around £4.7 billion in annual gross value added (GVA) and supports more than 43,000 jobs, with projections suggesting it could unlock a further £44 billion in economic impact by 2035. However, this has also made them increasingly attractive targets.

Recent incidents highlight this growing risk. In 2024 and 2025, several high-profile cyberattacks targeted data center operators and cloud providers, disrupting services and exposing vulnerabilities in interconnected systems.

Many modern facilities are designed to run on remote monitoring, automation and centralized control systems. While this delivers efficiency, it also creates conditions where threats can go undetected for longer periods. This is the same with other areas of CNI, including energy infrastructure, transport networks and logistics hubs with remote assets and reduced human presence all contributing to expanding risk.

State-backed groups increasingly operate through intermediaries, such as criminal networks, to allow them to obscure their involvement while still achieving their objectives. Likewise, those with a purely criminal intent are adopting techniques traditionally associated with nation states, further blurring the lines.

To combat this, we are now seeing how organizations approach potential threats that are coordinated, adaptive, and designed to exploit both technical vulnerabilities and organizational blind spots.

Despite this shift, many security strategies are fragmented, and physical security systems often operate independently of cybersecurity platforms. Access control data is not always integrated with wider threat intelligence, and airspace monitoring, where it exists, is rarely connected to ground-based systems outside governmental and military circles.

In converged threat environments, this becomes a liability, because an isolated access control system may detect unauthorized entry, but without integration into broader monitoring frameworks, it cannot provide context. Furthermore, a cybersecurity platform may identify unusual network activity, but without visibility of physical access points, it may miss a critical link in the chain.

The same applies to drone activity; detection alone is insufficient if it is not connected to incident response protocols or wider security systems.

A multi-layered, intelligence-led model

We’ve moved forward rapidly to tackle this, however, and security is evolving into a multi-layered, intelligence-led model, reflecting the reality of hybrid threats and converged risk.

At ground level, this now looks like robust perimeter protection and intelligent access control. Modern systems go beyond basic entry management, incorporating real-time data, identifying verification, and integrating with wider security platforms. The goal is a 360 view of control access, where we have a full understanding of it, who is on site, why, and whether that activity aligns with anticipated patterns.

The CNI community and security suppliers are also on the front foot in addressing the growing airspace gap. Counter-UAS (unmanned aerial systems) capabilities, including drone detection and mitigation, are becoming essential to CNI security.

Equally important is the digital layer, with continuous network monitoring of IT and OT environments providing visibility into network activity, system performance, and potential compromise. In sectors such as energy, transport and data centers, where operational systems are increasingly connected, this visibility is essential to maintaining both security and resilience.

This enables organizations to achieve real-time situational awareness, where data from multiple sources is collected and analyzed to provide a comprehensive view of risk. An access control event can be linked to network activity and drone detection can trigger automated responses across physical and digital systems - and ultimately, patterns can be identified.

This approach is increasingly aligned with the direction of policy and regulation across governments and international bodies. This includes NATO and the EU, which are placing greater emphasis on the protection of CNI, given the economic and political importance of such assets.

Perimeter defense alone is no longer sufficient, nor is a purely cyber-focused strategy. Instead, organizations will continue to adopt a layered approach that recognizes the interconnected nature of modern, hybrid threats, and infrastructure.

Protect yourself with the best firewall software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Artificial Intelligence (AI) and very large (hyperscale) datacenters are not new technologies. What is new is how they are both now commingled and supporting each other in an unprecedented growth spurt.

The datacenter (DC) industry is currently going through a period of fundamental structural change, driven mainly by the rapid transition from traditional cloud computing to AI computing.

Foundational to this transformation and a key enabler is fiber and the extreme fiber densification that is occurring within AI DCs.

This shift is fundamentally reimagining the "Physical Layer" from a passive utility into a strategic asset. While traditional IT infrastructure relied on hierarchical, north-south traffic flows, AI "factories" demand a massive, east-west parallel architecture where thousands of GPUs synchronize in real-time.

This architectural pivot creates a literal space-crunch; we are attempting to squeeze terabits of intelligence through physical pathways—conduits, trays, and ducts - that were never designed for such volume.

Consequently, the industry is moving past the "standard" 250-micron fiber toward ultra-thin, high-density 160-micron solutions. It is no longer just about the speed of light, but about the density of glass. To scale intelligence, we must first master the physics of the fiber that carries it.

The Density Dilemma

The difference in how AI workloads are processed compared to how traditional cloud workloads are processed is the basic driver of this increase in fiber volume. In a traditional cloud environment, tasks like web hosting, database management, and file storage are typically processed by Central Processing Units (CPUs) in a hierarchical fashion via access, aggregation and core layers.

Here, data mostly moves between the end-user, who may be located anywhere outside the DC, and the server within the DC. This type of traffic flow is described as ‘North-South’ and requires robust external gateways but relatively modest internal interconnects within the DC.

However, these traditional network architectures are ill-suited for the ‘all-to-all’ communication required by Graphics Processing Unit (GPU) or Accelerator clusters in AI DCs because they introduce latency and bandwidth bottlenecks at oversubscribed aggregation points; this cannot be tolerated by AI compute stacks.

AI factories use iterative, compute-heavy processes where thousands of GPUs must work in tandem as a single logical entity. This creates a huge amount of internal traffic because of the enormous parallel processing needs across the interconnected GPUs.

In such environments, the network must support the constant synchronization of the AI model parameters and the timely exchange of vast amounts of mathematical modelling data, creating a huge volume of internal traffic. This type of traffic flow is referred to as ‘East-West’ traffic and it now accounts for most of the movement of data within AI DCs.

The architecture to support large East-West traffic is very fiber dense because the number of East-West connections scales quadratically with the number of nodes (GPUs/Accelerators).

Why ‘Fiber-First’ is the New Standard

The scale of East-West traffic is orders of magnitude larger than the traffic moving North-South. Any link error or packet loss in this network is catastrophic; for instance, it can force the entire training batch to be restarted, leading to significant financial losses and delays in model development. Only fiber can meet the bandwidth and speed requirements needed for AI processing.

AI DC operators are also deploying network fabrics such as InfiniBand or high-performance Ethernet and these require lots more high-performance fiber than traditional CPU-based networks to meet AI performance metrics.

To build a data center whose infrastructure will not be obsoleted at the next step-increase in speed (say from 800G to 1.6T), we have to adopt a fiber-first approach at the network design stage. Scalability is now a basic DC necessity.

It’s not ‘Speed of light’, It’s now ‘Speed to Light’

The pressure to deploy AI-ready capacity quickly is unending and high-density, pre-terminated fiber solutions are really the only deployment option available when building AI DCs. Instead of spending weeks on-site splicing multi-fiber elements, pre-terminated fiber solutions offer advantages such as:

Plug and Play: Significantly reducing deployment timelines (from weeks to days).

Reduction in Human Error: Pre-terminated solutions are factory assembled and tested.

Simplification: Make it easier to upgrade or swap components as technology evolves and cable management is more controlled.

Pre-terminated solutions are a key enabler of the speedy deployment of fiber networks, allowing for quicker commercial activation of AI DCs.

The Shift from Compute-Led to an Infrastructure-Led Design

Optimised fiber connectivity in an AI DC is no longer an afterthought; it’s now an important expectation within best-practice AI DC design. We are moving away from a world where we buy servers or AI compute pods and then figure out how to connect them.

Instead, we are now designing DC environments where fiber connectivity is key to determining the efficiency, speed of deployment, scalability, resilience, operational agility, and long-term readiness of the DC facility.

This shift is especially important as AI workloads demand denser interconnects, faster data movement, and lower latency across the compute environment. A well-planned fiber architecture helps reduce future rework, supports smoother upgrades, and ensures the DC can scale with evolving AI compute requirements.

We feature list the best Linux server distros.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

5G is deployed. Fiber is rolling out. AI tools are embedded in everyday professional life.

And yet millions of users still experience buffering, failed transactions, and AI assistants that stall before completing a simple query.

The infrastructure promise and the user reality remain stubbornly misaligned.

The reason is not bandwidth; it is measurement. We are still evaluating 21st-century networks with 20th-century monitoring logic.

QoS vs QoE: Why the Distinction Matters

Quality of Service (QoS) reflects what the network does: download speed, latency, and packet loss. Quality of Experience (QoE) reflects what the user actually feels: did the app load? Did the payment go through? Did the video stream uninterruptedly?

The Telecommunication Standardization Sector (ITU-T) defines QoE as "the degree of delight or annoyance” experienced by the user, intentionally shifting measurement to the human perspective.

A network that meets every technical benchmark can still fail to deliver a usable experience if the application layer, the Content Delivery Networks (CDN) routing path, or the cloud infrastructure between operator and end user introduces degradation.

This gap between technical performance and user perception is where operators lose loyalty and where traditional monitoring provides limited visibility.

Recognizing the Limits of Infrastructure Alone

The mobile industry has committed to an extraordinary level of investment in the pursuit of better connectivity. GSMA Intelligence estimates that operators will invest $1.5 trillion in capital-expenditure between 2023 and 2030, of which more than 90% is directed toward 5G. As of early 2024, 261 operators had launched commercial 5G across 101 countries.

The industry is also increasingly aware that infrastructure alone does not guarantee a good customer experience. Operators are integrating AI tools into network management, deploying 5G Standalone architectures that enable network slicing and quality-on-demand, and building API frameworks.

The direction is clear: the industry is moving toward experience-aware network management. The challenge is that this movement requires measurement frameworks capable of capturing experience, not just infrastructure performance.

AI Raises the Bar and Exposes Monitoring Gaps

The mass adoption of AI assistants, copilots, and generative tools introduces new experience metrics. Time to First Token (TTFT), query completion rates, and response streaming consistency. These determine whether an AI assistant is genuinely useful in a professional context. They are currently invisible to a traditional Network Operations Center.

A connection that meets every conventional QoS threshold can still make a large language model practically unusable. As enterprises embed AI into core workflows and as operators position AI connectivity as a monetization opportunity, the inability to measure AI-level QoE becomes both a commercial and a technical blind spot.

The Hidden Layer: CDNs and Cloud Infrastructure

One of the most underappreciated sources of experience degradation sits between the operator and the application. CDN and cloud computing infrastructure can cause buffering, slow loading, or stalled AI responses.

According to the Ericsson Mobility Report, video represents roughly 74% of global mobile network traffic as of 2024 and most of it is delivered through CDNs that no single operator controls end-to-end.

True QoE measurement must span the full stack, from the radio access network through CDN, cloud availability, and application responsiveness. Without this visibility, troubleshooting becomes guesswork.

Regulators Shifting from Coverage to User Experience

Regulators worldwide are moving toward experience-based oversight.

In the US, the FCC's Measuring Broadband America program uses crowdsourced measurements via the FCC Speed Test app to capture real-world performance across both rural and urban areas.

In India, TRAI’s MySpeed app performs a similar function, enabling citizens to submit real-device measurements that feed directly into regulatory analysis.

These initiatives share a common logic: the most credible measurement of network quality is what citizens actually experience, collected at scale, continuously, and independently.

Digital Inclusion: What You Cannot Measure, You Cannot Fix

The digital divide has always been a policy concern. Today, it is also a measurement challenge. According to the ITU, globally, 83% of urban residents use the internet compared to 48% of rural populations.

Critically, the urban-rural ratio has remained at 1.7 for four consecutive years, unchanged despite years of infrastructure investment.

Two users on the same operator, in the same city, can have radically different experiences depending on device, building, or time of connection. Without continuous and granular QoE monitoring, inclusion programs risk targeting the wrong areas.

From Measurement to Action: The Case for Full-Stack, Continuous QoE

None of this is achievable with synthetic lab-based testing. Emulators do not replicate device behavior under load, and controlled tests do not capture peak-hour congestion, CDN routing decisions made in production, or the compounding effect of multiple degradation factors across the delivery chain.

Measuring QoE credibly requires testing on real devices, live operator networks, and running actual applications continuously.

This methodological shift, from a “full-stack, always-on” approach, creates actionable intelligence for operators, regulators, and policymakers. It ties investment to measurable improvements in real user experience rather than theoretical performance metrics.

We list the best network monitoring tools.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Europe has a problem with Big Tech. And it's not abstract, theoretical, or something policymakers can quietly debate for another decade. It's happening right now, inside banks, hospitals, transport systems and government departments that cannot afford to fail.

A handful of US technology vendors now sit underneath Europe's most critical IT infrastructure. They decide when systems change, how much they cost to run, and what happens when something breaks. This is masked as progress. In reality, it's dependency and, in some cases, outright coercion.

Amazon, Microsoft and Google control more than 70 per cent of the European cloud computing market, while US firms supply the vast majority of enterprise software used across the continent.

When those vendors change their commercial models, customers don't get a vote. They do receive an invoice.

This is no longer about IT preference. It's about control.

The part no one likes to say out loud

For years, the software industry has pushed a simple story: change is good, upgrades are inevitable, and moving on a vendor's timetable is the price of staying "modern." That narrative has been repeated so often that many organizations have stopped questioning it.

But look closely, and a different picture emerges.

A stable system reaches the end of official support. The vendor announces a major upgrade or cloud migration. Licensing terms change. Costs rise. Security risks are quietly reframed as the customer's responsibility, unless they move.

Each step is presented as reasonable in isolation. Together, they form a funnel with only one exit: deeper lock-in.

At that point, this stops looking like a competitive market and starts to resemble a cartel. Customers technically have choices, but exercising them would mean rebuilding core systems under pressure, with limited internal expertise and no room for downtime. Vendors know this. That's why they push so hard.

I've sat across the table from CIOs who are told their perfectly stable platforms are now "legacy" overnight. I've spoken to boards facing seven-figure cost increases because a licensing model changed, not because their needs did. That's leverage, masked as innovation.

When dependency becomes dangerous

Technology failures aren't new. But the concentration of risk is.

Today, many organizations run critical operations within tightly integrated vendor ecosystems: cloud, databases, middleware, and core applications sourced from the same small group of providers. If one part fails, everything downstream feels it.

We've seen this play out repeatedly. A European travel company running tens of thousands of servers was pushed into a forced migration that would have increased cost and carbon emissions overnight. Instead, by stepping off the vendor's upgrade treadmill, it extended the life of its systems, avoided tens of thousands of tons of CO₂, and kept full operational control.

In another case, a media organization discovered that a core encryption standard had been deprecated, not because it was unsafe, but because it no longer aligned with a vendor's product roadmap. The choice presented was stark: rebuild fast or pay indefinitely. We developed the new standard into the existing system. They maintained compliance, avoided the disruption, and freed up resources for work that actually mattered.

These aren't edge cases. They're the logical outcome of a market where too much power sits on one side of the contract. That's why boards are now asking different questions about what systems they run, who controls them, and what leverage they've given away over time.

How lock-in quietly took hold

Vendor lock-in didn't arrive with a single bad decision. It crept in through decades of reasonable ones.

Software estates evolved through mergers, upgrades, integrations and bolt-ons. Contracts were signed under very different market conditions. Licensing language grew more complex as vendors consolidated and alternatives disappeared.

Over time, visibility was lost. Few organizations today can clearly map what they run, which components are mission-critical, and which obligations are contractual rather than technical.

This suits vendors. Environments that aren't fully understood are easy to control and hard to challenge.

This is why the sovereignty debate matters. It's not about nationalism or rejecting US technology. It's about whether customers are allowed to make rational decisions about their own systems – or whether those decisions are pre-made for them.

The baseline every CIO needs

Nobody is suggesting a mass exodus from Big Tech tomorrow. That's both unrealistic and unnecessary.

What is necessary is a reset.

The first step is clarity. Organizations need a true baseline of what they run, how it's used, and where contractual constraints are driving decisions. Without that, every renewal conversation is reactive.

Once that baseline exists, options reappear. Some organizations renegotiate contracts that were signed when the balance of power looked very different. Others choose to extend the life of stable systems instead of replacing them on an arbitrary timetable.

Software doesn't lose its value simply because a vendor says it should. Stability and reliability don't expire on a policy date. Recognizing that restores choice.

Taking back control

Across Europe, CIOs are already pushing back, and with data on their side.

They're entering renewal discussions with clear usage insight, a realistic view of operational risk, and defined red lines on cost and control. They're turning forced upgrades into negotiations. They're refusing to be passive.

The result won't be a sudden rupture with Big Tech. But the relationship is beginning to rebalance. Customers who understand their systems, question inherited assumptions, and stop equating vendor pressure with progress will regain leverage. Those who don't will keep paying for change that serves someone else's bottom line.

Europe's technology future doesn't depend on choosing the right vendor. It depends on whether customers remember they're allowed to say no, and have the courage to do it.

We've listed the best IT management tools.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Offering speed, flexibility, and the ability to scale without heavy upfront investment, the public cloud has for years been the model of efficiency. But as AI becomes embedded across every function of organizations, what once seemed like convenience now looks a lot more like a permanent cost burden.

That’s why many businesses are shifting from a cloud-first mindset toward a more balanced, hybrid approach, one that sees AI workloads brought back on-premise

Cloud used to be a major cost saver, but in 2026, the economics are changing quickly. Ingress and egress fees, combined with the premium charged for GPU compute cycles, have ballooned as more AI models run.

When 10% of top-line revenue goes to a cloud provider just to keep the lights on, organizations feel like they’re not simply renting infrastructure but paying a recurring tax on their own growth.

This is the state of play with the always-on nature of today’s AI models.

Frequent, high-volume tasks are driving cost increases. Enterprises are now using large language models (LLMs) to summarize internal meetings, scan customer support tickets, and run continuous retrieval-augmented generation (RAG) pipelines.

Individually, these API calls seem inexpensive. But at scale, they are a massive recurring expense. AI agents bring more complexity. These systems function more like digital employees, planning tasks, verifying outputs and retrying workflows.

From renting to owning

With public cloud pricing models, the more a team relies on AI, the more an organization pays. In other words, there’s a tax on realizing AI’s full potential.

On-prem infrastructure turns that upside-down. A one-time investment in high-performance hardware converts unpredictable monthly expenses into fixed, depreciable assets. Companies own the computing capability outright rather than paying exorbitant rent.

The cost of local hardware is often recouped quickly when compared to ongoing API usage or GPU rental fees, particularly for predictable, always-on workloads.

But cost is just part of the equation. Performance is the other.

In the cloud, workloads typically run on shared infrastructure. Organizations often operate on a “slice” of a server alongside other tenants, introducing latency, resource contention, and performance variability.

By contrast, local AI runs on dedicated hardware. There is no network lag, no shared queues, and no “noisy neighbor” interference. For end users, that translates into immediate responsiveness.

The governance imperative

Data sovereignty is another driver of the on-prem trend.

In a public cloud environment, sensitive data resides on third-party infrastructure, creating challenges for compliance, auditing, and intellectual property protection.

On-prem AI changes that dynamic. Prompts, proprietary training data, and outputs remain within the organization’s physical and logical boundaries. Compliance with frameworks like GDPR or HIPAA becomes more straightforward because data residency is guaranteed by design.

This also addresses growing concerns around “prompt leaks.” When employees input sensitive information into external AI systems, there is a risk of unintended persistence or exposure. Localized AI environments create a controlled, secure environment for experimentation and deployment.

Smaller, more efficient models are making this possible. Businesses do not need hyperscale infrastructure for every use case.

That’s why we are beginning to see the “rightsizing” of AI. Capable assistants can now run on systems with 64GB or 128GB of high-speed memory. What once required a large, expensive server can now be done with a compact, cost-effective workstation.

Hybrid model

This transition to on-prem AI does not mean abandoning the cloud.

For most forward-looking businesses, the right solution is a hybrid model. Cloud can be used more strategically, reserved for large-scale training jobs and burst workloads that require massive, synchronized GPU resources.

At the same time, local infrastructure handles agentic AI programs, internal copilots, and sensitive data analysis.

As a strategic hub rather than a peripheral, companies can build environments that are faster, more secure, and more cost-efficient than a cloud-only approach.

They can attain full control over their data, eliminate hidden costs such as egress fees, and offer their teams a better experience.

In the future, we will see one person directing a team of agents, and in an enterprise, hundreds or even thousands of agents may continuously plan, call tools, share context, verify results, and retry tasks — all of which drive token usage sharply higher. This is a fundamental shift in how AI is used.

Collectively, these trends point to the emergence of a “private AI” model.

The shift from cloud-first to hybrid and on-prem AI is being driven by a convergence of forces: economics, governance, and performance. In 2026, the question is no longer whether to use the cloud, but how to use it strategically while keeping control over the workflows that matter most.

We've featured the best cloud computing provider.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Modern businesses produce massive amounts of telemetry, and as systems grow more complex, the risk of failure rises with them.

Under normal conditions, observability platforms perform well, delivering responsive dashboards and reliable alerts.

But during incidents, when queries expand across longer time ranges and more stakeholders join the investigations, those same systems often slow down, revealing critical limitations when they matter most.

When the Architecture Doesn’t Match the Workload

The scale and complexity of modern telemetry are exposing a core architectural problem. Many observability platforms are designed for predictable, steady-state monitoring – not the unpredictable, exploratory queries required during incidents.

Monolithic, detection-oriented observability systems assume they can support both predefined monitoring and open-ended investigation. But in practice, these systems are optimized for workflows where questions are known in advance.

When unexpected issues arise, these systems struggle to handle ad hoc queries across large data sets and multiple teams.

This is not a feature gap. It is an architectural mismatch.

How Evolving Observability Environments Scale Complexity and Cost

Today’s digital environments produce far more telemetry than most organizations have dealt with in previous years, and it’s all driven by microservices, cloud-native infrastructure, and AI workloads. As data grows, teams rely on large historical datasets to investigate issues, often requiring concurrent access from multiple users.

At the same time, cloud economics have shifted. Cloud storage is relatively inexpensive, but compute (especially during large, exploratory queries) has become a dominant cost driver. Many observability platforms tightly couple storage, indexing, and cloud computing, forcing organizations to scale all three together.

This creates a structural inefficiency: costs rise with data volume, even when that data is only queried occasionally. Teams are left choosing between retaining less data, accepting slower investigations, or overprovisioning IT infrastructure for peak performance.

Why Observability is Moving Toward Decoupled, Event-Native Systems

To address these challenges, observability architectures are shifting away from tightly coupled systems toward a decoupled model in which storage, compute, and data visualization operate as independent layers. This separation introduces flexibility and allows organizations to store more telemetry, scale compute on demand, and access the same underlying data across multiple tools without duplication.

At the same time, the structure of the data itself is also evolving. Event-native systems treat events (such as application logs, user requests, and API calls) as the fundamental unit of analysis. Instead of relying on predefined indexing strategies, data is stored in formats optimized for large-scale scanning and high-cardinality queries.

This enables more flexible investigation and multiple teams can query the same data concurrently without significant performance degradation.

Systems built on this model, such as Apache Druid, have demonstrated the ability to support bursty, high-concurrency workloads while maintaining interactive performance at scale. This is critical for investigation workflows, where query patterns are unpredictable and often collaborative.

Event-native systems solve the data exploration problem, while decoupled observability architectures address scaling and cost issues. Modern and effective observability requires the right data model and architecture. This shift mirrors patterns seen in other data domains.

Business intelligence platforms, for example, initially relied on tightly coupled architectures before evolving toward decoupled systems. As data volumes grew, separating storage, processing, and visualization enabled each layer to scale independently and innovate more rapidly. Observability is now following a similar path.

Observability Warehouses: A Dedicated Data Layer

The next architectural evolution for observability systems introduces a purpose-built data layer that sits underneath traditional observability platforms like Splunk, Grafana, and Kibana.

Known as an Observability Warehouse, this allows organizations to store large amounts of telemetry, query it quickly when needed for investigations, and scale compute based on demand (instead of by data size). This improves cost efficiency and operational resilience.

Separating the data layer gives teams more flexibility to analyze the same event-native data across multiple tools, adapt to new technologies over time, and avoid being constrained by a single platform’s architecture. Retention strategies, query engines, and visualization layers can evolve independently.

As telemetry volumes continue to grow, investigations will become more collaborative and data-intensive. Organizations that align their observability architecture with how these workloads behave will be better positioned to respond quickly, control costs, and operate reliably at scale.

We've ranked the best ITSM tools.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

In the early 2000s, the architects of the internet faced a familiar-sounding modern problem: How do you build a system that handles massive, unpredictable demand without it breaking when any single part of it fails?

Their answer was to build a system of peer-to-peer networking. Rather than routing everything through central servers, P2P systems distributed load across thousands of individual nodes with no single point of failure, intelligence closer to the user, and resilience baked into the architecture rather than bolted on top.

It was a successful solution. P2P networks proved faster, more resilient, and more scalable than anything centralized IT infrastructure could match for distributed workloads.

Then, as the cloud computing era took hold, the hyperscale model became the dominant infrastructure logic of the last fifteen years. Its premise — aggregate everything into the largest possible data centers, optimize for unit cost, centralize without limit — made sense for many workloads.

But AI inference, the phase of AI that is now exploding in enterprise environments, operates on exactly the same principles that made P2P compelling in the first place.

Understanding why

Understanding why requires separating two phases of AI that are often conflated. Training a large model is a one-time, compute-intensive process. It runs well on centralized, aggregated infrastructure, and the hyperscale logic holds there. Inference is different.

Inference is every time the model is actually used: a fraud detection system flagging a transaction, a predictive maintenance system identifying a fault on the factory floor, a logistics platform recalculating routes in real time. These decisions happen continuously, in milliseconds, at the point where operations actually run.

Routing inference workloads to a distant hyperscale facility introduces latency that is simply incompatible with many of these use cases. A surgical assistance system cannot wait for a round trip to a data center in another region. Neither can an industrial safety system, an autonomous inspection drone, or a real-time customer service agent running on retail floor infrastructure.

McKinsey projects that global data center demand will more than triple by 2030, driven overwhelmingly by inference rather than training, and the infrastructure serving that demand needs to be built around what inference actually requires, which is compute close to where the decision happens.

P2P systems’ answer was to stop treating distribution as a problem and start treating it as the architecture. BitTorrent did not try to solve file transfer by building faster central servers, but it distributed the problem across thousands of nodes: each one close to a user, each one handling local demand locally.

When individual nodes dropped off, the system degraded at the margin. No central server going down took the whole network with it. The architecture assumed failure and built around it, outperforming centralized alternatives on speed, resilience, and scale simultaneously.

Edge computing

Edge computing applies the same logic to AI infrastructure. Smaller, modular compute facilities positioned close to where data is generated and consumed distribute the inference workload the way P2P distributed file transfer. Each site handles local decisions locally. The network as a whole becomes more resilient because no single facility carries the entire load.

Running that inference centrally also carries a cost that compounds with scale: Every time data moves out of a hyperscale cloud provider's network, organizations pay egress fees.

For AI workloads that require continuous data transfer between a central facility and distributed operational environments, those charges accumulate in ways that are easy to underestimate at the planning stage. Processing data locally at the edge — close to where it is generated — reduces the volume crossing the network in the first place.

A hardware shift is also changing the feasibility calculation at the device level. Neural processing units (NPUs) designed specifically for AI inference tasks are now embedded in smartphones, laptops, and industrial edge devices.

The compute required to run capable inference workloads has been falling steadily, and hardware that would have required a server rack a few years ago now fits in a handheld device.

As inference-capable hardware becomes cheaper and more physically compact, the assumption that every workload needs to route back to a centralized facility becomes harder to sustain.

Data sovereignty

As data sovereignty regulation is tightening across the EU, Southeast Asia, Latin America, and beyond, centralizing inference in a small number of facilities creates legal exposure.

For organizations operating across multiple jurisdictions, edge infrastructure resolves this by design: data is processed locally, within the relevant jurisdiction, without requiring complex legal and technical workarounds after the fact.

Finally, another important element is that power availability — not price — is becoming the binding constraint on data center capacity. In Northern Virginia, the world's densest cloud hub, utilities have projected connection timelines for large projects stretching up to seven years due to grid congestion.

Ireland's data centers now consume more than 20% of national electricity. These problems are the predictable result of concentrating enormous compute into a small number of locations, but the megawatt problem is more tractable when it does not need solving in one place.

Edge deployments, by distributing workloads across many smaller sites, spread the energy demand in a way that aligns better with available grid capacity.

None of this means hyperscale infrastructure is going away. Training workloads, large-scale data processing, and many enterprise applications will continue to run efficiently in centralized cloud environments.

The case for edge is not a case against cloud, but rather for matching infrastructure architecture to what workloads actually need.

The engineers who built P2P networks understood that distributing intelligence across the network made it stronger, not weaker.

As inference pushes AI out of the data center and into the places where businesses actually operate, that lesson is becoming increasingly relevant again.

We've rated and reviewed the best backup software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

CIOs and other executives need to be ready for another major change imperative in the form of AI… but what can they glean from past events? Smart leaders will learn from history and apply key lessons from the last landmark technology-enabled inflexion point: cloud computing and the rise of ecommerce.

I’m old enough to have lived through the cloud computing revolution and it was a remarkable time. The changes to the way we deployed and ran IT had significant impacts internally (elastic capacity, lower upfront costs, a smaller admin overhead, reduced ‘shelfware’) but also on broader business performance.

Cloud computing accelerated decision-making and lowered the risk and expenses associated with R&D and program and process trials. I believe that AI will be even more transformational and drive more impact, especially on the business side.

Let’s be honest here: all major change exercises have bumps on the road. Cloud certainly did and AI tools will not be an exception to that rule. Those who went through cloud-enabled business transformation, as I did at Accenture, need to apply wisdom, recognize familiar obstacles and opportunities, and act accordingly.

An incomplete shortlist of concerns will include:

- securing buy-in from stakeholders;

- managing up, across and down, including scope for retraining and new roles;

- not buying into propaganda or ‘tulip mania’ where hype exceeds reality and common sense;

- avoiding vendor/platform lock-in that restricts downstream flexibility;

- building necessary and complementary skills and partnerships externally;

- managing new vendors with new tariff structures or ways of working;

- re-engineering business processes to capitalize on technology change;

- and seeing this as a holistic change opportunity, not a technology silver bullet.

Let’s dive deeper into a few of these…

Understanding limitations

It’s OK not to know everything. In business, we do everything we can to look ahead, see around corners and anticipate next steps. But ultimately we rely in part on best guesses. That’s especially so in the case of AI (or cloud), the underlying technology is moving very fast. There’s nothing wrong with making incremental changes to plans and course-correcting on a regular basis. And, as goalposts inevitably move, it’s the only sensible approach.

It may get worse before it gets better. Any big change program carries risks. With cloud, we made mistakes that led to unexpected consequences like cost spikes and ‘bill shock.’ We didn’t always factor in what we would consume and how much that consumption level would cost so results sometimes got worse in the short term.

But everything we can know today tells us that investing in AI is a strategic competitive advantage. Some projects will fail and computing costs may come with a higher price tag, but these are short-term challenges that will ultimately lead to long-term progress and our ability to innovate, automate and analyze.

First-mover advantage isn’t always an advantage. In the cloud, there was industry, media and peer pressure to adopt quickly. We feared laggard status and missing out on a promised competitive advantage. Later, some former ‘laggards’ claimed a ‘second-mover advantage’ because they observed the frenzied action before reacting.

The truth of what was better (first-mover or second-mover) was somewhere in the middle. Some sectors and organizations moved fast successfully, while others were better off once the dust settled. There were significant variances caused by differences in industry, company profile, skills and risk appetite. Establish which camps you fall into to move at the right speed but make sure you are prepared to make big moves when the time is right.

Rethinking security and governance

Security and governance need a rethink. Many people underestimated the impacts on data privacy and regulatory compliance in the cloud. This led to cybersecurity compromises caused by misconfigurations and external risks due to the larger attack surface that was presented.

With AI, we need to accept that immense new power will also be used by malicious actors so we must mitigate risks caused by new processes and well-meaning employees and partners.

Vendor choice is different. New technology waves bring new vendors. Smart CIOs will look at the risk of using untested providers, analyze their backgrounds and likely futures, and make choices accordingly.

They will often be assisted by chief risk officers, identity, privacy and sovereignty experts, change veterans, and others with specialist domain expertise. Organizations must avoid being locked into vendors or platforms that restrict downstream movement and value.

Business process change is more important than technology change. Change can’t sit in an IT silo. It’s more important to understand new vistas of possibility and rethinking what business processes are ripe for AI-enabled change. Just as important is communication. So winning buy-in from above, below and across the organization is critical.

AI is exciting, fast-moving and, yes, scary. It’s fine not to get everything right but learning from history will help.

We've listed the best Request For Proposal (RFP) platforms.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

As cloud computing technology has matured and business needs have shifted, cloud adoption has accelerated rapidly over the past decade, reshaping how organizations build, scale and deliver digital services. But as cloud environments expand, so too does the complexity of securing them.

Today, many organizations are confronting what could be described as the “cloud complexity gap.” This gap is coming to be defined by the growing mismatch between the speed and sophistication of cloud-based threats, and security teams’ ability to contain them.

Recent research has revealed three reinforcing factors that have created a widening complexity gap: fragmented defenses, stretched teams and threats now operating at machine speed. Cloud environments have become far more complex than the traditional defenses designed to protect them.

Crucially, this is not an investment problem. 62% of organizations expect their cloud security budgets to increase in the next 12 months. Yet, despite this investment, 59% still rate their cloud security posture at initial or developing stages.

For all the money being spent, the maturity and effectiveness of cloud security is struggling to keep pace. Unless organizations rethink how they approach cloud security, this gap will continue to widen.

So, what are the key drivers of complexity in cloud environments – and how can they be addressed?

More tools create more risk

One of the clearest drivers of cloud complexity is tool sprawl, with nearly 70% of organizations now identifying this as a major obstacle to cloud security. As organizations expand their cloud environments, the natural response is often to deploy new security tools to tackle emerging risks. And with the surge in AI capability and adoption, there’s no shortage of said tools.

On paper, this seems sensible. More protection layers should mean stronger security. In practice, however, these tools are rarely implemented with deep integration. Instead, they create fragmented architectures where security data is trapped in silos, policy enforcement becomes inconsistent and visibility across environments is limited. Security teams are left stitching together insights from multiple dashboards to try to get a real-time picture of risk.

When tools don’t share context or operate from a centralized data model, organizations lose control. Regaining this control becomes more difficult because increasing the number of tools increases the number of entry points attackers can target. In dynamic cloud environments, these blind spots are prime targets for cybercriminals.

AI is accelerating the attacker advantage

At the same time, the rise of AI and automation software is reshaping the threat landscape. Threat actors can rapidly scan cloud environments for misconfigurations, map complex permission pathways and identify exposed data.

As the time between vulnerability, attack and response lessens, 66% of cybersecurity experts say they lack strong confidence in their ability to detect and respond to cloud threats in real time. As it stands, traditional, human-led processes alone can’t respond fast enough.

AI is also transforming how organizations operate. IT teams are rapidly introducing new AI tools and capabilities into their workflows, often under pressure to innovate quickly. But these tools can introduce new vulnerabilities and provide attackers with additional opportunities to exploit weak points when deployed without robust governance or oversight.

The challenge of hybrid and multi-cloud

Hybrid and multi-cloud environments promise flexibility and resilience. However, they also introduce a new layer of structural complexity that can be hard to control.

Nearly nine in ten organizations (88%) operate across multiple cloud models, combining public cloud providers, on-premises IT infrastructure, SaaS applications and a distributed workforce.

Each of these environments brings its own architecture, security controls, identity frameworks and configuration standards. Individually, these environments are already complex. Together, they create a fragmented ecosystem that is difficult to manage and even harder to secure.

As organizations scale their cloud infrastructure, the number of configurations, permissions and data pathways expands rapidly. Cloud infrastructure is designed to scale efficiently, but that does not mean that security automatically scales alongside it.

For security teams, the challenge is defending a constantly evolving network of interconnected systems, not a single perimeter. Hybrid and multi-cloud strategies can make it harder to triage threats and therefore respond accordingly across the full cloud environment.

Security teams under pressure

Compounding these technical challenges is the ongoing cybersecurity skills shortage.

Three quarters of organizations report a lack of qualified cybersecurity professionals, placing additional pressure on already stretched teams. However, simply hiring more people is unlikely to solve the problem. With attackers using AI and automation to expand the attack surface at speed, scaling headcount will do little to close the gap today.

Instead, organizations need to focus on reducing operational friction. Simplifying architectures, improving integration between tools and automating repetitive tasks can significantly improve efficiency. With better visibility and fewer disconnected systems to manage, security teams can focus expertise where it has the greatest impact.

Towards a unified cloud security model

Closing the cloud complexity gap ultimately requires a shift toward unified cloud security platforms. Many organizations currently run separate tools across network, cloud and application environments that were never designed to work together. This fragmented approach creates unnecessary complexity and weakens overall security posture.

A unified platform provides shared visibility across hybrid and multi-cloud environments, allowing organizations to apply consistent policies while coordinating detection and response across the entire infrastructure. This grants security teams a consolidated view of risk and the clarity required to stay ahead of emerging threats.

We've ranked the best endpoint protection software.

Recent geopolitical conflict has highlighted an increasingly important reality for the cybersecurity industry: modern conflict now unfolds across both physical and digital domains.

Alongside traditional military operations, cyber activity, information campaigns, and digital disruption have become regular parts of geopolitical confrontation.

For organizations around the world, the lesson extends beyond any single conflict. Cyber operations tied to geopolitical tensions rarely remain confined to national borders.

The IT infrastructure that powers global business - cloud platforms, telecoms networks, financial systems, and supply chains - is deeply interconnected. When instability happens in one region, the ripple effects can quickly reach organizations thousands of miles away.

This growing convergence between geopolitics and cybersecurity underscores a critical challenge: the global shortage of cyber and cloud skills needed to defend modern digital infrastructure.

Geopolitical tensions often trigger cyber activity

Periods of geopolitical instability have historically been accompanied by increased cyber activity. State-aligned threat groups, criminal networks, and politically motivated hacktivists frequently exploit moments of heightened tension to launch campaigns targeting governments, infrastructure providers, and private-sector organizations.

These operations vary widely in sophistication. Some involve advanced espionage or long-term infiltration carried out by highly capable threat actors. Others are less complex but still disruptive, such as distributed denial-of-service (DDoS) attacks, defacement campaigns, or the release of stolen data.

Crucially, organizations do not need to be directly involved in a geopolitical dispute to feel the impact. Shared infrastructure, third-party suppliers, and cloud computing providers create indirect pathways through which cyber activity can spread globally.

This means cybersecurity teams must prepare not only for highly sophisticated attacks, but also for waves of opportunistic disruption that can accompany geopolitical events.

The attack surface is expanding

One of the most important lessons from recent events is how tightly digital systems are now integrated with the physical infrastructure that societies depend on.

Energy systems, aviation networks, healthcare platforms, and financial services all rely on complex digital ecosystems that span multiple countries and suppliers. A disruption in one part of this ecosystem can cascade quickly across sectors and borders.

At the same time, organizations are rapidly adopting cloud technologies, automation software, and AI-enabled platforms, which continue to expand the attack surface.

As IT infrastructure grows more complex, defending it requires a workforce with increasingly specialized and continuously evolving technical skills.

AI is accelerating both attack and defense

Emerging technologies are also changing how cyber threats develop. Artificial intelligence and automation tools are making it easier for threat actors to identify vulnerabilities, conduct reconnaissance, and scale phishing or credential harvesting campaigns.

These technologies can accelerate attack cycles dramatically. Tasks that previously required significant manual effort - like scanning for exposed systems or generating targeted social engineering messages - can now be performed much more quickly.

However, AI also provides defenders with powerful capabilities to detect threats, analyze anomalies, and respond more effectively. The key differentiator is not simply the technology itself, but the people who know how to use it.

Which brings us to one of the most pressing cybersecurity issues facing organizations today.

The cybersecurity challenge is also a skills challenge

Despite rising cyber threats, the global cybersecurity workforce is significantly understaffed. Industry estimates suggest there are millions of unfilled cybersecurity roles worldwide, leaving organizations struggling to recruit and retain the expertise needed to protect increasingly complex digital environments.

But the issue goes beyond hiring dedicated security professionals. Cyber resilience now depends on the broader technology workforce as well. Developers, cloud engineers, IT administrators, and security teams must all understand how to build, deploy, and maintain secure systems. Without continuous upskilling across these roles, even well-funded security programs can struggle to keep pace with evolving threats.

Building cyber resilience through skills

As geopolitical tensions increasingly impact cyber activity, organizations must rethink how they approach resilience. Technology alone cannot solve cybersecurity challenges, and tools are only as effective as the people operating them.

Organizations that invest in developing cloud and cybersecurity skills across their workforce will be better positioned to detect threats earlier, respond faster, and adapt as the threat landscape evolves.

This means moving beyond reactive security measures and embedding cybersecurity capability into the broader technology workforce. Upskilling developers in secure coding, strengthening cloud security expertise, and ensuring security teams can effectively use emerging technologies like AI all contribute to a stronger defensive posture.

Closing thoughts

The growing intersection of geopolitics and cyber risk highlights a fundamental shift in how organizations must approach security. Cyber conflict is no longer something that happens only between nation-states. Its effects increasingly ripple through the digital infrastructure that businesses rely on every day.

While the geopolitical triggers may vary, the underlying lesson remains consistent: the organizations best prepared for an unpredictable threat landscape will be those that invest in developing the cybersecurity and cloud skills of their workforce.

In a world where digital systems underpin nearly every sector of the economy, cyber resilience ultimately depends on the people capable of defending them.

Check out our list of the best vibe coding tools.

For over 16 years, the Zero Trust cybersecurity model has upheld the principle of “never trust, always verify” and has become the universal standard across government and defense organizations.

But Zero Trust Access wasn’t built with Cross Domain Transfer – secure, policy-enforced data transfer between networks with varying security classifications – in mind.

That’s an issue, as modern cyber warfare runs on speedy intelligence sharing, quick coalition tempo and data-driven decision advantage.

Given this, it’s no surprise that more and more cyber leaders are recognizing that Zero Trust alone cannot secure operations that span multiple classification levels and allied nation environments.

A new strategic foundation to both enable and secure the flow of mission-critical information is taking shape.

Why cross-domain data sharing matters

In today’s high-octane international cyber battlespace, government and defense alliances such as NATO and operational initiatives such as the U.S. Combined Joint All-Domain Command and Control (CJADC2) are facing a complex problem.

As attack volumes increase, the ability to move data securely across domains and allies at mission speed for defense agencies to triage and respond becomes more crucial. At the same time, sharing and accessing sensitive data is a major operational risk for organizations at the frontlines of national security.

This conundrum requires more than Zero Trust Access to solve. Zero trust treats all network traffic as a potential breach and ensures that no users or systems are trusted by default. This suits securing IT infrastructure, but is less suited to data, especially when it comes to securing data that’s in transit.

Current conflicts demand fast, coalition-wide data sharing across multi-domain environments, such as land, cyber and cloud computing, in near real-time. In these environments, latency is not an inconvenience; it is an operational vulnerability that a sole reliance on Zero Trust opens the door to.

The sleepwalking risk

When weighing up how a sole reliance on Zero Trust causes problems, we need to consider wider factors that could contribute to a disastrous cyber security breach or lapse of cyber defenses. Without specialist mechanisms for data security and secure data exchange, national security agencies face a quiet, compounding erosion of operational tempo.

Data can’t move at mission speed, decision latency is the norm and intelligence gets stuck at classification boundaries awaiting manual transfer.

This can be seen as an internal friction for security agencies, but that risks downplaying how modern cyber warfare works in practice. Defense initiatives are predicated on the assumption that partners can share intelligence securely and at pace.

An organization that hasn't solved cross-domain data flow doesn't just put its own mission at risk; it degrades the collective tempo and trust of the entire coalition.

Shared identity frameworks and federated access policies across systems and partners alike have to be part of the solution. In a recent Everfox study, 64% of security leaders said they believe that secure data movement is the greatest barrier to achieving effective Zero Trust strategies.

In other words, Zero Trust environments struggle not because verification is unnecessary, but because verification alone does not solve cross-domain data orchestration. And when Zero Trust is implemented in isolation, it makes it harder to share data securely and collaborate.

The value of trust

To be battle-ready, national security organizations need to adopt a cohesive architecture that remedies these problems with data sharing at mission-speed and across multiple domains, partners and classification levels.

The solution is a data-centric model which applies security controls directly to data itself. This isn’t hypothetical. The aforementioned study found that nine in ten have adopted or are in the process of implementing a data-centric security approach.

What does this look like in practice? It entails integrating three frameworks: Zero Trust Architecture (ZTA), Data Centric Security (DCS) and Cross Domain Solutions (CDS). Each framework brings a key strength: ZTA provides continuous verification (the need for which is never going away), DCS applies security controls to data so intelligence can move securely across networks despite any variation in classification or trust level and CDS facilitates secure data exchange without compromising speed.

Together, this integrated architecture shifts security from static perimeter enforcement to dynamic, policy-driven data mobility, laying the groundwork and equipping organizations with the foundational tools for navigating the digital battlespace.

When deployed in concert, these frameworks shorten decision cycles and accelerate information exchange without diluting governance controls.

Where transformation begins

Zero Trust is an essential principle in government and defense organizations, but it often falls short in sharing data at mission speed. In modern conflict, battles are increasingly fought through digital networks where data is the decisive asset.

Navigating the digital battlespace requires the seamless movement of secure information across domains, and a sole reliance on Zero Trust doesn’t help to hit that requirement.

By complementing Zero Trust principles with DCS and CDS, national security organizations can usher in a new era of data-centric security based on the agility that modern mission success demands.

Check our list of the best data recovery services.

The quantum clock is ticking faster than we think.

Artificial intelligence dominates headlines as the technology most likely to reshape society—and potentially destabilize it. But while policymakers and security teams debate AI ethics, a potentially more devastating force is advancing in relative silence: quantum computing.

Google's Willow chip, unveiled in late 2024, completed a benchmark calculation in under five minutes that would take the world's fastest supercomputer ten septillion years. The quantum era is no longer a decade away—it's arriving in stages, right now.

The concern isn’t hypothetical. The accelerating convergence of AI, cloud computing, and early-stage quantum capabilities is already reshaping the threat landscape in ways most organizations are unprepared for.

The result is a growing “quantum clock” hanging over corporate America, one that is ticking down faster than legacy security models can adapt. This means increasing pressure on organizations to implement quantum-safe measures now, not later.

Why quantum changes the security equation

At its core, the issue is encryption. Nearly all modern digital security—everything from financial transactions and healthcare records to government communications—relies on cryptographic methods that assume attackers are limited by classical computing power.

Quantum computers, once sufficiently mature, break that assumption entirely. Algorithms that would take today’s fastest supercomputers thousands of years to crack could, in theory, be solved in minutes.

What makes this especially urgent is that adversaries aren't waiting for quantum maturity. Nation-state actors are already executing "harvest now, decrypt later" campaigns—intercepting and stockpiling encrypted data today, banking on future quantum systems to crack it open.

Intelligence agencies have warned that sensitive data with a long shelf life—trade secrets, defense communications, patient records—may already be compromised, years before a quantum computer ever touches it.

A breached foundation meets a future threat

Today's digital infrastructure is already porous. Years of breaches, credential theft, and supply-chain compromises mean attackers routinely begin from a position inside the environment.

When quantum-enabled decryption becomes practical, it won't arrive in a vacuum—it will land in an ecosystem already riddled with hidden access paths and dormant footholds.

This risk is amplified by how modern computing actually works.

The digital fabric no one fully sees

Most organizations are no longer running a single generation of technology. Instead, they operate a complex mix of legacy systems, containerized applications, serverless functions, and increasingly, AI agents that move autonomously across environments.

These workloads span multiple cloud providers, on-premises infrastructure, and hundreds of SaaS platforms stitched together by APIs, identities, and network connections few organizations fully understand.

This interconnected cloud environment is a constantly shifting web of dependencies, permissions, and data flows.

Security failures rarely occur because one system is unprotected; they happen at the seams— Recent incidents illustrate this: a SaaS integration drift that silently exposed customer data across trust boundaries, or an automation platform vulnerability that gave attackers lateral movement through orchestration workflows.

These aren't hypothetical. They're the kinds of gaps adversaries exploit daily.

Regulators have taken notice. Frameworks like CISA's Zero Trust Maturity Model 2.0 now mandate runtime proof of zero trust enforcement, not just policy documentation.

The EU's DORA and NIS2 directives require segmentation and full-path encryption. These aren't aspirational targets—they're compliance deadlines that most multi-cloud environments aren't prepared to meet.

AI accelerates the attack surface

AI accelerates this fragility. Autonomous AI tools now traverse systems at machine speed, chaining together actions across databases, APIs, and services in seconds.

A compromised agent—whether through stolen credentials, manipulated prompts, or poisoned training data—can escalate privileges and exfiltrate data across cloud boundaries before a human analyst even triages the first alert.

This is where the industry’s traditional mental model breaks down.

The perimeter is gone, but security hasn’t caught up

For decades, cybersecurity has been organized around the idea of a perimeter: trusted systems on the inside, threats on the outside. But in cloud and multicloud environments, that boundary no longer exists.

Every workload is potentially exposed because the threats live within the network fabric between those workloads. Every connection is a potential attack path. Even the infrastructure designed to enforce boundaries—VPNs, gateways, edge devices—has increasingly become a primary target for exploitation.

In a post-perimeter world, slogans about “zero trust” are no longer enough. The concept must move from policy statements into enforceable architecture—applied not just at login, but continuously, at the workload level, across every environment.

From slogans to enforceable architecture

This shift requires two foundational changes.

First, organizations must gain real visibility into east-west traffic: the lateral movement between workloads that attackers use to escalate privileges and reach high-value assets.

Most security tooling still focuses on north-south traffic—what enters and exits the environment—while missing the internal pathways where breaches actually unfold.

Second, security intent must be expressed in terms that reflect how modern systems operate. Static controls built around IP addresses and fixed infrastructure fail in environments dominated by ephemeral workloads and dynamic scaling.

Instead, access decisions must be tied to workload identity, function, and behavior regardless of where that workload happens to run.

Taken together, these capabilities define what the industry is beginning to call a cloud-native security fabric: a unifying layer that provides continuous visibility into east-west traffic, enforces consistent policy across every cloud and data center, and constrains lateral movement—without requiring organizations to rip and replace their existing infrastructure.

When paired with zero-trust principles applied directly to workloads—not just users—this model offers a way to contain breaches even when attackers gain an initial foothold.

Preparing for quantum without waiting for it

None of this eliminates the quantum threat. But it changes the equation.

Quantum computing may eventually break today’s encryption. Complexity, however, is already breaking today’s defenses. Organizations that wait for quantum-safe cryptography standards while ignoring architectural weaknesses risk being compromised long before quantum computers reach maturity.

In August 2024, NIST finalized its first three post-quantum encryption standards—a landmark step. Organizations should absolutely begin planning their cryptographic migration. But adopting new algorithms alone is not enough. Complexity is already breaking today's defenses.

Organizations that pursue quantum-safe cryptography while ignoring the architectural weaknesses underneath it are reinforcing the walls of a building with a crumbling foundation.

The risk isn’t sudden—it’s cumulative

The real danger isn’t an overnight “quantum apocalypse.” It’s a slow-burn failure—where harvested data, unchecked lateral movement, and unmanaged AI systems converge into a security crisis that feels sudden only in hindsight.

The path forward starts now: audit your encryption posture, map the lateral pathways through your cloud environments, and begin migrating to quantum-safe standards.

But don't stop at cryptography.

The organizations that will weather the quantum transition are those building security into the network fabric itself—where trust is enforced continuously, at the workload level, across every environment.

Because while AI may change how we work, quantum computing could change whether our digital foundations can be trusted at all.

We've featured the best endpoint protection.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

AI has quickly become part of the justification for many large software acquisitions.

According to PwC, around a third of the biggest deals completed in 2025 cited AI as part of their strategic rationale.

That momentum has carried into 2026, with AI tools shaping not just valuations, but the logic behind why organizations pursue acquisitions in the first place.

What’s changed is not just why deals are done, but what happens next. Once a deal closes, AI ambitions can conflict with operational reality.

Commitments to AI-led growth are frequently made before organizations have a reliable view of how their combined systems, data, and contracts actually fit together.

Boards expect value to materialize quickly. IT & Engineering teams, meanwhile, are still discovering what they've inherited. That gap between expectation and visibility is where many AI-driven deals begin to struggle.

Why “efficiency” becomes harder to deliver after AI-driven acquisitions

One of the earliest tensions in AI-driven M&A centers on efficiency. For deal teams, efficiency typically means margin improvement and speed. For technology leaders, it means keeping critical platforms stable, secure, and compliant while absorbing new systems and workloads.

AI widens that gap because much of the required investment arrives early. Spend on cloud computing infrastructure, data pipelines, tooling, and specialist talent often ramps up before organizations have resolved software overlap or decided which platforms will survive the deal.

In practice, this means AI investment is layered onto technology estates that are still fragmented. Duplicated systems remain in place, overlapping licenses can’t yet be retired, and contractual constraints limit how quickly rationalization can happen. Teams are asked to accelerate delivery while carrying more complexity than before.

That lack of visibility has a direct financial impact. In the UK, nearly one in every five pounds spent on SaaS is lost to unused or duplicate licenses, money that organizations under post-deal pressure cannot afford to waste.

AI does not create these inefficiencies, but it amplifies them by increasing IT infrastructure demand and placing greater strain on already fragmented technology estates.

The sunk cost trap sets in early

As integration progresses, organizations often encounter one of the hardest dynamics to escape in post deal technology strategy: the sunk cost fallacy.

Once investment has been committed to AI tooling, data migration, or platform alignment, it becomes increasingly difficult to revisit early assumptions.

Even when capabilities prove less mature than expected, data environments are more fragmented, or operating costs are materially higher than forecast, momentum tends to win out.

These outcomes are sometimes attributed to insufficient due diligence. In reality, no diligence process can fully surface the quality of data, the true cost of AI workloads at scale, or the operational dependencies that emerge after systems are combined.

Traditional integration challenges can take years to resolve. AI compresses this timeline. Misalignment often becoming visible much sooner, alongside the associated cost and risk.

If early signals are ignored, organizations can find themselves locked into decisions that are costly to unwind, with each passing quarter making it harder to change direction.

Clarity creates optionality

The organizations that deliver long-term form AI-driven acquisitions tend to slow down at the right moments. Rather than pushing ahead with integration before the basics are understood, the establish early clarity across their software, SaaS and cloud estates.

That clarity comes from knowing what software is actually being used, where licenses overlap, how SaaS and cloud commitments are structured, and how AI workloads will drive consumption over time.

Without it, AI investment is layered onto inefficiency, amplifying waste, rather than eliminating it.

For boards and executives, clarity creates leverage. A clear view of usage, entitlements, and contractual obligations allows leaders to challenge assumptions, prioritize rationalization, and pace investments before spend becomes locked in.

Deals deliver value when organizations remain willing to adapt as new information emerges. That includes revisiting integration plans, adjusting timelines, and setting realistic expectations for what AI can deliver in the near term.

AI shortens the distance between decision and consequence

AI does not change the fundamentals of software integration, but it accelerates the consequences of getting those fundamentals wrong. Spend accumulates faster, complexity compounds earlier, and the window to course correct narrows.

In that environment, the ability to see clearly, respond early, and continuously optimize becomes a defining factor in whether an acquisition delivers durable value or locks in long-term cost and risk.

Check out our list of the best data visualization tools.

The current state of 5G sits at an inflection point. As 5G standalone networks continue to grow in number, network slicing capabilities are becoming more of a reality.

The enterprise needs to take advantage of these capabilities such as predictable and reliable transport for business-critical applications, as well as the ability to support differentiated services over a single 5G connection

If enterprises can harness this power of network slicing, they’ll be able to improve business operations — with always-on critical business functions — in addition to maximizing their investments in 5G.

The answer to fully harnessing all that network slicing has to offer lies in a strategic combination of UE Route Selection Policy (URSP) and SD-WAN solutions.

The current state of network slicing

The attraction of network slicing lies in the promise of a dedicated service level agreement (SLA) for WAN networking — without a physical wire. 5G standalone networks have been a recent development, making network slicing a relatively new technology. The last WAN transport technology that was backed by an SLA was MPLS.

Recently, major carriers have begun to present a few network slicing options, which indicates immediate growth in network slicing possibilities for the near future. This will be important for multiple industries, such as public safety and retail.

In fact, currently, public safety agencies can take advantage of dedicated 5G network slices to ensure they have dedicated resources for public safety connectivity even in emergency situations when the cellular network is congested.

In industries such as retail, network slice service offerings will be important to provide dedicated resources for point-of-sale systems.

While these offerings represent exciting opportunities for enterprises, they only represent a small portion of the destination to which network slicing is heading.

The future of network slicing

Current network slicing offerings, like the ones discussed above, are single-slice offerings. This is the equivalent of purchasing a single connection for a dedicated function. This future is one of multi-slice offerings that create more than one dedicated network for critical functions within an enterprise.

For example, a hospital could use network slicing to create a slice specifically for telemedicine consultations, ensuring low latency and high bandwidth for real-time video communication between doctors and patients.

Another slice could be dedicated to critical medical devices such as remote patient monitoring systems, guaranteeing high reliability and security.

The multi-slice future of network slicing will provide enterprises a more definitive vision for how they will support further investment in AI-led innovation, 5G technology, and expanded cloud infrastructure. To capitalize on this future, however, they need the right technology that can maximize the future of network slicing.

The correlation between URPS, SD-WAN, and the future of network slicing

The implementation of multiple network slices on a single SIM card can only work if the intended applications are steered to the correct slices. It’s like taking a road trip of sorts. The only way to take the quicker route effectively is if the vehicles actually end up on that route.

For mobile phones, URSP has been the industry standard for sending the right traffic on the right network slice to the right applications in the cloud or data center. Let's say, for example, a consumer is looking for directions on a navigation app.

URSP helps the proper navigation data travel on the best path to the device so the user knows how to get to their destination.

In addition to traffic steering, URSP has the foundational technology to dynamically provision network slices on an enterprise’s modem. With each of these advantages, the question becomes, if URSP has the fundamental technology to direct data and provision network slices, where is the need for SD-WAN?

While URSP has great traffic navigation abilities for applications that reside on mobile phones, it has shortcomings when it comes to implementations on enterprise routers.

Today’s enterprises can use as many as thousands of applications and will therefore need technology that can recognize applications on a large scale and sufficiently direct traffic in a multi-slice environment.

SD-WAN (or software-defined wide area network) network technology has long been the industry standard in recognizing application traffic and transporting it across multiple WAN links.

As the enterprise steps into the world of multi-network slices, it will need SD-WAN technology that can act as the proverbial dispatcher, recognizing the application and sending it across the correct slice.

With this in mind, the foundation for a multi-slice future will not be either URPS or SD-WAN. The goal of enterprises should be to find solutions that can support both URPS and SD-WAN technology, creating a path for the most efficient use of a multi-slice framework.

Preparing for what’s next in 5G

Although network carriers have started rolling out network slicing solutions, multiple carriers have been hindered by the inability to acquire more mid-band spectrum (where 5G SA networks live). The acquisition of more 5G SA networks will translate to increased network slicing services in the future.

This wait in mid-bad acquisition was tied directly to the Federal Communications Commission’s inability to auction off this spectrum. However, due to the passing of the Trump Administration’s “Big Beautiful Bill” that the FCC has retained auctioning authority.

This should set the stage for more spectrum acquisitions, but any multi-slicing capabilities will remain in early stages in the near future.

As more spectrum is acquired and 5G standalone networks begin to roll out, enterprises have time to decide how to prepare for the network slicing future. They have the opportunity to properly analyze URPS and SD-WAN solutions that can create the best possible foundation for multiple network slices.

In turn, they will create a foundation for a robust and resilient network that can handle the enterprises’ growing dependence on large-scale AI and cloud computing technologies.

We've featured the best business smartphone.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Digital Sovereignty has moved from a niche regulatory conversation to a strategic conversation for technology leaders and business executives.

Yet amidst boardroom discussions, media hype, and emerging regulation, a tangle of misconceptions has formed of what digital sovereignty is, what makes a true sovereign cloud and what it means for organizations of all sizes.

Far from being a theoretical construct or a compliance checkbox, sovereign cloud touches the core of how companies will secure, operate and govern their IT infrastructure in the decade ahead

Here are five persistent myths that are clouding judgement and why dispelling them is essential for any business aiming to compete and innovate responsibly.

Myth 1: Sovereign cloud is only about where data is stored

Sovereign cloud is often reduced to data residency, but digital sovereignty goes far beyond where data sits. True sovereignty applies to the entire digital estate, including the workloads, applications and platforms that process that data.

What matters is not just location, but who controls the infrastructure, who operates it, and which legal frameworks govern the systems in use. Simply hosting data in a particular geography does not guarantee sovereignty if control sits elsewhere.

In practice, digital sovereignty requires operational control across data, workloads and applications, from access and administration to monitoring and recovery.

For organizations operating across borders or handling sensitive data, failing to distinguish between data sovereignty and digital sovereignty can create hidden operational and legal risk.

Myth 2: Sovereign cloud is only relevant for governments or large enterprises

It’s tempting to see sovereign infrastructure as a “big business problem”, but that’s no longer true. Small and medium-sized enterprises increasingly face expectations from partners, customers, and regulators to demonstrate robust control over their digital assets.

Understanding where data resides, who can access it, and under which jurisdictions it lives isn’t an abstract compliance exercise. When SMEs can articulate this clearly, it smooths audits, client evaluations, insurance reviews, and commercial negotiations.

Sovereign thinking can help businesses reduce legal risk and unlock opportunities with more regulated customers, precisely because it brings clarity around control and accountability.

Myth 3: Adopting sovereign cloud means sacrificing performance or innovation and paying a premium

Some leaders worry that moving to sovereign cloud environments means giving up the agility and scale of public cloud platforms, or accepting significantly higher costs. In reality, sovereign infrastructure, performance and cost efficiency aren’t opposing forces.

Successful sovereign adoption involves leveraging hybrid architectures: combining local, compliant environments for sensitive workloads with broader cloud ecosystems for compute elasticity and AI experimentation.

This avoids the need for duplicated platforms, retrofitted controls or complex contractual workarounds that often drive cost elsewhere.

When sovereignty is built into infrastructure design from the outset, organizations can preserve innovation velocity, predictable performance and commercial efficiency, without treating compliance and control as an expensive afterthought.

Myth 4: Digital sovereignty is only about regulation

Regulation is an important driver of sovereign cloud adoption, but it is not the full picture. Digital sovereignty is just as much about operational resilience as it is about legal compliance.

When workloads, applications and management systems are tightly coupled to global platforms, local services can become exposed to failures originating far beyond their borders. Recent large-scale cloud outages have shown how issues in one geography can cascade across regions, even when data itself is hosted locally.

Digital sovereignty challenges this dependency. It focuses on architectural independence, ensuring that critical workloads, operations and recovery processes can function within defined jurisdictions, with local control and accountability.

The result is reduced systemic risk, improved uptime and greater resilience when conditions are least predictable.

Myth 5: Digital sovereignty only matters once the law says it must

There is currently no single law in the UK that explicitly mandates digital sovereignty. Many organizations therefore treat it as something to address only once clearer rules appear.

But UK policy is moving steadily in one direction. Proposed measures such as the Cyber Security and Resilience Bill, alongside growing focus on security, resilience and compliance across regulated sectors, point to tougher expectations around how digital systems are designed and operated.

Adopting digital sovereignty principles early, including operational control, workload isolation and continuous compliance, allows organizations to meet these evolving requirements without waiting for prescriptive mandates.

Rather than reacting to each new rule, sovereignty-aware architectures provide a resilient foundation that can adapt as obligations increase.

For organizations running critical or sensitive workloads, digital sovereignty is less about a single legal trigger and more about staying secure, compliant and resilient as regulatory pressure continues to rise.

Why sovereign cloud now matters to every business

Sovereign cloud isn’t an optional add-on or a checkbox on a compliance roadmap.

It is a shift in how organizations think about control, accountability and long-term resilience. In a world where geopolitical, legal and technological pressures intersect, the assumptions that once sufficed for digital infrastructure — “my data is safe because it’s in the cloud” — are no longer enough.

For business leaders, understanding and engaging with sovereign cloud thinking today means reducing risk, accelerating secure innovation and strengthening trust with stakeholders.

Sovereign cloud isn’t a future possibility, for many organizations, it’s already part of the competitive landscape.

We've featured the best cloud computing provider.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

For the past century, facial recognition technology (FRT) has existed largely in the realm of science fiction. From dystopian literature and film to speculative headlines and industry conjecture, FRT has long been portrayed as futuristic, invasive or experimental.

Yet behind the scenes, facial recognition has been quietly maturing, particularly over the past two decades.

In 2026, that maturation looks like it will reach a tipping point: FRT will no longer be perceived as cutting-edge or novel, but as a dependable, everyday enterprise technology.

This shift matters more than it might first appear. We talk about technologies becoming “boring”; it’s an important step, meaning the tech stops being treated as experimental, the hype starts to quieten down, and instead the actual solutions start to be relied upon as business-critical infrastructure.

Cloud computing followed this path. So did multi-factor authentication. AI is fast getting there. And facial recognition is now on the same trajectory.

The market signals are clear. For instance, the global facial recognition market size was valued at as estimated $8.83 billion in 2025, and this figure is projected to grow from $10.13 billion in 2026 to $30.52 billion by 2034 – a CAGR of 14.80% over the next eight years.

But a growth in investment and market value does not equal maturity. What marks 2026 as pivotal is how organizations are beginning to embed facial recognition into routine operations, not necessarily as a headline innovation but as a supporting layer that improves efficiency, security and decision-making.

FRT moves from pilot to production

Across sectors, FRT is moving out of pilot programs and into production environments. In border control, transport and travel, biometric identity checks are becoming a standard part of passenger flow management, helping organizations reduce friction while maintaining security.

In financial services, facial recognition is increasingly used to strengthen identity verification, protect against fraud and support remote onboarding, particularly as digital-only interactions become the norm.

In workplaces, healthcare environments and secure commercial premises, facial recognition is being deployed to manage access control and ensure that only authorized individuals enter sensitive areas.

What these use cases have in common is not novelty, but necessity. As organizations scale, operate across distributed environments and face increasingly sophisticated security threats, traditional methods of identity assurance are showing their limits.

Passwords can be stolen. Cards can be shared. Manual checks do not scale. Facial recognition, when implemented correctly, offers a friction-light alternative that fits modern operational realities.

However, becoming “boring” does not mean becoming invisible or unaccountable. On the contrary, as facial recognition becomes foundational, expectations around reliability, accuracy and governance rise sharply.

Businesses adopting FRT in 2026 will no longer be able to treat it as a specialist tool managed in isolation by IT teams. It will sit alongside core systems, subject to the same scrutiny as any other business-critical technology.

Expect scrutiny – embrace it

Scrutiny is a key word here. And this is where recent public debate offers important lessons.

The UK police have been using FRT with greater frequency. For instance, the Met Police announced in January that more than 100 wanted criminals were arrested by the Metropolitan Police within the first three months of a pioneering Live Facial Recognition (LFR) pilot in Croydon.

Meanwhile, Home Secretary Shabana Mahmood promptly followed the news by saying they the government would be going ahead with plans to expand facial recognition.

Yet this story came as campaigners have been appearing in the High Court, saying that the technology is expanding without adequate safeguards.

The debate in the policing sector mirrors broader concerns around privacy, bias and accuracy. They are not necessarily obstacles to adoption for businesses across other sectors, but they are certainly signals of where the FRT industry must continue to improve.

Facial data is inherently sensitive, and its use demands higher standards of protection and transparency. For business leaders, this means moving beyond a narrow focus on technical performance and considering the broader implications of deployment.

Accuracy, for example, is not a static metric. Performance can vary depending on lighting, camera quality, demographic diversity and operational context.

Organizations must understand that responsible deployment requires ongoing testing and monitoring, not one-off validation. Similarly, privacy cannot be bolted on after implementation. Principles such as data minimization, clear purpose limitation and secure storage need to be built into systems from the outset.

Trust must still be earned

Trust is another critical factor as facial recognition becomes mainstream. In enterprise environments, trust extends beyond end users to employees, partners, regulators and investors.

Businesses need to be able to explain why facial recognition is being used, what safeguards are in place, and how risks are managed. Transparency and accountability will increasingly differentiate responsible adopters from those who treat FRT as a black-box solution.

There is also a strategic dimension to this transition. As facial recognition becomes part of everyday operations, it shifts from being a purely technical decision to a business one.

Boards and senior leaders must understand how biometric technologies fit within their organization's risk framework, data governance strategy and long-term digital roadmap. In this sense, the “boring” phase of facial recognition is also the most demanding.

In 2026, the organizations that succeed with facial recognition will be those that treat it with the same discipline applied to other mature technologies.

They will select solutions based not only on capability, but on compliance, resilience and ethical design. They will involve legal, security and data protection teams early, rather than as an afterthought. And they will recognize that earning trust is an ongoing process, not a one-time achievement.

Facial recognition is no longer science fiction, and it is no longer experimental. Its transition into everyday business technology is well underway. So, the challenge is not simply whether it works, but how responsibly it is used.

If organizations get that right, facial recognition will fade into the background of daily operations – not because it is insignificant, but because it is reliable, well-governed and fit for purpose. And that, ultimately, is what technological maturity looks like.

We've featured the best privacy app for Android.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

As enterprises integrate AI agents into their workflows, a silent shift is taking place.

Security controls built on static access policies designed for predictable behavior are colliding with systems that reason instead of simply executing. AI agents, driven by outcomes rather than rules, are breaking the traditional identity and access management model.

Consider a retail company that deploys an AI sales assistant to analyze customer behavior and improve retention. The assistant doesn’t have access to personally identifiable information, it’s restricted by design.

Yet when asked to “find customers most likely to cancel premium subscriptions,” it correlates activity logs, support tickets, and purchase histories across multiple systems. This generates a list of specific users inferred through behavior patterns, spending habits, and churn probability.

No names or credit cards were exposed, but the agent effectively re-identified individuals through inference, reconstructing sensitive insights that the system was never meant to access and potentially exposing personal identifiable information (PII).

While it didn’t break access controls, it reasoned its way around systems to access information that it was not originally scoped to access.

When Context Becomes the Exploit

Unlike traditional software workflows, AI agents don’t follow deterministic logic; they act on intent. When an AI system’s goal is “maximize retention” or “reduce latency,” it makes autonomous decisions about what data or actions it needs to achieve that outcome. Each decision might be legitimate in isolation, but together, they can expose information far beyond the agent’s intended scope.

This is where context becomes an exploit surface. Traditional models focus on who can access what, assuming static boundaries. But in agentic systems, what matters is why the action occurs and how context changes as one agent invokes another. When intent flows across layers, each reinterpreting the goal, the original user context is lost and privilege boundaries blur.

The result isn’t a conventional breach; it’s a form of contextual privilege escalation where meaning, not access, becomes the attack vector.

Shortcomings of Deterministic Controls

Most organizations are learning that traditional RBAC (Role-Based Access Control) and ABAC (Attribute-Based Access Control) models can’t keep up with dynamic reasoning. In classical applications, you can trace every decision back to a code path. In AI agents, logic is emergent and adaptive. The same prompt can trigger different actions depending on environment, prior interactions, or perceived goals.

For example, a development agent trained to optimize cloud computing costs might start deleting logs used for audit purposes or backups. From a compliance perspective, that’s catastrophic, but from the agent’s reasoning, it’s efficient. The security model assumes determinism; the agent assumes autonomy.

This mismatch exposes a flaw in how we model permissions. RBAC and ABAC answer “Should user X access resource Y?” In an agentic ecosystem, the question becomes “Should agent X be able to access more than resource Y, and why would it need that additional access?” That’s not an access problem; it’s a reasoning problem.

The Rise of Contextual Drift

In distributed, multi-agent architectures, permissions evolve through interaction. Agents chain tasks, share outputs, and make assumptions based on others’ results. Over time, those assumptions accumulate, forming contextual drift, a gradual deviation from the agent’s original intent and authorized scope.

Imagine a marketing analytics agent summarizing user behavior, feeding its output to a financial forecasting agent, which uses it to predict regional revenue. Each agent only sees part of the process. But together, they’ve built a complete, unintended picture of customer financial data.

Every step followed policy. The aggregate effect broke it.

Contextual drift is the modern equivalent of configuration drift in DevOps, except here, it’s happening at the cognitive layer. The security system sees compliance; the agent network sees opportunity.

Governing Intent, Not Just Access

To address this new class of risk, organizations must shift from governing access to governing intent. A security framework for agentic systems should include:

Intent Binding: Every action must carry the originating user’s context, identity, purpose, and policy scope throughout the chain of execution.

Dynamic Authorization: Move beyond static entitlements. Decisions must adapt to context, sensitivity, and behavior at runtime.

Provenance Tracking: Keep a verifiable record of who initiated an action, which agents participated, and what data was touched.

Human-in-the-Loop Oversight: For high-risk actions, require verification, especially when agents act on behalf of users or systems.

Contextual Auditing: Replace flat logs with intent graphs that visualize how queries evolve into actions across agents.

Why Permissions Alone Are Flawed

Static permissions assume identity and intent remain constant. But agents operate in fluid, evolving contexts. They can spawn sub-agents, generate new workflows, or retrain on intermediate data, actions that continually redefine “access.”

By the time an identity system detects a security incident, a violation or breach has already occurred without a single permission being broken. That’s why visibility and attribution must come first. Before enforcing policy, you must map the agent graph: what exists, what’s connected, and who owns what.

Ironically, the same AI principles that challenge our controls can help restore them. Adaptive, policy-aware models can distinguish legitimate reasoning from suspicious inference. They can detect when an agent’s intent shifts or when contextual drift signals rising risk.

I tried 70+ best AI tools.

Sovereign cloud has become one of the most heavily used terms in enterprise technology.

Almost every major provider has gone to great lengths to market their version of it, promising that data is ‘residing locally’ or ‘ringfenced in Europe’, but the key question remains: what does true cloud sovereignty actually mean?

For governments, regulators and businesses handling sensitive workloads, distinguishing between what’s marketed as sovereign and what is sovereign in reality is vital.

The dominance of US hyperscalers in Europe makes this challenge even more pressing. Amazon Web Services, Microsoft Azure and Google Cloud together control more than two-thirds of the region’s cloud computing market, raising concerns about jurisdictional control and limits of so-called European cloud offerings.

As demand for sovereignty and resilience grows, the question is how Europe can build a more balanced and independent cloud ecosystem.

Defining true sovereignty

Sovereign cloud is not only a question of where data physically resides, but also of who has legal authority over it and the dependencies associated with it, including technology, supply chains and vendor lock-in, which may either enable or constrain freedom of action as sovereignty is understood.

Data residency answers the ‘where’ question, sovereignty addresses the ‘who’ and “up to which point”. This distinction is crucial when considering the different aspects of sovereignty. Take the question of legal authority for instance, in light of legislation such as the US CLOUD Act and Section 702 of the Foreign Intelligence Surveillance Act (FISA).

Both pieces of legislation permit US courts and agencies to require US-headquartered firms to provide access to data related to investigations via warrants or other processes, even when hosted abroad.

In practice, this means that a European bank, healthcare provider or government department relying on an American cloud operator may not easily determine whether the data of some of its European customers has been provided to US law enforcement or intelligence agencies, even if the data resided outside the US.

For organizations entrusted with sensitive information, that exposure is not theoretical. It is a live compliance and trust issue.

True sovereignty therefore requires more than local hosting. It demands that both the infrastructure and the jurisdiction are aligned with the customer’s own legal environment.

It also requires interoperability and portability across cloud environments, allowing organizations to choose where and how workloads run without being locked into a single provider.

It also requires transparency on the underlying technology and supply chain, as well as the ability to risk manage and make choices that reduce dependencies or concentration.

The lingering questions

This is why there are still many questions surrounding the sovereign offerings from global hyperscalers. Providers have all launched initiatives that stress enhanced European control or partnerships with local entities.

Yet because the parent companies remain subject to US law, customers remain concerned that there is a jurisdictional gap. Put simply, a sovereign wrapper around non-sovereign foundations does not fully resolve the issue in every case.

Customers may achieve greater assurances about data location or operational independence, but unless the operating entity is legally insulated from foreign jurisdiction and enables customers to make choices, the claim of sovereignty remains partial.

For critical workloads, such as those in public sector, regulated industries and AI applications, relying on US-controlled clouds introduces operational and compliance risk that cannot be fully mitigated by local hosting alone.

Why it matters now

The speed of market growth makes clarity urgent. The global sovereign cloud market size is projected to grow from USD 154.69 billion in 2025 to USD 823.91 billion by 2032. Europe alone accounted for around 37% of the global market in 2024.

This growth reflects rising demand for secure, trusted environments, particularly in Europe, where regulatory frameworks such as DORA, the GDPR and Data Act emphasize local control, risk management, supply chain transparency and concentration risk.

The European Union, for instance, has made digital sovereignty a strategic priority, while countries like Germany and the UK are exploring frameworks to ensure their critical data assets cannot be subject to overseas legal claims. The direction of travel is clear, sovereignty must be defined and enforced, not assumed.

Clear standards and stronger ecosystems

What’s missing today is a consistent framework defining what constitutes a sovereign cloud.

EU Member States have created cloud certification schemes like C5 in Germany and SecNumCloud in France that contain sovereignty criteria. DGIT, the European Commission IT service, has made a notable attempt in the context of procurement to define sovereignty in the form of a scale of requirements.

All these attempts, while welcome, demonstrate the fragmentation of the EU market. Customers are often left to navigate competing claims and complex technical language without clear standards for comparison.

A truly sovereign cloud should guarantee that data is controlled, accessed and governed exclusively within the jurisdiction of the customer.

Achieving this does not mean retreating from global innovation. It requires enabling local providers to deliver services that meet sovereignty criteria without compromise. European cloud service providers such as Redcentric and ANS are well positioned to fulfil this role.

By operating under local legal and compliance frameworks and investing locally, they can give organizations genuine control over their data. In many cases, this control is best realized through private cloud environments, where infrastructure, governance and operational authority can be aligned directly to sovereignty requirements.

Technology vendors have a role to play in supporting this ecosystem. By providing the platforms, infrastructure software, and interoperability frameworks, they can empower local providers without becoming operators themselves.

This distinction matters. It avoids entanglement with foreign jurisdictions while fostering an environment where sovereignty is embedded by design rather than bolted on afterwards.

A sovereign-by-design future

As the market evolves, the focus shifts from whether sovereign cloud exists to whether it truly meets customers’ needs. Local hosting and compliance claims must be tested against jurisdictional control. Cloud services must be designed for sovereignty from the ground up, with governance structures aligned to the data they protect.

In the end, the debate over sovereign cloud is about more than technology. It reflects broader questions of trust, independence, skill development, economic growth, resilience and control in the digital economy. For businesses and governments alike, cutting through the hype will be essential to ensure sovereignty is real, not rhetorical.

We've featured the best identity theft protection.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Agentic AI is the latest buzz in boardrooms. Unlike generative AI tools, agentic AI act as autonomous agents that can reason, make decisions, and act across workflows to achieve goals. Done right, they promise to reduce manual work and unlock new levels of productivity.

But many early adopters of AI tools are struggling. Pilot projects stumble, costs escalate, and results fail to match expectations. The problem isn’t that agentic AI is overhyped, it is that businesses are moving too fast without the strategy, infrastructure, and data foundations required to make them work as intended.

And this isn’t surprising when you consider that 80% to 90% of all enterprise data is unstructured -- based on multiple analyst reports in recent years.

As someone who has built platforms through multiple waves of ‘intelligent automation,’ I’ve seen firsthand the same repeated patterns: technology alone doesn’t transform organizations -- alignment, governance, and cultural readiness do. The real breakthrough comes when innovation is grounded in trust and connected to business outcomes.

Where conventional AI might sort invoices, an agentic AI could approve payments, flag anomalies, and update compliance systems. That leap demands a contextual understanding of how data, processes, and rules fit together.

Too many organizations are treating agentic AI as bolt-on upgrade, as if they’re simply more advanced chatbots. The reality is more complex: agentic AI needs to be woven into the enterprise fabric, connected to the right data and workflows, and supported by governance. Without that foundation, autonomy quickly becomes chaos.

Infrastructure first

One of the biggest stumbling blocks is infrastructure. Many enterprises still run on siloed content repositories, legacy systems, and fragmented integrations. In these environments, agentic AI can’t access the full unstructured data they need to perform at their best.

In government, for example, content and processes are spread across different agencies, often using decades-old applications. Asking an AI agent to make decisions without integrating those systems is like asking it to assemble a puzzle with half the pieces missing.

Preparing for agentic AI requires investing in cloud-native foundations and interoperable content platforms that unify information and enable seamless connections across applications. Without this groundwork, agentic AI risk acting on partial or outdated information, and making flawed decisions as a result.

Bad data kills autonomy

Even with the right systems in place, poor data quality is a critical flaw. Agentic AI thrives on complete, accurate, and governed information. If datasets are inconsistent or scattered, agentic AI can’t make sound decisions.

Healthcare illustrates this challenge clearly. An agent supporting clinicians must pull from medical histories, lab results, and imaging data in real time. If one piece is missing or misaligned, the recommendations these agentic technologies produce could be flawed.

The lesson for early adopters is clear: start with a data audit and gain a firm understanding of where your unstructured data is. Know what you have, where it lives, and how it’s governed before handing decision-making power to AI.

Getting governance right

Another misconception is that agentic AI removes people from the loop. In reality, the most effective early use cases blend autonomy with oversight.

Take financial services. Agentic AI may verify documents and draft compliance reports, but humans still make the final call on high-risk cases, or how to proceed when a document is flagged by an agent. This balance accelerates workflows without eroding trust and accountability.

Strong governance must be embedded from the outset, covering regulation, ethics, and operational control. Without it, these agents risk amplifying bias, undermining trust, and exposing organizations to compliance failures.

Lessons from early adopters

The experiences of early adopters reveal three clear lessons.

The first, projects work best when they begin with a clear business outcome, not a fascination with the technology or jumping on a trend. Organizations that take time to define the processes they want to improve and the results they need to achieve are the ones seeing value.

Second, they invest early in the groundwork. Modern infrastructure and clean data may not grab headlines, but they are essential to making the headline-grabbing innovations possible.

And finally, they treat autonomy as something to scale gradually. The most effective implementations begin with human-in-the-loop models and only expand to greater autonomy once confidence and maturity grow. This approach builds trust in the technology while maintaining accountability.

These early lessons are already shaping a picture of maturity.

The shape of maturity

As agentic AI matures, it will move beyond isolated experiments and towards interconnected systems. The real breakthrough will come from agentic AI networks coordinating across workflows.

In a hospital, for example, one agent might surface patient histories, another manages scheduling, and a third flag billing issues; all contributing to a shared context that supports clinicians.

Proof-points will become a non-negotiable. Businesses will expect agents to show their work, like the data they used, the reasoning they followed, and the compliance checks they applied. Without this transparency, agentic AI won’t be trusted to handle sensitive or high-value work.

And the technology landscape itself will have to open up. Organizations will want the flexibility to integrate agentic AI powered by different models, switch providers as needs evolve, and scale across hybrid or multi-cloud environments. Flexibility and interoperability will be essential to protect long-term investments.

Beyond the hype

Far from failing, agentic AI is in its adolescence. Just as cloud computing went through a difficult transition phase before proving indispensable, agents too will require a period of adjustment.

The organizations that succeed will be those that prepare best, not adopt the fastest. By aligning strategy, modernizing infrastructure, cleaning data, and embedding governance, enterprises can move from experimentation to transformation.

With the right foundations, agentic AI can do far more than just automate tasks. It will enable genuinely intelligent systems that reshape how work gets done – and that could be the most significant shift in enterprise technology for a generation.

We've featured the best AI website builder.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Cloud computing remains an increasingly important part of business and personal internet use - and with the rise of AI and the increasing need for huge amounts of data, cloud storage is in demand now more than ever.

There will be shifts in trends, as there always are, which will bring both complications and opportunities. For 2026, there are already huge investments lined up into hyperscaler capacity, with over $1 trillion promised into data centre construction by 2030 - but there is equally a push towards data sovereignty and geopatriation.

AI is undoubtedly changing the cloud landscape, with vast amounts of data and compute needed to train and run Large Language Models (LLMs). Bigger, non-proprietary, and all purpose models are less secure and less reliable for enterprises on the whole, so smaller, often locally stored models are becoming more popular - which means on-prem storage and compute will become once again more significant.

We spoke to a few cloud storage experts to find out what their predictions are for the cloud storage space going into 2026, and these are our top picks.

Sovereign cloud solutions

An overwhelming response from experts was in regards to the importance of cloud sovereignty. One of the biggest lessons from 2025 has been how the convenience and scalability of hyper-scalers, does not always necessarily outweigh the risks of security and outages.

“Demand for sovereign cloud solutions will rise, along with greater reliance on regional providers and renewed interest in on-premises or air-gapped data centers,” predicts Chintan Patel, Cisco EMEA CTO.

“A full overhaul of global infrastructure is unlikely, but selective migrations and diversified cloud strategies will become the norm, creating demand for local talent and skills.

Downtime caused historic issues in 2025, with the AWS incident in particular outlining the dramatic losses that come with giving up control of your information infrastructure. We’ve already seen a stagnation in the adoption of non-sovereign cloud storage, and the experts we’ve heard from seem to predict this will continue.

“Make no mistake: this is a paradigm shift," explains Emma Dennard, Vice President, Northern Europe at OVHcloud

“Organizations are realising that not having sovereign cloud - for certain workloads and applications – is an operational risk. As a result, more organizations are building cloud-native, portable systems by default. This means that moving apps between clouds is easier than ever, risks can be mitigated and costs can be optimized.”

Hyper-scaler hype cycle

It’s difficult to discuss predictions for cloud computing without mentioning AI. Cloud and AI are intertwined, and the dramatic increase in demand for cloud services is directly linked to the enormous amount of data and compute needed to run Large Language Models that have soared in popularity.

Most experts can recognize that AI (particularly Gen AI) is at the peak of the hype cycle right now, and that this level of general use and discourse is unlikely to continue long term.

But, that doesn't mean the technology won't continue on, explains CEO of Pulsant, Rob Coupland;

"As the hype settles, businesses are starting to evaluate real-world AI uses and determine what digital infrastructure is truly needed to support their AI goals. This also brings inference AI and sovereign AI into the picture, further complicating the landscape, with Edge computing emerging as a key beneficiary."

"Although hyperscale demand will no doubt continue, demand for specialised, inference-optimized storage platforms will become more significant."

The AI Bubble

There have been talks of an AI bubble for months, with experts warning of a ‘sharp market correction’ when this bursts. Considering a huge portion of the market, and indeed of the US economic growth can be attributed to artificial intelligence, the concerns that arise from the possibility of the bubble bursting are significant.

But, the financial concerns are not the only consideration. AI consumes huge amounts of power, and with energy sources across the globe already struggling to meet rising demand, this poses serious dangers for 2026 and beyond.

“Investment has poured into new data center developments to power global AI ambitions, but the energy systems required to support them are on their knees,” says Taco Engelaar, SVP and Managing Director of Neara.

“To increase capacity for new data centers, policymakers are proposing extensive grid expansion; but if history is anything to go by, public opposition could stop it in its tracks.”

Looking forward

There are lots of interesting predictions to take away for 2026, some positive, some a little more skeptical. What's certain is that cloud computing will be an integral part of enterprise moving forward, whether in a global or local capacity.

Increased demands for data and power brought about by AI are likely to strain public services and energy grids, with global outages and security incidents driving organizations towards local infrastructure with more transparency, controls, and stricter compliance.

• Nvidia has provided native GeForce Now support for Linux PCs and Fire TVs
• This comes amid the crisis causing high prices for GPUs and RAM kits
• It's another case of Nvidia further supporting Linux and ultimately Valve's SteamOS

CES 2026 is here, and while Nvidia hasn't made any new GPU announcements (as very much expected due to the ongoing RAM crisis), it has introduced new DLSS 4.5 upscaling technology for RTX GPU owners, and another big update for ideal for gamers without PCs.

Both Linux PCs and Amazon Fire TV sticks now have native Nvidia GeForce Now (GFN) support, allowing more gamers without gaming PCs (or with lesser-powered rigs) to dive in and enjoy RTX 4080 and RTX 5080-level frame rates (in select titles) when using the Ultimate membership, as announced at CES 2026.

This comes months after Nvidia delivered native support for GeForce Now on Valve's Steam Deck last year, providing an easier way for SteamOS handhelds to dive into GFN gaming without any convoluted setup. As of now, this has expanded to all Linux systems, which will help significantly for non-Steam Deck handhelds, and Linux laptops or desktop PCs.

What's arguably more important, though, is the native support for Fire TV sticks. This could prove a great alternative for accessing GFN and the world of PC gaming, especially given that the PC hardware market is in such a tough spot of late. You can't have failed to notice the skyrocketing prices of RAM and also storage to an extent.

I was never a big fan of the idea of cloud gaming until I used GFN in late 2025 when the RTX 5080 was officially added to the Ultimate tier of Nvidia's streaming service. To put it simply, I was surprised at how well GFN worked on my Lenovo Legion Go S handheld, with a commendably low latency and great image quality.

With native support for Amazon Fire TV sticks, this is now one of the cheapest ways to game via GFN in a no-hassle fashion. Of course, your gaming experience will still depend on the strength of your internet connection, which will need to be fast enough to ensure stable and smooth frame rates.

Analysis: Linux getting more attention from Nvidia is great news

With the Steam Machine theoretically on track for a potential launch early this year, GFN native support for Linux comes at the perfect time. It gives buyers of Valve's mini PC another option in terms of extra horsepower for games (internet connection dependent, of course).

Furthermore, Nvidia's recent focus on GFN support for SteamOS and Linux in general is hopefully a good indication of what's to come.

One of the biggest hopes for the Steam Machine is that it encourages developers and publishers to provide better support for SteamOS. This would include better anti-cheat support for more games, and also better driver support from Nvidia (particularly with DX12 games), and more native applications like Discord that can function fully in game mode.

It's a step in the right direction, and definite praise goes to Nvidia on this occasion – long may that continue.

TechRadar will be extensively covering this year's CES, and will bring you all of the big announcements as they happen. Head over to our CES 2026 live news page for the latest stories and our hands-on verdicts on everything we've seen.

You can also ask us a question about the show in our CES 2026 live Q&A and we’ll do our best to answer it.

And don’t forget to follow us on TikTok for the latest from the CES show floor!

As organizations digitally transform and as cloud computing takes hold, everyday processes and services are becoming digitalized. The volume of data generated, shared and stored is surging – not just domestically but also across regions and borders.

As a result, data sovereignty, the concept that data is subject to the laws and governance structures of the country where it is collected or stored, is not just a critical factor for citizens and governments but rather a major concern.

Current geopolitical tensions and the scope for data to be compromised or intentionally disclosed is fueling these concerns.

But it’s not just governments feeling anxious about data sovereignty, organizations across sectors including transportation, healthcare, education, utilities and private enterprise are uneasy about the potential impact on their organization of their data falling into foreign jurisdiction.

A report commissioned earlier this year by OVHcloud found that over three quarters (77%) of IT decision makers in large UK organizations regard data sovereignty as more important now than it was three years ago.

What’s at stake?

Organizations must comply with local data protection laws such as GDPR in the EU (and UK) and the California Consumer Privacy Act (CCPA) in the US. The consequences of non-compliance with local data jurisdiction include financial penalties from regulators and potential legal action and compensation claims from affected individuals. It can also lead to reputational damage and erosion of customer trust. 

But aside from the potential image on company reputation and hefty fines there are other risks too. City transportation systems, hospitals, schools, businesses both large and small and administrative services rely on servers that are often located outside of their respective countries. If access to these servers was suddenly denied, individuals, communities, businesses and indeed entire economies could be left without critical services and face dire consequences.

While these scenarios may sound extreme, the risks to companies and organizations are real. As our economies and public services continue to digitize, so too does our dependency on technologies that are most often controlled by non-European entities. It begs the question, who controls the IT infrastructures that keep our economies running and democracies stable? And how can we mitigate the risks?

Making digital autonomy top of the agenda

To avoid any risk of falling foul of foreign data protection laws, many European organizations are looking specifically to sovereign cloud offerings, including cloud infrastructure, collaborative tools, networks, or critical software.

A report by IDC last year found that 84% of organizations across Europe were either currently using sovereign cloud solutions or planned to do so in the next 12 months. The top three drivers were found to be enhanced cybersecurity, expanded cloud use (to support greater remote work) and compliance and industry regulations. 

The move to sovereign cloud solutions is entirely logical; by choosing a European provider, companies and organizations are guaranteed a local legal framework and alignment with shared principles - particularly in terms of privacy, a value upheld by EU member states through the General Data Protection Regulation (GDPR).

Strengthening GDPR awareness and turning it into a pillar for operational governance would help push the EU towards digital autonomy. Many organizations today continue to regard GDPR compliance as a burdensome administrative box-ticking exercise. In reality, it is a genuine tool that can help protect European citizens from the uncontrolled exploitation of their data.

When selecting sovereign clouds, European and UK organizations should take care to ensure their chosen cloud provider is obliged exclusively to meet EU legislations or they could still find themselves subject to foreign jurisdiction. For example, Amazon Web Services (AWS) plans to launch its AWS European Sovereign Cloud offering by the end of the year.

While AWS will host its data centers in Europe and comply with EU data laws, as a US player, the company is still subject to the U.S Cloud Act. This law allows American authorities to demand access to data hosted by any U.S. company, regardless of where it is stored. Legally therefore, AWS could be compelled to provide such access to the U.S. government, despite pledging to offer a sovereign cloud service.

The path ahead: collaboration and diligence

As European and UK organizations individually consider their technology platforms and partners and develop strategies to protect their data sovereignty, they must also consider wider EU digital sovereignty initiatives and industry groups like Department for Science, Innovation and Technology (DSIT) in the UK.

Gaia X is an EU framework and ecosystem that connects existing European cloud and data service providers. Its aim is to create a federated, secure, and sovereign data infrastructure for Europe. The DSIT is a UK body that works to build domestic infrastructure to support a sovereign digital economy.

These important initiatives will only succeed if they are widely adopted by all those concerned about digital sovereignty. Today, given the risks for enterprises across sectors, this means not only local authorities and governments but all businesses and organizations, public and private, that work in the digital economy and depend upon shared data.

Check out our feature on the best data recovery services.

When cloud computing moved from “interesting experiment” to “default expectation,” you could almost feel the ground tilt. Those old systems that once felt rock solid suddenly looked heavy. Slow. Out of sync with how people actually worked.

Cloud-based platforms became the norm. On-prem systems faded. And teams got good — many too good — at centralizing work in ways that felt efficient, even innovative.

Now, here comes another shift. And it’s bigger. Generative AI is a new way of thinking, deciding and building. Gallup’s already seeing it; employees are using AI at nearly twice the rate they were just a year ago.

AI tools are helping them work smarter and move faster. And, just as important, it’s rewriting their expectations for how they solve problems and create what’s next.

But every leap forward brings friction. And this one challenges the very heart of culture.

The cultural friction leaders can’t ignore

AI brings obvious upside: productivity, efficiency and innovation gains. Gartner found that nearly two-thirds of leaders see AI materially improving innovation, and a significant portion are already reporting EBIT impact.

Yet the same technology that promises so much value also introduces new cultural tensions.

First, there’s fear. A recent Reuters/Ipsos poll revealed that 71% of workers worry AI could replace their jobs. Whether or not that fear is justified isn’t the point. It’s present, and leaders have to acknowledge it.

Second, AI is exposing performance gaps. High-clarity thinkers, strong communicators and people with deep subject-matter mastery tend to get better results with AI.

Meanwhile, those with less clear thinking or less confidence often struggle. AI becomes a mirror. It reflects differences in competency and confidence that were previously hidden.

Friction shows up when AI reveals things the organization isn’t ready to face. Clarity gaps. Uneven capabilities. Hidden assumptions about how work actually gets done.

What complicates the transition

Some companies are still operating primarily SaaS-driven workflows. Only a handful have truly integrated AI into their business operating system (BOS). AI adoption is happening around the edges. Leaders often remain hands-off, hoping the organization will “figure it out.” But that approach leads to uneven adoption, fragmented workflows and silent frustration.

Swinging too far in the other direction can be even worse. Push AI without a clear why, and you ignite resentment. Talk about efficiency without talking about growth, people assume “efficiency” is code for “cuts.” They tense up instead of leaning in.

Harvard Business Review highlights this gap: While 80% of executives believe they’ve communicated an AI strategy clearly, only 30% of employees agree. That divergence is where distrust grows and where retention risk skyrockets. If people don’t see a role for themselves in what’s next, they’ll start to question whether they belong at all.

How forward-thinking leaders smooth the transition

Successful leaders won’t sit back and wait. They’re the ones who’ll reframe AI from a threat to a development opportunity. They see AI as a catalyst for helping people grow in competency, clarity and confidence. And they communicate that clearly.

Here’s what that looks like:

1. Dial in the messaging

Humans are motivated by different things. Someone striving to grow into a role cares about different things than someone refining a craft they’ve spent years honing. The message that energizes one group may fall flat for another.

So you can’t just say, “AI will make you more productive.” As leaders, we have to connect AI to real growth, which is better problem solving, more time for high-value work and clearer thinking. When people understand how AI supports their goals, resistance drops dramatically.

2. Invest in training

Training is a flywheel that builds employee confidence and deepens commitment. The more we invest in people, the more they invest in the work. Training improves work output and increases resilience. Teams that feel capable stick around. AI training is the cost of staying competitive.

3. Lead by example

If our employees don’t know how we’re thinking about AI, they’ll default to what they’ve always done. That’s human nature. And even when they do understand the vision, the harder part is helping them see how AI can actually move them toward it. This is one of those moments where founders have a chance to lead from the front.

Use AI in the open. Let people watch you wrestle with a real issue or streamline a piece of work with its help. When your team can see what’s possible, the message lands. It sinks in more deeply. And it sparks the kind of curiosity and confidence that make AI adoption feel natural.

The opportunity in front of us

This transition from SaaS-centric operations to AI-powered work is both technological and cultural. It separates organizations that evolve from those that cling to outdated expectations.

Leaders have a choice: let AI adoption unfold in a scattered, informal way and allow uncertainty to undermine performance. Or lead with clarity, communicate openly, invest in training and help employees see how human creativity and AI capability complement each other.

One path leads to churn. The other leads to a more productive, humane and resilient organization.

Check out our list of the best HR software.

Unsurprisingly, the implementation of AI tools has swiftly become a boardroom topic.

The rate of experimentation is high, and enterprises will soon hit on hardened, tested use cases that give them a competitive edge.

So much so that harnessing AI’s power to drive change requires direct CEO sponsorship.

Right now, AI is brimming with potential, but without a playbook that guarantees success. Adoption cycles are moving fast, and businesses need to get implementation right to unlock the competitive advantage AI will inevitably deliver.

There is huge pressure on CEOs to have the intuition and vision to empower their businesses to integrate AI successfully. However, this is arguably made more complicated when you consider the reality that few of them have technical experience.

The delegation dilemma

Understandably, the temptation for CEOs is to delegate responsibility for AI implementation to the CTO, CIO or CISO. After all, in most enterprises, these are the leaders with technical expertise. But in moving accountability, an implicit assumption is made that suggests AI is not a core strategic asset to the enterprise.

As tempting as shifting responsibility might be, the fact remains that AI is too important not to be a CEO’s responsibility. Just as they take personal ownership of M&A strategy, brand positioning, or market expansion, AI’s impact on the company’s future is too profound to be pushed entirely to technical teams.

To be an effective modern CEO, you don’t necessarily need to be a skilled software developer. However, gaining an understanding of how and why AI will power innovation is an advantage in fostering the right cultural environment for it to thrive.

The AI mirage

Too often, CEOs believe that they are familiar with AI because they use ChatGPT for day-to-day tasks. They see instant productivity and enhanced insights, and they naturally want to translate that into rapid innovation and cost savings for their organization.

But what they must understand is that enterprise-grade AI is fundamentally different. It will take time to integrate into workflows, but over time, it can have a more transformative impact than anyone can realistically imagine.

The path to genuine innovation will not be linear, and ROI will not be instant. That means business leaders also need to adapt to a new way of measuring value.

CEOs who approve AI investments and then ask the CTO for rapid payback are missing the point. In most cases, organizations are still experimenting with AI; that’s entirely understandable. It isn’t a plug-and-play feature – it’s a capability that must be tested and refined over time to deliver value.

Pushing for instant returns will not create the best outcomes. Progressive leaders will endorse – and fund – experimentation, knowing that, unlike with other technologies, the path to innovation is longer and more behavioral.

Take cloud computing, for example. With cloud adoption, CEOs had the luxury of delegating implementation to the CTO and then having rapid evidence of whether it had worked.

The AI revolution is fundamentally different. While cloud adoption could deliver immediate cost reductions and scalability benefits, AI’s greatest value comes from embedding intelligence into core processes, products, and customer experiences – a transformation that unfolds over years, not quarters.

CEOs who understand what developers do and have experienced software development are far better equipped to resist chasing instant P&L impact.

They can empathize with the iterative nature of building AI-powered systems, where experiments fail, models change, and success comes from compounding small gains over time.

As a result, they are more likely to champion deeper, more progressive AI integration in the medium to long term. This is where the competitive edge lies, rather than racing to adopt any off-the-shelf AI tool that is trending at the moment.

Why working with the technology matters

The closer CEOs get to the technology and how it's applied, the longer-range thinking they can then do. When they understand the constraints and possibilities of AI at a practical level, they can make more informed strategic decisions for the business.

For example, a CEO who has taken the time to understand prompt engineering, data challenges, or refining models is less likely to be swayed by hype and more likely to invest in areas that will deliver a lasting impact.

On the other hand, CEOs who treat AI purely as a line item in an IT budget risk missing the opportunity to reimagine business models, redefine customer value, and cut through entirely new markets.

Leading in the AI era

CEOs don’t necessarily need to start coding on the weekends. But just as leaders in the industrial revolution benefited from understanding manufacturing processes, leaders in the AI era will benefit from understanding software development.

Even a foundational grasp of how developers build, test, and deploy AI-powered systems gives CEOs a head start in making the kinds of decisions that will define the winners in this space – because they will be in a better place to truly sponsor AI innovation in their business.

The CEOs who will lead the AI race will resist the idea of instant returns, embrace the iterative nature of implementation, and invest in the long-term. And critically, they will bridge the gap between technology and strategy – not by becoming developers themselves, but by understanding enough to lead with confidence.

We've featured the best AI chatbot for business.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

It is the question that every consultant fears. A client questioning the value a professional services team delivers.

AI tools are disrupting the traditional professional services delivery model with clients expecting more defined, tangible commitments to deliver value before the project begins.

Indeed, some smaller firms are happily embracing the outcome-based pricing model as a way to steal a march on larger consultancies.

This approach places far greater emphasis on the service provider to demonstrate they are producing results that mean something to their client.

This is highly risky for a professional services organization. It must take on the burden of time and materials costs and expenses to complete a project, but what if a client is reluctant to pay because they do not like the outcome?

Redefining value

Redefining value in the age of AI is quickly becoming a major strategic challenge in professional services industries.

The perception among clients is that AI is delivering efficiencies and savings through IT automation which should translate into lower bills from their consultancy partners.

Of course, there will be scenarios where that is possible, but if the use of AI is only a discussion about cost reduction, it will become a race to the bottom in terms of commoditizing services.

Every professional services company wants to avoid that scenario, so the key is to develop metrics which demonstrate how AI adds a tangible return-on-investment.

What if it could enable clients to charge their customers more by building new systems that are unique to that industry?

What value are you adding?

Asked this question, “If you’re now using AI to automate the services I am buying, what value are you - the consultant - adding?” then surely the most powerful response is showing how AI enables consultancies to help their clients do things competitors cannot.

Specific metrics will be required to show how a firm is positively impacting the client’s bottom line, but their definition is still being shaped.

Similar to the early days of cloud computing, there was much talk about it revolutionizing IT infrastructures. Yet, it took nearly a decade before we saw standardized outcomes and ROI.

Creating challenges

This creates a challenge for professional services organizations today, as it puts client relationships under pressure at a time when firms are fighting to sustain their revenue streams and find new growth.

However, having spent time with leaders in the industry I am consistently hearing that adhering to certain principles enables successful organizations to maintain stable client relationships through this AI-led disruption.

1.Expectation management: in any professional services organization the mantra should always be “no surprises.” Having to explain that a project will be late is the most difficult scenario for managing client expectations. With AI supporting the implementation team, there is greater expectation that potential delays can be identified and avoided using predictive analysis.

2.Transparency: given all the questions about the use of AI in professional services, transparency is the best policy to maintain a stable client relationship. Not only do clients need assurances their data is protected, they want to understand how it is being used and be able to trust the decisions the AI is making. This does not mean giving clients an “access-all-areas” pass but understanding breeds confidence in the extra value being delivered.

3.Disciplined delivery: If AI adoption means you are using an outcome-based delivery model, it is crucial to avoid scope creep. This requires a disciplined approach to delivery management, ensuring that any additional requests are identified as falling outside of the agreed remit and are billed separately. This also helps with expectation management. If the client and delivery team are collaborating effectively there should be no surprises around the expected outcomes.

4.Defining value: Clients must be able to see what the value is for their business – whether it is increased productivity, reduced cost or new revenue streams. Firms stake their reputations on the knowledge and expertise they can offer, because it gives them the confidence that they can delivery results. However, with the introduction of AI, it is vital to show how completing a project will help clients to do something better and impact their bottom lines.

5.Talent: For firms to adjust to the impact of AI, they will need expertise and skills that distinguish them from competitors. The days of the pyramid model of consultancy skills may be over, with smaller groups of highly skilled experts (think chartered accountants or architects) managing teams of data consultants and product management, who understand how to use AI to respond effectively to client requirements.

6.Business model: some commentators are talking about diamond or obelisk shaped business models. Ultimately, AI should enable greater agility and more responsiveness to clients. Therefore, consultancy firms must ensure they foster more dynamic, collaborative organizational cultures and operational structures to be successful.

Final words

Speaking to clients, it is clear that firms in a variety of sectors are still working through their understanding of AI and what it means for their future strategies.

It is irrefutable that organizations willing to embrace AI now will get a head start on their rivals, and this will see a re-ordering of the professional services industry.

Above all, though, the definition of value is going to change, so every firm must be prepared to answer that question: “So what am I paying for?”

We list the best client management software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

An estimated 6.64 billion people, or 82 per cent of the world's population, are now covered by some form of data privacy legislation.

In a web of complexity that spans 144 countries, compliance with local regulations and data sovereignty laws are a growing challenge for companies working across multiple geographies.

To help ensure local compliance, greater control and security, IT leaders may devote more resources to repatriating data to private cloud computing infrastructures.

In this article, the author explores how organizations can strategically plan their on-premises cloud infrastructure for compliance and modern workloads like AI while also boosting planning and cost predictability.

Private cloud infrastructures: a silver lining

Public clouds continue to remain critical for a majority of businesses as they deliver flexibility and scale, global reach and access, and speed of innovation at a level that private clouds struggle to meet.

However, in certain scenarios, private clouds may be a better option. There are three main reasons why companies worldwide might repatriate their workloads from public to sovereign private cloud infrastructures: security & compliance, new workloads and cost predictability.

Security & Compliance: A Private Cloud Outlook 2025 report found that 92% of respondents trust private cloud for security and compliance, propelling the adoption of private cloud systems. Two out of 3 IT leaders also reported being “very” concerned with storing data in public cloud environments and maintaining compliance. And with an increasing amount of data privacy legislations around the world and the need to comply with them, more and more companies are adopting sovereign clouds.

The EU’s General Data Protection Regulation (GDPR), for example, imposes strict rules for businesses in the EU, or those trading with companies in the bloc, when collecting and handling personal data. For companies bound by these regulations, establishing on-premises deployments can help ensure thorough compliance. As a result, investments in private cloud infrastructures are surging. The worldwide sovereign cloud market, for instance, is projected to grow to over $100bn by 2034, according to Polaris Market Research.

New Workloads: AI is accelerating at an unprecedented pace. Organizations around the world are continuing to invest in the new technology. Generative AI (GenAI) spendings are foreseen to reach 644 billion USDs this year, increasing 76.4% from 2024. And Agentic AI tools are expected to be adopted even faster. But these new technologies are data-hungry beasts.

Especially in enterprise environments, AI experiments are often conducted by several teams, pulling unstructured data from everywhere they can. The more quality datasets you have, the better the result. In doing so, they often trigger petabytes of data moving across the network, causing a spike in capacity and traffic costs. It is not surprising, that analysts predict seven out of ten enterprises using AI say that sustainability and digital sovereignty will become the top criteria for choosing the appropriate cloud systems by 2025.

Cost Predictability: As trends continue to show, enterprise cloud spending is skyrocketing around the world. A “State of the Cloud Report” from 2025 showed that 40% of enterprises spend more than 12 million USDs per year on public cloud – an increase from 36% compared to 2024. Cost management and optimization are becoming key priorities – especially when it comes to avoiding over-provisioning. Most companies therefore value the financial visibility and predictability of private cloud.

Taken together, these factors indicate that companies are now more likely to pick cloud environments – public, private or hybrid cloud - based on workload needs and attributes. Depending on the requirements, private clouds may be more attractive – especially for data-intensive workloads that either demand high security and compliance, speed or are highly integrated with other systems.

Security & Compliance:

Enterprises on cloud nine: On-premises cloud architecture implications

With the workload-first mentality of most organizations, both the importance and expectations of the private cloud have increased. IT management nowadays want the “best of both worlds”. They want the benefits of a public cloud operating model with the control, security, efficiency, and (cost) predictability of an on-premises solution.

Organizations currently looking to repatriate workloads need to consider scalability, flexibility and total cost of ownership (TCO) without compromising on compliance and resilience.

Private clouds allow companies to adapt and scale their on-premises IT architecture to business-specific requirements and workloads, while enabling greater financial transparency, speed and predictability. With sovereign cloud architectures, IT managers can physically “hug” their server if they really want to.

The private cloud approach also supports future-proofing storage infrastructure, as on-premises IT infrastructures unlock the emerging ability of storage disaggregation, which public cloud providers have been using for years.

Storage disaggregation: the blue sky thinking for enterprises

Not long ago, it was common for organizations to expand their storage capacity by buying new servers. After maxing out the typical three-year warranty on a server, IT managers often choose to simply replace the entire server (along with the processors, random-access memory, and flash storage). For the time, this thinking made sense, but it was a wasteful and costly value proposition.

Decoupling storage and compute – disaggregating storage – and placing them on separate racks eliminates the problem associated with scaling through the purchase of new servers, as storage and compute can now scale independently.

Especially in on-premises cloud architectures, disaggregated storage makes it easier for multiple servers to share the same storage pool, helping organizations use resources more efficiently.

So, instead of investing in servers loaded with maximum storage, the nimbler approach is to disaggregate and extract storage from a pool and assign it to applications as needed. As projects ebb and flow, the demand for storage resources transfers from one part of the workflow to another.

But disaggregation doesn’t only assist in creating more efficient data resource management. It also increases the flexibility to adapt to rapidly changing needs brought on by new applications (e.g., GenAI or Agentic AI), data sets and use cases. Disaggregation also creates the opportunity to scale storage resources according to changes to the business over the course of time.

While anticipating storage, CPU, GPU, and networking needs still isn’t easy to predict, disaggregated storage can eliminate the need for private cloud IT departments to make big, long-term bets on purchasing expensive servers loaded with storage.

Instead, it enables them to scale compute, GPU, and storage capacity independently. It also supplies the IT managers with more freedom to change their resource allocations on the fly.

Time to go private?

There’s no shortage of opinions and resources telling why companies should or should not repatriate their data and workloads. And there is no one-size-fits-all approach.

Security, compliance, independent scalability, cost, performance, location and talent all must be carefully considered before deciding if a sovereign private cloud architecture is the right choice for the business or the specific applications.

While on-premises solutions offer greater control, and can lead to better planning and cost predictability, public cloud solutions provide quick(er) scalability and ease-of-use.

At a time of unprecedented data growth and increasingly intensive workloads, the private cloud architecture route can become an attractive alternative for those seeking greater control over data, cost predictability and data access.

We've rated the best cloud storage.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• Nvidia, Oracle, and Microsoft have all announced huge investments in the UK
• AI and cloud computing are the main investment focus
• Government wants UK to become a cloud and AI investment hub

As US President Donald Trump begins his visit to the UK, a number of the world's top tech names have announced huge investments in the country.

Ahead of the visit, Google revealed plans to pump $6.8 billion into the UK over two years, including a massive new Hertfordshire data center.

Now a range of others, including the likes of Nvidia, Oracle, and Google have also unveiled billion-dollar investments across robotics, cloud computing, and AI infrastructure - here's what we've seen.

Nvidia

First up, Nvidia and its partners have announced an investment of £11 billion in UK AI factories.

This includes the UK’s largest ever AI infrastructure rollout of 120,000 NVIDIA Blackwell GPUs.

Nvidia has also teamed up with Oxford Quantum Circuits to construct a quantum-GPU AI supercomputing center, and will also set up a research and development center to focus on the development of the UKs AI and robotics industries.

Nvidia CEO Jensen Huang said, “The United Kingdom is building the infrastructure for the AI industrial revolution — advancing science, transforming industries and creating new economic opportunities.”

“We are at the big bang of intelligence, and the United Kingdom’s Goldilocks ecosystem of world-class expertise, outstanding universities and vibrant industries is uniquely positioned to thrive in the age of AI. With AI supercomputers powering state-of-the-art models locally, a new generation of U.K. researchers, developers and entrepreneurs will drive discovery and build the companies of tomorrow.”

Oracle

Oracle is continuing its commitment to invest $5 billion into the UK over the next five years by expanding AI capabilities for the UK government and defense organizations, including a common secure technology platform and the Oracle UK Sovereign Cloud.

“Under President Donald J. Trump's leadership, allied nations are increasing defence investments to strengthen peace and security,” said Safra Catz, CEO, Oracle. “Oracle is proud to deliver advanced cloud and AI infrastructure to support the critical missions of government and defence organisations in the UK and NATO member states throughout Europe.”

Oracle will also provide UK customers with access to the Oracle Cloud Infrastructure Generative AI service, which enables businesses to use pretrained foundational models or custom models to increase productivity and growth, as well as helping with national security.

Microsoft

Finally, Microsoft has announced plans to add a $30 billion investment to the UK’s AI infrastructure over the next four years, including $15 billion in capital expenditures to help build the UK’s largest supercomputer with 23,000 NVIDIA GPUs alongside Nscale.

UK Prime Minister Keir Starmer said, “Microsoft’s landmark investment is a powerful vote of confidence in UK’s leadership in AI and cutting-edge technology.”

“This commitment will not only strengthen our digital infrastructure and support thousands of highly skilled jobs, but also ensure Britain remains at the forefront of global innovation as we deliver on our Plan for Change.”

“We are proud to partner with world-leading companies like Microsoft to build a future powered by British ingenuity and ambition.”

You might also like

• Take a look at the best AI tools around today
• These are the best AI writers we've found
• Tech firms see UK as most attractive market to grow - but for how long?

• An audit has revealed shortcomings in the National Crime Agency's IT
• Almost 80% of the NCA's IT budget is spent on legacy systems
• The NCA should address these weaknesses with comprehensive plans

An independent audit by police watchdog, HM Inspectorate of Constabulary and Fire & Rescue Services (HMICFRS), has published a worrying report on the IT systems of the UK’s National Crime Agency (NCA).

The report outlines that ‘many of the IT systems it relies on are outdated and unfit for purpose,’ stating that the NCA is burdened with technical debt thanks to a continued prioritisation of quick fix repairs over more comprehensive long-term solutions.

That’s not all, as the report also recommends the NCA improves its management of bulk datasets - as currently there are no datasets from any regional organised crime units, and no plans to allow the NCA to carry out bulk analysis of data from the Law Enforcement Data Service - despite plans for the service to replace the Police National Computer in 2026.

A ten year strategy

A significant limitation the NCA faces, especially given the sensitive nature of much of the organisation's data, is the lack of cloud adoption;

“The NCA has also been slow to fully embrace the benefits of cloud-based technology, which has adverse practical consequences. For example, personnel can’t automatically transfer data between computer systems operating on each of the three security tiers of the Government Security Classifications Policy.”

The legacy systems that are still operated by the NCA mean higher maintenance costs, limited functionality and compatibility with other internal systems, increased training needed for new personnel, and an inability to fully exploit datasets from other outdated systems.

There were 260 legacy systems identified, which have led to an astonishing 80% of the organization’s IT budget spent on servicing these outdated systems.

The report concludes with nine overall recommendations, including a ten year development strategy for replacing legacy IT systems, developing a plan to carry out bulk data analysis of the Law Enforcement Data Service dataset, as well as adopting the government’s Digital and Data Profession Capability Framework.

The NCA's DG Graeme Biggar confirmed to TechRadar Pro;

"We are taking extensive action on areas identified in the report’s recommendations, much of which was well underway at the time of the inspection. This includes an agency-wide technology modernisation programme."

You might also like

• Take a look at our picks for the best malware removal software around
• Check out our choice for best antivirus software
• Devs are considering quitting en masse because of embarrassing legacy tech, survey finds

For decades, CPUs (central processing units) were the backbone of modern computing. From business computers to powerful servers, CPUs managed the vast majority of tasks with their ability to execute instructions sequentially and efficiently.

However, in recent years, a quiet revolution has reshaped this landscape. The GPU (graphics processing unit), originally designed to handle complex graphical computations for gaming and visual rendering, has emerged as the new king of computing.

This isn’t just a matter of popularity or trend. The rise of the GPU is grounded in fundamental architectural differences that align with today’s most demanding computing workloads.

From artificial intelligence and scientific simulations to blockchain technologies and real-time graphics rendering, GPUs have become indispensable. Here’s how and why they’ve taken the throne.

A Shift in Architectural Power

The central reason for this shift lies in the architecture of GPUs. While CPUs typically have fewer, more powerful cores optimized for sequential processing, GPUs feature thousands of smaller, efficient cores that excel in parallel processing. This architecture allows GPUs to perform a massive number of calculations simultaneously—making them ideal for tasks that require processing vast amounts of data quickly.

In an area such as AI tools, this is critical. Training a complex neural network on a CPU could take weeks, while a GPU can handle the same workload in a fraction of the time. This speed has driven innovation across industries, allowing researchers and businesses to iterate faster and produce results that were previously impossible.

AI, Big Data, and Beyond

Artificial intelligence has arguably been the biggest beneficiary of the GPU revolution. The training and deployment of deep neural networks require immense computational power. GPUs provide not only the speed but also the scalability needed for these tasks. Companies like OpenAI, Meta, and Google rely heavily on GPU-based infrastructure for their large-scale AI projects.

Big data analytics, too, has seen a transformation. Processing terabytes of information across distributed systems becomes far more manageable with GPU acceleration. This has had implications for finance, healthcare, retail, and more—where speed and insight can lead to a competitive edge.

High-Performance Computing (HPC)

GPUs have also found a crucial place in scientific and engineering communities. High-performance computing tasks such as climate modelling, genome sequencing, and physics simulations demand enormous amounts of processing power. Here, GPUs shine. Their ability to handle parallel workloads allows simulations that once took months to be run in days or even hours.

Institutions like CERN, NASA, and leading universities worldwide now depend on GPU clusters to push the boundaries of knowledge. The scalability of GPUs has opened up new possibilities in scientific discovery.

The Evolution of the Ecosystem

Software support has played a vital role in this shift. Platforms such as NVIDIA’s CUDA and AMD’s ROCm have matured significantly, offering robust ecosystems for developers. Machine learning frameworks like TensorFlow and PyTorch are designed to harness GPU acceleration, making it easier for engineers and data scientists to write code that leverages GPU power without needing deep knowledge of parallel programming.

These frameworks also integrate seamlessly with cloud computing platforms like AWS, Google Cloud, and Azure. Businesses of all sizes can now access high-performance GPU instances on demand, democratizing access to power that was once reserved for the biggest enterprises.

Economic and Industry Impacts

The rise of the GPU has dramatically reshaped the semiconductor industry. NVIDIA, once considered a niche graphics card company, now sits among the most valuable tech firms globally. AMD and Intel have responded by accelerating their own GPU development, leading to fierce competition and rapid innovation.

The high demand for GPUs has even led to supply chain disruptions and global shortages. The race for access to powerful chips has become a geopolitical issue, with governments recognizing the strategic importance of semiconductor manufacturing.

CPUs Still Have Their Place

Despite the dominance of GPUs in many sectors, CPUs remain important. They are better suited for tasks requiring low latency and high single-threaded performance, such as managing operating systems, running traditional business applications, and handling light multitasking. Most modern systems continue to rely on a combination of CPUs and GPUs, where the CPU coordinates the system and the GPU handles heavy computational lifting.

But in the most advanced and fast-growing segments of technology, the CPU is no longer the driver. It is the assistant, the manager delegating the heavy lifting to the GPU.

Energy Efficiency and Challenges

A common criticism of GPUs is their energy consumption. High-performance GPUs can consume several hundred watts, leading to concerns about sustainability. However, when measuring performance-per-watt for parallel workloads, GPUs are often more efficient than CPUs.

Ongoing innovation in chip design, cooling technology, and software optimization continues to address these concerns. NVIDIA’s Hopper and AMD’s CDNA architectures, for instance, focus on delivering better energy efficiency and thermal performance.

Looking to the Future

So, what does the future hold? As our world becomes increasingly driven by data and automation, the demand for parallel processing will only grow. Generative AI, autonomous vehicles, virtual and augmented reality—all of these technologies rely heavily on GPU capabilities.

In fact, we may see a future where GPU-like architectures dominate even general-purpose computing. Hybrid chips that blend CPU and GPU functions are already gaining traction, especially in mobile and consumer computing. Apple's M-series chips and Qualcomm’s Snapdragon line hint at what this future might look like.

Conclusion

In the past, the CPU was the undisputed center of computing. But today, the GPU has taken that crown—not by replacing the CPU entirely, but by surpassing it in relevance, performance, and versatility for modern computing demands.

As new challenges and opportunities emerge, the GPU’s dominance is only set to grow. The era of the CPU as king is over. Long live the GPU.

We list the best Large Language Models (LLMs) for coding.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

The disruptions of 2025 have reshaped global supply chains, compounding long-standing complexities and surfacing new vulnerabilities. From a network management standpoint, organizations are contending with regional compliance requirements, the security risks tied to third-party data and applications and the logistical hurdles of asset visibility - especially in remote or under-connected regions. These issues have evolved from niche technical concerns into core business imperatives, directly impacting continuity and resilience.

Amid ongoing instability, businesses are rethinking their operational strategies. As cross-border activity becomes more critical, adaptability - in both technology and decision-making - will be essential to staying ahead of economic shifts. Companies that fail to evolve may struggle to compete, particularly if they cannot scale or differentiate.

Supporting this urgency, recent research indicates that 86% of businesses see digital supply chain transparency as a key priority, aiming to unlock benefits such as real-time analytics, improved system reliability and smoother integration across Enterprise Resource Planning platforms.

The same research reveals a compelling case for digital supply chain advancement. Businesses with advanced digital capabilities reported nearly 7% in cost savings and almost an 8% increase in revenue compared to their less advanced peers. For any organization, regardless of size, these percentages translate into substantial improvements in both profitability and top-line growth.

Managed Service Providers (MSPs) are playing a pivotal role in helping businesses adapt, especially as uncertainty continues to shape the global landscape. Moving beyond traditional IT support, their role is now increasingly viewed as strategically enabling operational agility and transformation, unlocking new levels of efficiency, resilience and competitive advantage.

Visibility Is Key to Risk Management and Compliance

Many organizations still struggle with limited visibility into their supply chains. Data often remains siloed, and disruptions may go undetected until they cause significant operational setbacks. While cloud computing is now a cornerstone of modern software supply chains, many businesses lack the visibility, access controls and security protocols needed to manage the associated risks effectively. This is where cloud-native frameworks like Secure Access Service Edge (SASE) become essential.

Integrating these processes into a unified dashboard is key to modern risk management. While it doesn’t single-handedly guarantee supply chain visibility, SASE solutions bring together traditionally disparate networking and security solutions. This enhances oversight and controls access across cloud-based supply chain systems and IoT devices, which keeps supply chain management processes safe and secure.

For the same reason, SASE’s ability to bring together network monitoring and security functions and tools helps break down data siloes for enhanced regulatory compliance. As supply chains grow more global, regulatory complexity increases. Businesses must navigate a patchwork of data protection laws, industry-specific standards and cross-border regulations. Falling short can result in fines, legal exposure or reputational harm.

MSPs help implement SASE by leveraging their expertise to navigate the complexities of deployment, integration and ongoing management, ensuring businesses can effectively secure their evolving supply chains without needing extensive in-house resources. They can also tap into their local networks and regional expertise to help businesses maintain compliance with differing regional standards.

Additionally, a unified cloud-based platform supported by SASE helps MSPs deliver this by adding regulatory controls directly into its services. This can additionally be supplemented with automation tools like SIEM and SOAR to enforce policies and leverage operational oversight more easily.

Zero Trust Is Now a Must-Have

The improved oversight that comes with SASE frameworks also lays the groundwork for Zero Trust security models. Greater visibility means a greater ability to control access and constantly re authenticate traffic, a central component of the Zero Trust model.

It's particularly important to secure supply chains, as operations often span borders and involve a complex web of third-party partners. This extensive network means more devices to monitor; a challenge Zero Trust directly addresses. It does so by continuously verifying every user, device and application, regardless of their location. This approach significantly reduces the risk of unauthorized access and helps safeguard critical systems and data.

MSPs are central to the successful deployment and upkeep of Zero Trust frameworks. Their global reach and established relationships with regional vendors position them to help businesses implement these frameworks more effectively. By doing so, they strengthen their defenses against the growing sophistication of cyber threats.

Overall, one of the biggest advantages of partnering with an MSP is the depth of knowledge they bring. They are trusted advisors on complex technical matters. This expertise is key in the likes of proactively identifying risks, enabling swift incident response and strengthening the overall security posture.

Building Stronger Ecosystems

Achieving long-term success isn't just about having robust technology; it also heavily relies on the strength and adaptability of a company's entire vendor and partner ecosystem. This is precisely where MSPs become indispensable. They're instrumental in helping organizations rethink their supply chain strategies, actively shaping these complex environments.

MSPs provide value-added services that go far beyond traditional IT support, assisting businesses in expanding their supplier networks, integrating scalable technologies and fostering the collaborative partnerships vital for building resilience and staying competitive in today's volatile market. By aligning with agile, forward-thinking providers, businesses are better equipped to navigate disruptions and maintain operational momentum.

While supply chain volatility is an ongoing reality, it doesn’t have to be a barrier to progress. MSPs are at the heart of this transformation, empowering businesses to build the flexibility and foresight needed to thrive. As we enter the second half of 2025, those best equipped to pivot quickly and plan strategically will be the ones that lead the way.

We list the best Request For Proposal (RFP) platforms.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

In today’s ever-increasing digital world, the speed at which technology is changing and updating is significant. From cloud computing and AI to automation and data-driven decision-making, enterprises are constantly under pressure to innovate and modernize, Yet, many organizations find themselves weighed down by something invisible but critically impactful – technical debt.

Over a quarter (28 per cent) of UK businesses responding to Zoho’s Digital Health Study reported having ‘good’ digital health. Just as financial debt accumulates interest over time, so does technical debt. It refers to the future cost incurred when businesses choose quicker, short-term solutions rather than more sustainable, robust approaches to modernize their technology.

While these decisions may solve immediate problems, they often introduce inefficiencies and complications that escalate over time, and every enterprise, understanding and managing technical debt is not just a technical concern, it’s a strategic imperative.

The hidden cost of technical debt

Technical debt can manifest in several ways, from outdated codebases and legacy systems to inefficient workflows and poorly integrated applications. For large enterprises, the scale of technical debt can potentially be massive due to the complexity of systems and the years (or potentially decades) of patchwork development.

Small and medium businesses are not immune to this either and the pressure to scale often quickly leads to shortcuts and accumulate unseen technical liabilities.

But the concept extends beyond code towards architecture, to processes where manual workflows are error-prone and slow down operations, technology stacks that don’t support modern features or security standards, and skills gaps that prevent onboarding and collaboration.

Over time these issues create bottlenecks, increase operational costs and limit the organization's ability to innovate. What begins as a minor inefficiency can snowball into a major barrier to growth.

The accumulation of technical debt is not always the result of poor planning or bad practices. In many cases, it's a strategic decision, delivering functionality fast to gain a competitive advantage or to meet time-sensitive business requirements. However, when this debt is not tracked or acknowledged, it becomes a liability.

As systems grow older and more complex, the effort required to modify or integrate them increases, leading to greater maintenance costs and more frequent errors.

Legacy systems, yesterday’s strengths, today’s strain

Legacy systems were once the backbone of many successful operations but are now one of the most common sources of technical debt. Many enterprises rely on systems that were built decades ago and use outdated programs, databases and frameworks.

These infrastructures often lack modularity, making it difficult to isolate functions or update individual components. This rigidity complicates integration with modern technologies such as APIs, cloud platforms, and artificial intelligence tools, often leading to increased costs and complexity.

Their inflexible architectures and siloed data further hinder innovation as seamless data flow is essential for implementing technologies like AI, IoT, and advanced analytics. As IT automation and data-driven strategies become central to business performance, reliance on outdated systems can erode competitiveness and agility.

Beyond this, it can also expose organizations to security vulnerabilities, especially when outdated systems no longer adhere to modern compliance standards.

The case for phased modernization

Addressing technical debt is not about eliminating it entirely. Some level of debt is inevitable in any technology-driven organization, but the goal is to manage it strategically and systematically. Instead, enterprises should look at phased transformation, where legacy components are gradually replaced or integrated with modern tools.

One of the most efficient ways to enable this transformation is AI. By automating repetitive tasks such as data entry and report generation, organizations can reduce inefficiencies and improve accuracy. Automation also serves as a temporary bridge between old and new systems which allows teams to modernize individual components without a full system overhaul.

Data analysis plays a key role in identifying and prioritizing areas of technical debt. With the right analytics tools, businesses can assess the performance, usage, and maintenance costs of various systems and processes.

This enables informed decision-making, where the most problematic or expensive components are addressed first. Over time, this methodical approach helps reduce complexity and improve agility.

Low-code and no-code platforms can also offer significant advantages in managing technical debt by empowering non-developers to build and customize applications which can reduce the reliance on overburdened IT teams.

When governed effectively, these platforms enable rapid deployment of digital solutions without compromising control or compliance. They also support faster iteration and experimentation, making it easier to adapt to changing business requirements.

Importantly, addressing technical debt also involves cultural change. Leadership must recognize that digital modernization is not just an IT initiative but a business priority. Investing in training and fostering cross-functional collaboration is essential to creating an environment where technical debt is actively managed rather than ignored.

By adopting a phased, data-driven approach to modernization, supported by automation, low-code platforms, and modular architectures, businesses can reduce their technical debt while preserving continuity and accelerating digital transformation.

In doing so, they not only improve operational efficiency but also position themselves for long-term success in an increasingly dynamic and digital world.

We list the best IT infrastructure management services.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• Oracle's upcoming data center could need power from temporary gas generators
• West Texas data center could come online before it gets connected to the grid
• Oracle recently added a number of major customers for its cloud services

A new Bloomberg investigation into Oracle’s operations has revealed how the company has turned from a database pioneer to a major cloud service provider over the past decade – an unlikely transition when the then-CEO Larry Ellison (now CTO) called cloud computing “complete gibberish” in 2008.

Today, though, Oracle is responsible for powering xAI in Utah and building GPU clusters for Nvidia in Singapore, Japan and Indonesia, not to mention its joint effort with OpenAI worth 5+GW of computing power.

Then, in 2022, TikTok became an important customers for Oracle. Now routing all US traffic through Oracle, TikTok generates around $1 billion in revenue for Oracle every year.

Oracle’s future data center plans

All of this has come at a cost, though, and Oracle now needs to add more data center capacity to keep up with demand. The company has already committed to spending tens of billions on mega-sites despite supply chain hurdles, but OpenAI demand from the Stargate project has added even more pressure.

As a result, its West Texas ‘Frontier’ campus could need temporary gas power until grid connections arrive. Expected to boast a 1.4GW capacity, it could cost Oracle over $1 billion annually to power using gas generators (according to Bloomberg, citing people familiar with the plans).

This comes at a time when Oracle faces financial struggles, even despite growth. For the first time since 1990, Oracle recently posted its first negative cash flow due to a spending surge.

“Oracle is going through a business model transformation,” Bernstein analyst Mark Moerdler noted. “We believe the margin will rebound and cash flow will be substantial once they get through this investment phase.”

Speaking about fiscal 2025, CEO Safra Catz said Oracle is expecting higher Cloud Infrastructure growth rates and total cloud growth rates this year despite a strong uptick last year.

“Oracle is well on its way to being not only the world's largest cloud application company – but also one of the world's largest cloud infrastructure companies,” Catz added.

You might also like

• We’ve listed the best AI tools to try at home or at work
• Oracle cuts hundreds of jobs as AI push continues
• Check out the best productivity tools

Back in 2020, the European Parliament published a briefing paper which set out “growing concern that the citizens, businesses and Member States of the European Union (EU) are gradually losing control over their data, over their capacity for innovation, and over their ability to shape and enforce legislation in the digital environment.”

At the heart of the matter is the domination that the likes of Amazon, Microsoft and Google have established over the European cloud computing market. One of the effects of their success is that the region now faces significant challenges in ensuring data is subject to the laws and governance structures of the country or region in which it is collected, stored or processed.

For organizations based in the EU hosting their data with providers based elsewhere, this raises serious questions about who ultimately has jurisdiction over that data and whether it can be governed by foreign legal frameworks beyond their control.

Let’s also be clear - the market-leading hyperscalers offer efficiency, scale and a whole host of other compelling advantages. They are all highly innovative, trusted providers that have transformed how businesses operate and have enabled extraordinary digital progress at speed and scale.

Thousands of European organizations rely on – and will continue to rely on – these brands for good reason. At the same time, however, it’s also vital that organizations understand that where they store their data, and under whose jurisdiction it falls, carries implications far beyond IT.

Whether viewed through a political, economic, or operational lens, data sovereignty matters. In some scenarios, it can shape access rights, trigger regulatory obligations or even expose organizations to geopolitical risk.

For example, laws in one country could compel a cloud provider to share data stored in another, an issue that’s been flagged in relation to executive powers and national security mandates at the disposal of foreign governments.

So, how is the landscape changing? Firstly, there are a number of promising European cloud initiatives, including regulatory developments, sovereign cloud frameworks and consortium-based models designed to create local alternatives to the all-in-one hyperscaler stack. However, these solutions are not without their challenges, with cost, fragmentation, scalability and adoption hurdles potentially standing in the way of an effective regional system.

For many organizations, a full switch isn’t viable due to issues such as existing investment commitments, operational complexity and the simple absence of mature, like-for-like alternatives that can match the scale and capabilities of established providers.

The US hyperscalers are also getting in on the act. This time last year, for instance, AWS announced plans to invest €7.8 billion in the AWS European Sovereign Cloud, an initiative which the company says reinforces its “commitment to offer customers the most advanced set of sovereignty controls, privacy safeguards, and security features available in the cloud.”

How this plays out remains to be seen, but whatever route organizations favor in the pursuit of data sovereignty, access to choice and autonomy over where their data is stored is likely to grow in importance as time passes.

The role of intelligent data management

For European organizations in this position, and there are many, the good news is that they don’t need to wait for systemic changes in the cloud landscape to start regaining control. Data sovereignty can be addressed today through the implementation of modern, vendor-neutral data management technologies, which enable them to visualize their entire data landscape and apply consistent policies across disparate storage environments.

Armed with a unified view of their data across cloud and on-premises environments, organizations can then make informed choices about what data to store, where to store it and how best to safeguard it.

The obvious starting point is visibility because, without knowing what data exists, where it resides and how it moves, businesses are flying blind. This is particularly significant and challenging in contemporary multi-cloud and hybrid-cloud environments, where data can be extremely fragmented, often with little consistency or oversight.

But by establishing a clear picture of all data assets, classifying them based on sensitivity and business value and ensuring local copies of critical data are always available, IT management can also enforce policies that align with governance and regulatory requirements.

In the end, this is not just a technology and geography issue; it goes much deeper to cover everything from business resilience and compliance to control and, ultimately, customer trust. Europe’s digital future will depend not only on where its data lives, but on who can access it, govern it and protect it.

As the European Parliament data sovereignty briefing concludes, “Building a secure pan-European data framework and adopting new standards and practices to provide trustworthy and controllable digital products and services would ensure a safer digital environment.”

We list the best cloud storage.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Whenever we talk about security management, the topic of best practices will normally crop up. Taking lessons from your peers is a natural step, and the security fraternity is particularly keen to help each other improve. Yet how do those practices get established, and what makes them “good”? When are new practices needed, and when should older methods die out?

As the wider world of IT evolves, so does the list of practices and techniques needed to keep those IT environments secure. For example, cloud computing launched with AWS’s first service in November 2004. The practices around securing cloud deployments had to keep pace with the rapid iteration of the cloud in general. However, AWS, Microsoft, Google and others all have their own services, ways of handling data, and best practices for security.

At the same time, every career path has its own history, list of best practices, and received wisdom that may no longer be fit for purpose. Consider epidemiology, which is the study of data around health and diseases. This can provide an apt metaphor for the evolution of IT security.

In the beginning

Bloodletting was state of the art medicine for thousands of years, going all the way back to Ancient Egypt. From the 11th century AD, ‘barber surgeons’ had successful careers and were trusted professionals. Bloodletting ultimately ceased as a practice - and as a career - due to a high correlation between the practice and patients dying. Rather than relying on anecdotes and received wisdom, the data showed that this practice was ineffective at best, and actively harmful at worst. It was literally worse than doing nothing.

Disease theory developed as a way to understand threats and what caused illness. Epidemiology emerged when the prevailing theory was that “miasmas” or “swamp gasses” were the main cause of diseases. People recognized that illnesses were caused by something that was invisible, and that could be passed from person to person without contact.

Yet during a cholera outbreak in nineteenth century London, “scientists” purposefully ignored overwhelming evidence that cholera was a waterborne disease. Those that supported the miasma theory were thinking of their careers and personal identities. Eventually, the evidence from John Snow - coupled with the Broad Street pump being disabled, leading to lower infection rates - forced the issue. This data-led approach led to the measurement based practice of epidemiology that we have today.

Evolution and Risk Measurement

For the IT security sector, the amount of data available around what is taking place in the cloud should make it easier to secure those environments. Yet this data has to be used effectively if it is to make a difference. Telemetry data on its own is not measurement.

In the world of epidemiology, people dying around you is data, but knowing why is measurement, which leads to investigation and then to a solution. Conversely, the consistent lack of measurement signals a practice's eventual demise. It is at this evolutionary cross road that we find security.

Measurement involves using data to understand the wider picture that exists, and then creating the processes to solve the problems that are discovered. For CISOs, developments like cloud and AI have changed the state of the game. For example, the advent of generative AI is a catalyst for a measurement evolution in security.

Generative AI writes code that in turn creates more code, designs applications and implements workloads and AI agents. This approach should remove barriers to value generation for many more people. But how many will understand that process and be able to pinpoint the risks that exist?

Amplifying risk

AI will also amplify potential risk scenarios. Threat actors will use AI to improve their attacks, both in terms of quality and quantity. The AI-enabled organization will speed up their processes and make more money, while potentially leaving aside considerations like risk or security.

Understanding of how code is created and applications developed will shrink, leading to problems if and when things stop working. So how can CISOs be confident in their approach around risk?

Should we throw up our hands and claim that measuring risk is impossible? No - this is the same approach that those behind the miasma theory took, where there was not enough data available and no wish to test theories. Instead, we have to look at measurement in this new environment in order to deliver what is needed.

Where AI can improve results is by looking at what the real problems are. Automation can help you define the problem through measurement, model those risks and then set out to solve those problems.

Making risk operations work

Once we have measurement in place, we then have to use this information as effectively and productively as possible. This is where an evolution in approach is needed around measuring risk then using that information to effect change. Setting up a Risk Operations Centre, or ROC, makes it easier to collaborate on outcomes around remediation, mitigation or risk transfer.

Just like a Security Operations Centre covers all the data around IT threats and risks, a ROC’s role is to collect and normalize measurement around risk, then provide that information to those that need it to take some form of action.

The goal is to make those operational processes easier for all involved. Where the ROC is different to a SOC is that ROC focuses on the wider business problems that exist around value-at-risk, while the SOC looks at what the security team needs to know around those IT issues.

CISOs will look at ROC to quantify cyber risk for the business specifically. On the data side, this involves threat intelligence, time series data, network graphs, business priorities, and online analytical processing to create risk insight in a specific context, as well as using measurement algorithms optimized for historical trend analysis.

By focusing on risk, CISOs can measure their success and ensure their organizations stay secure. This emphasizes how CISOs make assumptions about value-at-risk, plausible future loss, and how to optimize decisions about risk over time.

Measuring risk involves looking at business impact and potential threats. However, this measurement is not enough on its own. Turning measurement into operational practices will provide you with guidance on where to concentrate efforts to reduce risk automatically.

Just as new processes developed based on measurement, risk operations will develop based on how effectively you can use data, understand your position, and direct your efforts to have the most impact.

We've listed the best online cybersecurity courses.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Cyber attacks are making headlines with their growing frequency and complexity, but for global businesses, there’s another challenge that often slips under the radar. As companies focus on fending off the next big breach, many are overlooking a critical internal vulnerability: fragmented security born from the proliferation of connected assets.

With every new innovation, the digital footprint of an organization expands - more devices, more applications, more endpoints. But this rapid growth has outpaced traditional cybersecurity strategies, leaving behind blind spots and disjointed defenses.

The result? An increasingly fragile security posture that attackers are all too eager to exploit. It’s time for the C-suite to look beyond the obvious threats and address the structural cracks in their cybersecurity foundation.

The first crack

Most organizations don’t deliberately set out to build disjointed systems, but as they grow, so do their cybersecurity needs. To tackle emerging threats, plug vulnerabilities or meet new compliance mandates, companies often adopt a variety of tools, each designed for a specific task - from threat detection to audit readiness.

The result is a patchwork of point solutions that operate in isolation. These tools rarely integrate or share data seamlessly, creating silos that limit oversight and hinder response. Over time, what was meant to strengthen security ends up weakening it. Instead, businesses are left with a fragmented system that struggles to deliver a unified, real-time picture of risk.

The problem with fragmented security

These gaps don’t just weaken the system; they make it difficult for security teams to even see where the weaknesses are. In a fragmented environment, a basic but critical question becomes surprisingly hard to answer: “What do we have?” Without a clear understanding of the organization's full asset inventory - across devices, platforms and cloud computing environments - security teams are left guessing at where the true risks lie.

This lack of awareness is exactly what attackers exploit. Threats can go undetected not because the tools aren’t capable, but because the necessary context is scattered across disconnected systems. When data isn’t shared, alerts are missed, and teams can’t respond quickly or confidently. Instead of a single, coordinated defense, companies are left managing isolated pieces that fail to add up to a complete picture.

Additionally, with the UK government placing a heavy emphasis on cybersecurity regulations, such as the Cyber Security and Resilience Bill, organizations need to ensure they meet compliance requirements to avoid penalties and reputational damage. Fragmented security makes achieving this far more difficult, as businesses will struggle to maintain accurate records, demonstrate accountability or provide evidence of effective risk management.

Finally, managing multiple disconnected tools increases operational complexity. Security teams are already overwhelmed as they deal with numerous interfaces, workflows and requirements, which slows down response times and increases the likelihood of errors. There are also significant financial implications to consider when it comes to fragmented security. Maintaining and integrating multiple tools is both labor-intensive and expensive. And, overlapping functionalities and inefficiencies in resource allocation only work to exacerbate these costs.

Why unified cybersecurity is no longer optional

With fragmented security solutions presenting an array of challenges, it’s time for organizations to migrate to a unified cybersecurity platform - not just to simplify operations, but to gain true cyber exposure management. A unified approach replaces siloed processes with contextual awareness: understanding every asset, how it’s connected, and what’s at risk.

Unified cybersecurity also enhances operational efficiency. By using AI-driven capabilities, organizations can simplify security management, automate routine tasks and provide actionable insights that empower security teams to detect, prioritize and mitigate risks in real-time. By eliminating the complexity of managing disparate tools and systems, organizations can transition from reactive measures to proactive threat detection and mitigation, strengthening their overall security posture.

In short, these unified platforms cover every aspect of cyber threat exposure management, from asset management to early warning threat detection, vulnerability discovery, prioritization and remediation, into a single solution.

The future can’t be fragmented

As cyber threats evolve, the cracks in a fragmented security strategy will only widen. Point solutions can’t deliver the speed, coordination or coverage that today’s digital environments demand.

To stay ahead, organizations must adopt a unified cybersecurity strategy - one that consolidates asset visibility, threat detection, risk prioritization and compliance into a single platform. Unified security reduces complexity, allows for faster responses and builds long-term resilience.

Fragmentation has served its time. For businesses looking to protect their future, the path forward is clear: consolidate, simplify and strengthen.

We list the best software asset management (SAM) tool.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Listening to entrepreneurs discuss the potential of AI cybersecurity will give you déjà vu. The discussions are eerily similar to how we once talked about cloud computing when it emerged 15 years ago.

At least initially, there was a surprisingly prevalent misconception that the cloud was inherently more secure than on-premises infrastructure. In reality, the cloud was (and is) a massive attack surface. Innovation always creates new attack vectors, and to say AI is no exception is an understatement.

CISOs are generally aware of AI’s advantage, and for the most part they’re similarly aware that it’s creating new attack vectors. Those who took the right lessons from the development of cloud cybersecurity are right to be even more hesitant about AI.

Within the cloud, proper configuration of the right security controls keeps infrastructure relatively static. AI shifts faster and more dramatically, and is thus inherently more difficult to secure. Companies that got burned by being overeager about cloud infrastructure are now hesitant about AI for the same reasons.

Multi-industry AI adoption bottleneck

The knowledge gap isn’t about AI’s potential to drive growth or streamline operations; it’s about how to implement it securely. CISOs recognize the risks in AI’s expansive attack surface.

Without strong assurances that company data, access controls, and proprietary models can be safeguarded, they hesitate to roll out AI at scale. This is likely the biggest reason why AI apps at the enterprise level are coming out only at a trickle.

The rush to develop AI capabilities has created a multi-industry bottleneck in adoption, not because companies lack interest, but because security hasn’t kept pace. While technical innovation in AI has accelerated rapidly, protections tailored to AI systems have lagged behind.

This imbalance leaves companies exposed and without confidence to deploy at scale. Making matters worse, the talent pool for AI-specific cybersecurity remains shallow, delaying the hands-on support organizations need to integrate safeguards and move from adoption intent to execution.

A cascade of complicating factors

This growing adoption gap isn’t just about tools or staffing—it’s compounded by a broader mix of complicating factors across the landscape. Some 82% of companies in the US now have a BYOD policy, which complicates cybersecurity even absent AI.

Elon Musk’s Department of Government Efficiency (DOGE) has fired hundreds of employees at the U.S. government’s cybersecurity agency CISA, which worked directly with enterprises on cybersecurity measures. This dearth of trust only tightens this bottleneck.

Meanwhile, we’re seeing AI platforms like DeepSeek become capable of creating the basic structure for malware. Human CISOs, in other words, are trying to create AI cybersecurity capable of facing AI attackers, and they’re not sure how. So rather than risk it, they don’t do it at all.

The consequences are now becoming evident, and dealing a critical blow to adoption. It just about goes without saying: AI won’t reach its full potential absent widespread adoption. AI is not going to fizzle out like a mere trend, but AI security is lagging and inadequate and it’s clearly hampering development.

When “good enough" security isn’t enough

AI security is shifting from speculative to strategic. This is a market brimming with potential. Enterprises are grappling with the severity and scale of AI-specific threats, and the demand those challenges created are attracting wider investor interest. Organizations have no choice but to secure AI to fully harness its capabilities. Those that aren’t hesitating are actively seeking solutions through dedicated vendors or by building internal expertise.

This has created a lot of noise. A lot of vendors claim to be doing AI red teaming, while really just offering basic penetration testing in a shiny package. They may expose some vulnerabilities and generate initial shock value, but they fall short of providing the continuous and contextual insight needed to secure AI in real-world conditions.

If I were trying to bring AI into production in an enterprise environment, a simple pen test wouldn’t cut it. I would require robust, repeatable testing that accounts for the nuances of runtime behavior, emergent attack vectors, and model drift. Unfortunately, in the rush to move AI forward, many cybersecurity offerings are relying on this “good enough” pen testing, and that’s not good enough for smart organizations.

The reality is that AI security requires a fundamentally different approach – this is a new class of software. Traditional models of vulnerability testing fail to capture how AI systems adapt, learn, and interact with their environments.

Worse still, many model developers are constrained by their own knowledge silos. They can only guard against threats they’ve seen before. Without continuous external evaluation, blind spots will remain.

As AI becomes embedded across sectors and systems, cybersecurity needs to provide actually suitable solutions. That means moving beyond one-time audits or compliance checkboxes. It means adopting dynamic, adaptive security frameworks that evolve alongside the models they’re meant to protect. Without this, the AI industry will stagnate or risk serious security breaches.

We list the best encrypted messaging app for Android.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

In 1967, I began my first job working with computers. The company was presciently named International Data Highways (IDH), the brainchild of my remarkable mentor, Charlie Ross. Even in the infancy of computing, Charlie was pushing the boundaries of what computer science could achieve. He envisioned a world where financial and business information would be instantly accessible via terminal. His foresight was extraordinary, especially considering the limitations of the time.

Charlie was a visionary, driven by possibilities invisible to others but clear as day to him. He created an environment where curiosity was expected and boldness rewarded. It was a heady environment for a 19-year-old to be thrown into—and Charlie believed in throwing people in the deep end. He wanted his team to be brave, empowered, and unafraid to fail. This mindset was radical in 1967 Britain, where conformity and rigid corporate hierarchies ruled.

That early baptism by fire prepared me for the revolutionary journey computers would take over the next half-century. Little did I know that I had joined the most transformative industry the world had ever seen.

The rise and fall of giants

The first computer I worked on was the Sperry Univac 418—a massive, complex machine with a 24-bit word structure and a 12-bit addressing mechanism. It used a storage device known as a FastRand drum, which weighed two and a half tons and could store a mind-bending 100 megabytes of data. In those days, IBM dominated the industry with batch processing, while Sperry and others pushed the frontier of real-time computing.

IBM’s market share in the early 1970s was nearly 80% of the global computing market. But by the 1990s, the once-mighty firm teetered on the edge of collapse. Agile, innovative players like Digital Equipment Corporation and Data General had emerged, and IBM’s fall was swift and brutal. Watching this unfold in real time impressed upon me one core truth: this is an industry where today's titan is tomorrow’s toast.

Much of this volatility can be traced to Moore’s Law. In 1965, Gordon Moore predicted that the speed and capacity of transistors would double every 18–24 months. This exponential growth would continue to redefine the limits of possibility—not just in computing power but in how quickly innovation itself could accelerate. Two years after Moore’s prediction, I entered the industry. The rest is history—and we’re still writing it.

From constraints to catalysts

The innovations of the past five decades—mainframes, PCs, the internet, mobile devices—were the hors d’oeuvres. What we are now witnessing with AI is the main course. The difference lies not just in power, but in liberation. For most of my career, progress was constrained by the lack of computing power, limited storage, and slow processing speeds. Cloud computing, distributed architecture, and global broadband have obliterated those limits.

Today, we operate in a world of universal access. Storage is cheap and nearly infinite. Computing power is on demand. Barriers are gone. And with that, we have opened a new door—one that leads not to incremental improvement, but to a new industrial revolution.

This is not a wave. It’s a tsunami.

Those sitting comfortably on the beach, sipping tea and admiring the view, are about to be swept away. Those who grab a surfboard and paddle out to meet the surge head-on will experience the ride of a lifetime.

AI: the great equalizer

Perhaps the most stunning transformation AI brings is the democratization of knowledge. For centuries, information was locked behind paywalls—academic, professional, institutional. In some industries, guild-like structures guarded specialized knowledge jealously. AI changes that. It is the ultimate key, unlocking access for anyone with a connection and curiosity.

Professional hierarchies will flatten. Management will face new levels of transparency and accountability thanks to real-time analytics. Strategic decisions once made in echo chambers will now be data-informed and challengeable.

This will not be a time for the timid. It will favor the bold, the agile, the open-minded. Yet the true revolution lies not in how companies operate—but in how people live, learn, and grow.

The coming reinvention of education

Education may be the sector most radically transformed by AI. For too long, students have been shuffled through one-size-fits-all classrooms, forced to memorize facts, and judged by standardized exams. AI opens the door to personalized, adaptive learning—customized in real time to each student’s strengths, weaknesses, and interests.

Imagine a system where students are assessed continuously through participation and engagement, not just snapshots on test days. AI can identify knowledge gaps and tailor content dynamically—favoring subjects that spark passion, curiosity, and intrinsic motivation. Students will no longer be treated as production units that must progress at the same pace. They will be treated as individuals.

Parents will no longer need to buy homes in expensive school districts to access quality education. World-class learning will be accessible to everyone, everywhere. Finally, education will be democratized—just as knowledge is.

Compare this to China’s Gaokao, where every high school student takes a life-determining university entrance exam on the same day in June. Should a teenager’s future be determined by two days of testing—or by twelve years of continuous growth and learning? AI makes that question more than rhetorical. It makes a new model possible.

Unleashing human creativity

Beyond education, AI promises to unlock a renaissance of human creativity. By automating repetitive and menial tasks, it will free the mind to focus on imagination, problem-solving, and innovation. AI will allow people to color outside the lines again—something that corporate culture and standardized education often suppress.

Innovation will no longer come just from elite R&D labs or top universities. It will come from a billion creative minds newly empowered. AI will not just be a tool of efficiency—it will be a force of liberation.

Conclusion: embrace the future

Looking back on my 57-year journey—from machine code to machine learning—I’m reminded of how much has changed, and yet, how many principles remain the same. Vision, courage, curiosity, and resilience remain the essential traits of any innovator.

The tools may change. The pace will accelerate. But the opportunity—for impact, for growth, for transformation—has never been greater. We stand at the edge of something vast. The surf is up and the surfboards are ready.

Let’s enjoy the ride.

We've featured the best AI website builder.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• The GSA and AWS sign an agreement worth $1 billion in AWS credits
• Trump's AI Action Plan is supported by public and private bodies
• Discounts keep rolling in as the White House centralizes purchasing

The US Government has signed an agreement with Amazon Web Services (AWS) in exchange for $1 billion in cloud computing credits via its General Services Administration (GSA) as part of the White House's ongoing effort to streamline and centralize federal procurement (and significantly reduce costs).

The US Government will have access to $1 billion in AWS credits until the end of 2028 to help support cloud adoption, IT modernization and training across core federal agencies.

The direct incentive credits are made up of different categories, including savings on core AWS cloud services, infrastructure modernization, training and certification, and direct partnerships and contracts with AWS.

US Government gets $1 billion in AWS credits

In its announcement, the GSA highlighted the collaboration between public and private sectors, with the shared goal to "enhanc[e] America’s AI leadership."

"Through this new agreement with AWS, federal agencies will be able to enhance delivery of critical services, leverage cloud and advanced AI technologies, and dramatically reduce costs," GSA Acting Administrator Michael Rigas explained.

Besides supporting the Trump Administration's AI Action Plan, the agreement also reflects on ongoing trend within this space. Hyperscalers and lower-tier providers have all been offering the US Government significant discounts to pick their software in the hope that they can win major contracts while also saving the White House billions in cash.

"As federal agencies adopt advanced technologies like artificial intelligence and machine learning, AWS is positioned to not only help them achieve immediate operational efficiencies, but also to build the foundation for a more secure and innovative government of tomorrow," AWS CEO Matt Garman added.

The news comes just two days after the GSA confirmed a partnership with OpenAI, which would see ChatGPT Enterprise become available at a "deeply discounted rate" for all federal workers.

Other recent discounts offered to the White House include up to 70% off certain Docusign plans and Adobe plans, and as much as 75% off Oracle cloud platforms.

You might also like

• These are the best AI tools and best AI writers
• Save some cash with the best free office software
• UK looks to stop "harmful" cloud domination by AWS, Microsoft - but the tech giants are hitting back

Enterprise cloud demands have evolved beyond the early drivers of adoption. Now, more than ever, businesses must be prepared to scale at a moment’s notice. Meeting unexpected user demand while maintaining service levels is an ongoing challenge. At the same time, cloud computing workloads are becoming increasingly specialized, requiring optimized solutions across CPUs, DPUs, and AI accelerators to fully harness cloud-native architectures and frameworks.

As a result, cloud spending has become a critical operational priority. According to Flexera, nearly half of all workloads and data are now in the public cloud. In fact, 72% of IT decision-makers (ITDMs) are prioritizing cloud optimization as a key organizational initiative to drive cost savings.

These trends highlight the importance of right-sizing cloud solutions. Enterprises must ensure that their infrastructure is optimized for their specific business needs and workload requirements. The right cloud strategy delivers flexibility, security, performance, and cost efficiency, all of which are fundamental to maintaining a competitive edge.

Why the Time is Now

Cloud computing has long been the backbone of modern digital infrastructure, primarily built around general-purpose computing. However, the era of one-size-fits-all cloud solutions is rapidly fading in a business environment increasingly dominated by AI and high-performance computing (HPC) workloads. Legacy cloud solutions struggle to meet the computational intensity of deep learning models, preventing organizations from fully realizing the benefits of their investments.

At the same time, cloud-native architectures have become the standard, as businesses face mounting pressure to innovate, reduce time-to-market, and optimize costs. Without a cloud-optimized IT infrastructure, organizations risk losing key operational advantages—such as maximizing performance efficiency and minimizing security risks in a multi-cloud environment—ultimately negating the benefits of cloud-native adoption.

Moreover, running AI workloads at scale without an optimized cloud infrastructure leads to unnecessary energy consumption, increasing both operational costs and environmental impact. This inefficiency strains financial resources and undermines corporate sustainability goals, which are now under greater scrutiny from stakeholders who prioritize green initiatives.

Beyond performance gains, security is yet another critical consideration when selecting cloud-optimized hardware that often goes underappreciated. Cloud-optimized hardware often provide a strong suite of advanced security features, such as confidential computing. These technologies ensure that sensitive data remains encrypted while in use, reducing the risk of physical DIMM (Dual In-line Memory Module) attacks or virtual threats in hyperconverged infrastructure environments.

As the risks of data breaches continue to escalate – both in financial and reputational terms – organizations must recognize that leaving cloud environments unprotected is no longer an option. The rise of sophisticated cyber threats, from rogue hackers to nation-state-sponsored actors, makes enhanced cloud security a non-negotiable priority.

Your 2025 cloud optimization playbook

Furthermore, as industries push forward with the adoption and deployment of AI tools, IT leaders must ensure that their cloud infrastructure can support compute-intensive workloads while balancing cost, security, and efficiency considerations. While each organization's computing needs are unique, IT teams embarking on hardware modernization should consider the following:

Performance: Are your cloud instances equipped for the level of compute performance your business requires? Cloud infrastructure must support a range of workloads, from web front-end applications to in-memory analytics and heavy transactional processing.

Cost and efficiency: Can you reduce your cloud footprint by running the same workloads on fewer servers? Prioritizing instances with high compute density allows businesses to run more VMs or containers per server, achieving significant cost and energy efficiency benefits.

Security: Does your cloud instance provide the level of data protection you require? Confidential computing helps mitigate security risks by protecting data in use, reducing vulnerabilities in virtualized environments.

Ecosystem: Opting for processors powered by industry-standard x86 architecture simplifies cloud environments, making it easier to develop, maintain, and migrate applications with minimal disruption.

Unseen optimization, tangible impact

For IT decision-makers, understanding the cost implications of each 'unit of work' is crucial when selecting cloud instances. Traditional infrastructure forces enterprises to choose between overprovisioning resources – leading to unnecessary expenses – or under provisioning, which can cause performance bottlenecks. Cloud-optimized hardware changes this equation by enabling businesses to achieve more with fewer resources while maintaining high levels of performance, security, and efficiency.

As cloud technologies continue to evolve, enterprises that prioritize modernization will reap the benefits of seamless scalability, improved sustainability, and a resilient digital foundation for future innovation. In a world where agility is critical, cloud optimization is no longer a luxury—it is a business imperative for staying competitive in 2025 and beyond.

We list the best IT management tool.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro