The day we've been waiting years for has finally arrived. Rockstar Games has finally given word on GTA 6 pre-orders (spoiler: they're happening now), as well as pricing information and a torrent of new screenshots, but fans have highlighted a notable omission.

We were asked in a comment on our TikTok announcing the news whether or not we knew of a collector's edition in the works — and we don't, with Rockstar staying quiet on the matter — but there's at least some reason to believe that we won't see one that includes a physical copy.

That reason is an entirely different game; Red Dead Redemption 2 (RDR2), the last game developed by Rockstar. Instead of a collector's edition including a physical copy, fans received a collector's box priced at $99.99 / £89.99 with "outlaw essentials" inspired by the Van der Linde gang.

These included various themed items like a metal tithing box, a bandana, pins, and more, all neat, but notably, there was no digital content included. Bundles were available that included a hard copy, but officially speaking, these were distinct and separate products. It was met with mixed feelings; some fans liked the focus on real-world collectibles rather than in-game content, but others at least wanted a unique game box to

So, will we see a collector's box for GTA 6?

Well, reader, I've got no clue. It's been a long eight years since RDR2, an even longer 12 years since GTA 5, and it's a whole different ball/car theft game in 2025. In our pre-order live blog, our Managing Editor, Gaming and Streaming, speculates:

Indeed, GTA 6 already stands to shape the market. Its pricing alone has been a huge point of interest, with analysts putting early predictions at over $100; it's safe to say that would have been the real kicker here, even if a collector's edition would be appreciated by many fans.

Who knows, perhaps Rockstar is going all-in on the digital future and scrapping all physical media, including merchandise. I mean, I'd be surprised, but it's not beyond the realms of imagination that we'd see fewer publishers making their own merch and offloading the effort onto third-party providers.

Still, I sincerely hope that's not the case; whether it's a collector's edition with a physical disc, a game code, or just a box filled with junk I can shove on a shelf to proudly show in the background of my Zoom calls, there's plenty of demand for collector's items.

One of the most significant changes in the last couple of decades has been the rise of social media and the way it's reshaped society. Mark Zuckerberg, who co-founded and launched Facebook – and now leads the technology conglomerate Meta – has played a key role in what he describes as an erosion of privacy.

Social media shifts

We were just months away from Mark Zuckerberg's first on-screen portrayal in The Social Network when he spoke about the story of Facebook so far at TechCrunch's Crunchies awards in January 2010.

During the interview, he spoke about the way that people's attitudes toward their own sense of privacy had shifted, and that with the tools available on the web – including his own platform – users were far more open and willing to share details about themselves.

He delivered these thoughts following criticism that Facebook had altered its architecture so that basic information, like your friends list, became publicly viewable by default – unless you consciously opted out.

The death of privacy

Zuckerberg, at the time, was attempting to reframe his platform's changes as ones that served users as it adapted to their behavior. But it's also fair to suggest that Facebook had also played a role in triggering behavioral shifts in its users in the first place.

Cynics would also suggest that the shift to opening up more data to public access paved the way for further monetization of user data. This would come in the form of Open Graph, which the company launched in May that same year.

People have continued to share their information online, but they aren't feeding simple algorithms or monetization portals, but AI models too.

On the other hand, the modern age has given rise to more encrypted services like WhatsApp, Signal and Discord, with mostly open platforms, like Facebook's previous incarnation, suffering from data collection scandals and privacy breaches.

I’m under no illusions that John Ternus’ Apple will be the exactly same as it has been under Tim Cook. Initially though, there will be few, if any, changes. Ternus is not an outsider with wild anti-Apple ideas intended to wake a sleeping giant. He's been here for decades, through all the major releases that made Apple, well, Apple. Claims that he's arriving in September to revive Apple's design excellence are, if not off base, then just wrong-headed.

First of all, the argument presupposes that there is something fundamentally lacking in Apple's Industrial design: Jony Ive was obviously lighting in a bottle, and current design lead Molly Anderson is a pale, albeit also British, imitation. (Granted, Anderson has not been in the position that long, taking over from Evans Hankey, who left in 2023.)

But accepting that presumption is to ignore all the beautifully designed products that have arrived under Cook's leadership, with and without Ive, and also often under the watchful eyes of Ternus.

Remember the Pro — oh

But since Ive's skills as a designer are so vaunted, let's start with a failure. Perhaps you remember the Mac Pro. No, not the cheese-grater design unveiled in 2023. While that had its detractors, it was miles above the trashcan design unveiled in 2013.

It was the ultimate expression (at least in PC terms) of Ive's "form meets function" obsession. The internal structure was sort of a triangle of boards that seemed perfectly wrong for a squat, circular enclosure. Ive's fingerprints were all over the impractical system, one that Craig Federighi later admitted to me (during a mea culpa meeting on the Pro) had boxed Apple into a thermal corner. It was hard to upgrade and was roundly rejected by pro system users.

Ive was also responsible for the Apple Pencil. With it, his penchant for skeuomorphism extended from app design into the physical world. The Apple Pencil fully resembled a white plastic version of a real, pencil, and to accommodate that, it had, under a custom cover, a hidden Lightning charging plug. You even needed a special adaptor to charge it. Later, wirelessly charging Apple Pencils, which I think Ive also designed, fixed this mess.

Naturally, Ive's hits far outweighed his misses, and many big ones came during the Cook-Ive collaboration period, including the iPad Air, the Apple Watch, and AirPods (which started awkwardly but gradually improved).

The more divisive Apple Vision Pro was likely designed under Hankey and Anderson's watchful eye. I do think it's a pleasant intersection between the needs of extremely high-end innovation and aesthetic appeal. Goggles will be goggles, after all.

Even iPhone design has remained, if not excellent, interesting.

The iPhone is still beautiful...discuss

When Apple introduced the first iPhone in 2007, there really was no other handset quite like it. Apple set the bar and, over the years, every other manufacturer followed. It became harder and harder for Apple to differentiate its metal and glass slab from its competitors. The ever-larger camera arrays have provided a sort of design challenge and an opportunity at the same time. Hankey and Anderson, at least, came up with a giant island that's quite recognizable from a distance. And let's not discount color. The orange was a stroke of genius and the new MacBook Neo's playful Blush and Citrus colors are lively, proving Anderson knows how to marry form with expression.

Ternus' role as hardware lead means he's been seeing these designs for years. My sense in sitting down with him after the launch of the iPhone Air is that he is intimately involved with the process of shoving all that technology into ever-thinner, but shockingly strong frames. He gets that you need to marry engineering skills with industrial design to get a durable and usable product that's still attractive.

When I think about what Ternus will do when he finally takes over in September, I am reminded of relay race runners. Cook continues to pace around the track while slowly holding out the baton behind him. Ternus is nearby, running just behind Cook with one hand outstretched. Neither man will stop. The handoff will happen in a few months, with everything still in motion.

The process of finishing the rumored iPhone Ultra (the folding phone) continues as we speak, and Ternus is not going to suddenly pull a Steve Jobs and throw the design into a fish tank, to see if bubbles rise, thus proving they could make it smaller. He won't demand that all plastic be replaced with glass, or even that one more color be added to the mix.

When, as the recent Bloomberg report claims, Ternus said of Apple's design history and appeal to customers, "We’re going to make sure that stays the case,” he's not talking about making huge changes to achieve that goal.

Ternus will stay the course and support Anderson. He may hire more design support and, down the line, Ternus will look for his signature initiative or product; he will want to have his own iPhone or iPod. But that's a natural inclination for any incoming CEO. Job one, though, is staying the course, shepherding the in-the-pipeline products to market and ensuring that Apple remains Apple.

I think Ternus knows exactly how to do that.

Professionals end every day feeling behind or burnt out, but not because they haven’t worked hard enough or clocked off earlier that day.

It’s because the volume of information, decisions, and context-switching is moving faster than the pace humans can realistically handle.

A recent Microsoft report put numbers to what people are feeling.

Eight in 10 of the global workforce say they lack enough time or energy to do their work, and 60% of meetings are happening as ad hoc calls or quick chats outside the pre-scheduled day-to-day.

This isn’t a motivation problem, it’s a capacity one - and it's created one of the defining contradictions of modern work. Businesses have never had more ideas, expertise, or ambition at their disposal, yet the people inside them are increasingly starved of the time and clarity needed to turn that potential into progress.

The smartphone makes this contradiction impossible to ignore. It is one of the most consequential inventions of the 21st century, yet also one that many people actively try to use less. Screen-time limits and digital detoxes are not anti-technology trends. They are signs that people are trying to regain control over a tool that has become indispensable, but increasingly overwhelming.

The message is simple: the market isn't asking for more technology. It's asking for relief.

Technological exhaustion

People are adopting or looking at things like digital assistants, wearable AI, focus apps, and workflow automation, not because the technology is impressive. They're doing it because they're exhausted.

That distinction matters because cognitive overload has become a workplace crisis. And the first wave of wearable AI missed the opportunity to solve it.

Instead of building practical tools, companies chased futuristic visions. Early wearable AI products asked "what can AI do?" instead of "what problem needs solving?"

The Humane Pin is the most obvious and probably the most well-known industry example. The vision was compelling, but the execution wasn't there. It positioned itself as a complete phone replacement before proving it could do even just one thing better than a phone. Ultimately, it tried to be everything and ended up being nothing.

This approach didn't reduce cognitive overload - it created more. Another device to manage. Another thing running in the background of an already overwhelming life.

The wrong question asked was: "How do we replace the phone entirely?"

A much better question is: “Where are people losing the most time, energy, and clarity — and how can technology give some of it back without demanding more from them?”

Useful technologies

The most useful technologies rarely arrive by replacing everything at once. The calculator didn't try to replace the accountant - it eliminated one specific source of friction and became indispensable.

It’s the same with wearable AI assistants. Progress is made in practice, not promises.

The wearables gaining real traction share one quality: users can explain their value in a single sentence. "This device exists so I can stop worrying about X." That clarity isn't a constraint - it is the product.

The future of this category will not be defined by the devices with the boldest premise. It will be defined by those who understand where people are most overloaded and remove that pressure without asking for much in return.

Does the technology make someone feel more capable or more managed? Does it reduce the number of things they have to remember, check, repeat, and translate? Does it create clarity, or simply another stream of information?

Those questions are less glamorous than asking whether AI can replace the smartphone. But they are also far more useful.

The wearables that will actually help aren't the ones with the boldest premise; they're the ones that solve one real problem but do it well.

In a world drowning in information, that may be the most ambitious thing technology can do.

Simplify work with the best AI tools.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

For most of the world, the 2026 FIFA World Cup will be remembered as a sporting event. For cybersecurity teams, it will function more like a live multinational stress test.

Spanning three countries, 16 host cities, and thousands of miles of transportation corridors, the tournament depends on an interconnected ecosystem of physical and digital infrastructure operating under sustained pressure for more than a month.

Airports, rail systems, hotels, fan festivals, credentialing platforms, broadcast operations, rideshare services, and public-facing digital services will all be strained simultaneously.

That scale fundamentally changes the security equation.

From a threat intelligence perspective, the defining challenge of the 2026 World Cup is the convergence of physical, cyber, social, and geopolitical risks across shared IT infrastructure and compressed operational timelines. Security teams are no longer managing isolated threats — they are forced to manage cascading disruption, where pressure in one domain can rapidly affect another.

A phishing campaign targeting transportation staff could disrupt rail operations moving tens of thousands of fans. A localized protest could overwhelm nearby transit systems and alter executive movement plans. A ransomware incident affecting a hospitality provider could create physical security concerns if communications or access systems fail during peak crowd periods.

This is the reality of large-scale global events in 2026: the attack surface is no longer just the venue, it’s the infrastructure surrounding the whole event.

At the time of writing, Flashpoint has not identified any specific, credible threats targeting the tournament. That should not be mistaken for a low-risk environment. Events of this scale consistently attract opportunistic criminal activity, fraud operations, extremist messaging, coordinated protest movements, and attempts to exploit operational strain.

The Security Perimeter Extends Far Beyond the Stadium

Historically, security planning for major sporting events has centered on venue protection. For the 2026 FIFA World Cup, that model is no longer sufficient.

With matches spread across three countries and 16 cities, much of the risk now sits outside controlled environments across transit systems, hotels, fan zones, entertainment districts, and the broader infrastructure moving people, information, and services between them.

In many cases, these environments carry greater uncertainty than the stadiums themselves. Security visibility is uneven, access controls are inconsistent, and crowd density, alcohol consumption, and movement constraints create conditions where relatively minor incidents can escalate quickly.

Protests are likely to add another layer of complexity. Demonstrations tied to immigration policy, labor concerns, geopolitical tensions, and broader political movements are expected to occur across multiple host cities during the tournament. Most demonstrations will likely remain lawful and localized.

While most demonstrations will likely remain lawful and localized, the risk emerges when protest activity intersects with transportation choke points, fan movement patterns, or already strained public infrastructure.

Threat intelligence teams should pay close attention to how online rhetoric translates into physical coordination.

Many of the indicators that matter most during events like the World Cup appear early through fragmented digital activity: encrypted messaging channels, localized social media conversations, extremist propaganda ecosystems, fraud marketplaces, and open-source coordination efforts.

The intelligence challenge is rarely a lack of data. It is identifying which signals indicate a meaningful shift in operational risk.

Crowd Dynamics and Operational Disruption

Crowd behavior remains one of the most persistent, and often underestimated, security challenges at large-scale events.

Mass gatherings create conditions where panic can spread faster than verified information. Overcrowding, pyrotechnics, aggressive supporter behavior, or sudden movement within confined transit areas can trigger cascading safety incidents without any organized attack occurring.

Recent years have also shown increasing coordination among certain supporter networks and hooligan groups, including the use of encrypted communications and reconnaissance activity to organize around less-secured gathering points outside official venues.

These risks matter because they place pressure on the systems surrounding the event, not solely the event itself. The same convergence is visible across the cyber threat landscape.

We are likely to see elevated levels of phishing activity, ticket fraud, domain impersonation, social engineering, and opportunistic attacks targeting tournament-related infrastructure. Threat actors understand that large events create urgency, emotional decision-making, and predictable behavior patterns. Fans searching for tickets, transportation, accommodations, or livestreams become easier targets for spoofed domains and fraudulent communications.

The operational implications extend well beyond consumer fraud losses.

A disruptive cyber incident affecting transportation systems, hospitality providers, third-party vendors, or venue operations during a high-attendance match day can rapidly create downstream physical security challenges. Delayed transit systems increase crowd concentration.

Failed communications systems complicate emergency response coordination. Access-control outages create confusion at security checkpoints. Small technical failures can compound quickly in dense environments operating on fixed timelines.

What Security Teams Should Prioritize Before the Tournament

Organizations supporting personnel, executives, vendors, or operations during the World Cup should prepare for an environment where physical and digital disruptions increasingly overlap.

That preparation starts with visibility.

Security teams should establish continuous monitoring around transportation disruptions, protest coordination, fraud infrastructure, and emerging operational incidents across both open and closed online sources. Threat indicators tied to major events often surface first through fragmented local reporting, encrypted messaging channels, social media coordination, and opportunistic criminal communities.

Travel security planning should also extend beyond venue access and hotel bookings.

Organizations should review how employees handle credentials, travel itineraries, executive movement, and event-related content online. During high-profile international events, threat actors routinely collect publicly available information to support impersonation attempts, social engineering campaigns, and physical targeting.

Employees, contractors, media personnel, and attendees frequently expose operationally sensitive information online without recognizing the downstream implications. Credential badges, transportation routes, executive locations, hotel details, and backstage access procedures often appear publicly across social media within minutes. Threat actors increasingly use these fragmented disclosures to map security procedures, identify soft targets, or facilitate social engineering operations.

Third-party dependencies deserve particular attention.

Hospitality providers, transportation vendors, temporary staffing organizations, event technology platforms, and local service providers will all operate under elevated pressure during the tournament. Security incidents affecting those organizations can rapidly create downstream operational disruption for attendees, sponsors, media teams, and corporate travelers.

Finally, security leaders should prepare for disruption scenarios that fall below the threshold of a major crisis but still create operational consequences. Delayed transportation, localized unrest, communications outages, credentialing issues, and short-duration cyber incidents can all affect executive movement, employee safety, and business continuity during compressed event timelines.

The Organizations That Adapt Fastest Will Be Best Positioned

Events like the 2026 FIFA World Cup place unusual strain on security teams because disruption rarely stays contained within a single domain.

A cyber incident can create immediate physical consequences. Protest activity can disrupt transportation and executive movement. Crowd-management failures can generate downstream operational strain across hospitality, communications, and emergency response systems.

For security leaders, the challenge is maintaining visibility across these interconnected environments as conditions evolve in real time.

The organizations best positioned during the tournament will not necessarily be those with the largest physical security footprint. They will be the organizations capable of continuously correlating cyber indicators, physical activity, online narratives, and emerging operational disruptions into a coherent picture of risk.

Threat intelligence creates decision advantage in environments where conditions evolve by the minute.

We feature the best internet security suites: ranked and rated by experts.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

• The Blair Witch Project reboot will be released on September 24, 2027
• YouTube creator Dylan Clark will direct the project
• Clark has already directed a number of horror shorts which are available for free on YouTube

The Blair Witch Project is getting a reboot, which will arrive in theaters worldwide on September 24, 2027. But of all the horror titles to reboot, I'm concerned this was a poor choice.

YouTube creator Dylan Clark has been announced as the director of the rebooted found footage horror movie, and there's no denying he's talented. His YouTube channel features a number of effective short films you can watch for free.

News of The Blair Witch Project's reboot was confirmed by Lionsgate on social media, where they shared the release date announcement.

Is a Blair Witch Project reboot really necessary?

That's the big question among horror fans right now, and I'm sure people have plenty of strong opinions about it.

I'm certainly excited for Dylan Clark to be working with Lionsgate, but in a world where YouTubers Kane Parsons' Backrooms and Curry Barker's Obsession are dominating the box office with their original stories, I'm unsure we should rely on a YouTuber to reboot an iconic movie like The Blair Witch Project instead of creating something new.

Indeed, recent box office figures have shown that there's an appetite for original storytelling, with both Parsons and Barker receiving widespread acclaim for their horror movies.

Backrooms made $277.4 million from its $10 million budget, and Obsession made $334.4 million from a budget of just $750,000 - incredibly impressive results which have no doubt caught the attention of Hollywood.

It's clear that horror fans want something new, and I'm among them. The only way I can see The Blair Witch Project working is if it is completely stripped back and told from a new angle.

But even so, perhaps a completely new found footage horror would have turned out better? When the original movie came out in 1999, it was exciting because it was an entirely fresh concept.

Curry Barker is currently working on a Texas Chainsaw Massacre reboot, which I was initially apprehensive about too, but he confirmed that he would be focusing on lesser-explored characters. I truly hope that Dylan Clark takes a similar angle and offers something new when it comes to The Blair Witch Project.

Right now I'm not filled with much confidence, but as always I am open to being proved wrong.

Enterprises built their early AI strategies in a world that assumed relative freedom of data movement. That world no longer exists, so how do they adjust to the new world?

While it’s a cliché that data is the new oil, the truth is that data does need to be able to flow around an organisation and come to rest in some central location, where it can be refined to extract insight and value.

In recent years, that refining has come, of course, via AI.

But if we really think that analogy through, it also captures some of the problems enterprises currently face managing data.

Recently, the world has seen what happens when the free flow of oil, gas, and other fundamental resources is disrupted. Governments and companies are scrambling to work around supply chain interruptions in the short term and looking for energy sovereignty and resilience in the long term. In this case, centralization has become a liability, thanks to a single, but critical, chokepoint.

In the same way, the upheaval created by AI, paired with governments’ and regulators’ attempts to manage its impact, means companies need to rethink how they architect and manage their data. The difference is that the ways traditional data flows around organizations are changing.

After all, a centralized approach made sense when moving data was straightforward. Now, however, governance and sovereignty concerns and data movement costs have changed the calculus.

AI transformation

AI alone has transformed the equation when it comes to the volume of data that must be managed. It’s not just training models that require massive amounts of data. Those models need constant updating and tuning with fresh data. And, if those models are to deliver value to the business, companies will be constantly running inference, which requires more data, and generates more data.

Unsurprisingly, governments and regulators have an interest in AI governance. This includes existing concerns about data residency and the possibility of new problems, such as data leakage into LLMs.

In Europe, for example, the regulatory landscape laid out by the GDPR mandate has been complicated by the rollout of the EU AI Act, which comes fully into force from August this year. In the US, companies face multiple federal and state-level regulations. Any, or all, of these could come into play as data is moved to that central refinery.

Governments also have an understandable strategic interest in developing sovereign AI, further complicating matters when it comes to both data and the models that work on it.

Once we consider this, it’s clear that only a few organizations are architected to handle the sheer scale of data involved in AI, and the governance it requires.

Companies grow messily, whether organically or through M&A, inheriting different infrastructures – and different governance regimes - as they sprawl across borders.

Data in the old world

In the old world, free-flowing data might have been seen as efficient. Now, given the vast amount of data involved, generating copies of data and moving data across borders is both fraught with risk from a governance perspective. And with escalating cloud egress fees, data movement becomes extremely expensive. At the same time, moving or copying on-prem presents both a financial challenge, and imposes a burden on already stretched technology teams.

What are our options in this new world? Few technology leaders have the option of simply opting out of the whole AI revolution. Whatever your personal views on the technology, few C-suites are prepared to sidestep the AI race.

But we can lay out a roadmap for how to manage data – and compute – in this new world.

To start with, we need to understand the environment we’re really operating in. This may well include accepting that a hybrid or multi-cloud architecture is going to be the normal state of affairs. The very nature of AI, with companies needing to access multiple models and multiple services, means that traditional monolithic, central approaches simply won’t scale.

This, in turn, means every technology leader needs to be crystal clear on what governance means for their organisation and its data, whether that’s data privacy or residency requirements. And it’s imperative that governance is embedded in the AI workflow from the outset. It’s too important to be an afterthought or kicked down the road as other priorities arise.

What this makes clear is that it will normally make more sense to bring compute and those critical AI models to the data, not the other way round.

This isn’t just about reducing data movement costs or producing multiple copies of data. It’s about reducing the friction that comes with reconciling governance requirements as data moves around organizations and across borders. But it can also mean reduced latency and fresher data, making AI more effective.

That’s not to say that it’s not sometimes necessary to move data. But if that’s the case, let’s be mindful and deliberate about it.

But while data becomes increasingly decentralized, it’s imperative that we centralize the management of data access and build the platform accordingly. This lays the groundwork for clear data governance and sovereign AI alike.

By rethinking how they manage data movement, technology leaders can bypass the escalating egress costs and compliance traps embedded in the old way of doing things. The result is an AI strategy that is both scalable and sustainable, enabling enterprise-grade AI, wherever their data lives.

We feature the best data migration tools.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Most executives have no idea how much of their website traffic comes from AI agents.

If you were to ask which AI agents are legitimate and which are impersonating trusted names to scrape data, they’d struggle to tell them apart, a problem that’s growing by the day.

In early 2026, AI and bots generated billions of requests, outpacing internet traffic from humans.

This is no longer a fringe activity; AI agents are now a persistent, substantial portion of the traffic hitting websites.

Yet most organisations can’t tell you what that traffic is doing, where it’s really coming from, and whether it’s helping or hurting their business.

The Volume Trap

When organisations hear that AI agent traffic is creating billions of requests, the instinct is often to treat it as a monolithic category. It’s not. Lumping all AI agents together is like treating all humans as identical users; it misses the nuance that determines value.

Take two agents from the same company: one built to improve search relevance, potentially driving referral traffic back to a website, and another designed purely for large-scale data extraction to train AI models, offering zero benefit to organisations.

Both show up in traffic reports, both generate similar volumes, but only one has any upside for businesses. Without the ability to distinguish between them, companies can’t make informed decisions about either. Organisations are flying blind, and the cost of that blindness is steep.

The Trust Problem

Here is where it gets trickier: even when an AI agent identifies itself, organisations can’t trust it. Recent data shows that well-known, trusted AI agent names are being actively impersonated at scale. Meta-ExternalAgent was spoofed over 16 million times in early 2026. ChatGPT-User saw nearly 8 million fraudulent requests using its name. PerplexityBot had nearly 2.4% of all requests claiming to be legitimate turn out to be fake.

If website allowlists – approved lists granted automatic access - certain AI agents by name, assuming they are legitimate crawlers, a fake agent string is essentially a skeleton key. Bad actors know this and are using trusted agent identities as cover to bypass defenses and extract whatever data they want.

The exposure isn’t theoretical. Testing across 700k high-traffic websites revealed that the vast majority return full access to spoofed AI agent requests with no verification whatsoever.

The Agentic Browser Challenge

Traditional AI crawlers are only part of the story. A newer, more sophisticated vector is emerging: agentic browsers. These tools don’t just request a page, they simulate full browser sessions and interact with a site like a human user.

They’re harder to detect and harder to distinguish from legitimate traffic, and they are showing up in force across the industries with the most valuable transactional data.

In February 2026, agentic browser traffic was concentrated in ecommerce and retail (about 20% of volume) and travel and tourism (15%). These sectors hold some of the most valuable transactional data on the internet: pricing data, inventory information, customer behavior patterns, and competitive intelligence.

For businesses in any of these sectors it’s time to start actively monitoring for agentic browser activity, as organisations may be leaking data without realising it.

What This Means for Decision Makers

The implications of this visibility gap are immediate and material. Invisible traffic is unmanaged traffic. Companies that can’t identify traffic can’t decide what to do with it. Should it block it? Throttle it? Allowlist it? Monetise it? Without clear visibility, decisions become guesswork.

High volume does not equal high value. Some AI agents drive search visibility and referral traffic. Others extract data and contribute nothing in return. By treating them the same, organisations are subsidising data collection efforts with no upside for a business.

Relying on basic bot detection doesn’t cut it anymore. Agentic browsers behave like real users and simple signal-based detection misses them. Organisations need behavioural analysis that accounts for session patterns, timing, interaction signatures, and other contextual indicators.

Where to Start

Getting control of AI agent traffic starts with visibility. Organisations need to log and classify what is hitting sites, by agent type, behaviour, and claimed identity without relying solely on user-agent strings, as they’re easy to spoof.

Agent classification is an ongoing practice. As the AI agent ecosystem evolves quickly, with new agents appearing regularly and existing ones changing behaviour, in-time assessments go stale fast.

Establish a tiered access framework, but make it session-specific, not agent-specific. The same AI agent can exhibit legitimate behaviour in one session and extractive behaviour in another.

Intent-based detection evaluates what an agent is doing in real time, not just what it claims to be. Is it browsing product pages at a human pace or scraping an entire catalogue? The behaviour in each session should determine the response.

Companies should stop assuming that because something identifies itself as a known agent, it is legitimate. The cost of blind trust is too high. Verify everything.

AI agents are not going away. Their traffic will continue to grow, and their behaviour will continue to evolve. The organisations that thrive in this environment will be the ones that can see clearly what is happening on their websites and make deliberate, informed decisions about what to allow and what to block.

Right now, most organisations can’t, and that needs to change. AI agents are already interacting with websites. The question is whether organisations know what they’re doing while they’re there.

We feature the best website builders.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Tim Cook has long taken a strong stance against the infringement of Apple users' privacy – and the general erosion of privacy. That's been the case whether he's shown support for end-to-end encryption or if he's railed against the monetization of user data.

The rise of data protection

Almost a decade ago, the European Union (EU) introduced the most radical reformations to data protection laws in a generation with the General Data Protection Regulation (GDPR).

Several months later, the (now outgoing) Apple CEO spoke at the 40th International Conference of Data Protection and Privacy Commissioners with a speech that targeted Apple's fellow technology rivals with both barrels.

He pointed out that billions of dollars were changing hands – and countless decisions were being made based on data points harvested from our interactions on digital platforms. These may include clicks of a Like button but also the information we have shared, often without understanding the full implications.

Your very own digital profile

Cook projected a dystopian future in which each person would be represented by a digital profile that's been devised based on analysis of the countless data points systems have gathered.

The purpose of this form of behavioral profiling, he suggested in his speech, could range from more effectively monetising your information to targeting you with more extremist content in one direction or another.

For example, we've since seen the way that social media platforms and similar sites have been highly effective in populist political movements, including the U.K. 'Brexit' decision to leave the EU. There are also fears this sort of power has been weaponized, to use Cook's phrase, by foreign adversaries.

Nearly 10 years on from the introduction of GDPR, there are fears that the rise of AI – which is turbocharging some of the fears the outgoing Apple boss raised – is undermining the laws and that newer, more modern regulations are needed.

I’ve tested a lot — and I mean a lot — of the best Bluetooth speakers. More than 50 to be exact. And if we’re talking about sheer popularity, then one brand is the clear and obvious top dog: JBL. For good reason too. In my years of testing, I’ve found that JBL regularly delivers the ideal blend of quality and affordability, regularly producing Bluetooth speakers with great sound and impressive durability at an easy-to-stomach price.

JBL also makes loads of different options, so I though I'd help you narrow things down a bit, and have picked out three JBL speakers I’d actually spend my own money on — with speakers for all budgets.

I’ve selected a small, budget-friendly speaker, a mid-priced maestro, and a premium pick that’s ideal for parties — there really is something here for everyone. If a speaker hasn't make this list, it’s by no means a vote of no confidence; this is simply a list of the three I’d personally grab right now.

1. JBL Go 5

Let’s start with the small yet mighty JBL Go 5, which I recently reviewed and rated five stars. The Go 5 is, in my view, the best small speaker on the market right now, offering clear, precise, and well-balanced sound, alongside an extremely hardy build, and a stellar feature-set.

As a mini speaker, the Go 5 won’t be able to belt out earth-shaking bass, but it plays to its strengths. Low-end sound is agile and punchy rather than ‘boomy’ and uncontrolled. Meanwhile, mids are clear and composed, and treble is highly articulate, resulting in great sound within a small package.

There’s also USB-C audio for lossless playback and EQ options to tailor audio to your specific tastes. The Go 5 has a more layered, full sound than its predecessor, the JBL Go 4, so if you own that model, I’d still recommend upgrading.

Another reason to opt for the Go 5 over the Go 4 is its design. The newer variant is equipped with edge lighting that makes listening to music even more immersive — especially in low-lit rooms if you want a bit of ambience. Waterproofing also got a boost to IP68, meaning the Go 5 is fully dustproof and capable of surviving a 1.5 meter dunking underwater for as long as 30 minutes — ideal for beach trips and pool parties.

Mix in solid battery life, Auracast compatibility, as well as a drop proof exterior, and the JBL Go 5 really is the full package — albeit a small-sized one. It’s typically available for $54.95 / £39.99 (about AU$75) as well, meaning it’s an absolute bargain.

2. JBL Flip 7

If we’re talking about value for money, then the JBL Flip 7 might just be the greatest Bluetooth speaker I’ve ever tested. Big statement, I know.

The reason for this is actually fairly simple: the sound it produces defies belief — not only based on the speaker’s low price, but also on its low footprint. Yes, the five-star Flip 7 is very compact, but it produces big, impactful sound, with strikingly impactful bass that demands your attention. But this doesn’t come at the expense of the rest of the frequency range. Mids are layered and intricate with vocals sounding especially well-defined, while treble sounds exert a level of expressiveness that’s beyond expectation.

Elsewhere, the Flip 7 carries over a lot of the Go 5’s greatest features, like an IP68 rating, USB-C audio, Auracast, and PlayTime Boost if you need a bit more battery life — though the standard 14 hours should get you a decent way. Sure, there’s no edge lighting on this one, but it's a clear step-up in terms of sound quality and power — it has a 35W maximum power output compared to the Go 5’s humble 4.8W.

At $149 / £129 / AU$179, the Flip 7 already overdelivers against its asking price, but I’ve seen it pop up on sale plenty of times, so keep your eye out for a sweet deal.

3. JBL Xtreme 5

Last but most definitely not least, I have the JBL Xtreme 5. If you’re working with a larger budget, want massive sound, or want a speaker for parties, then this one’s for you. This model was released alongside the Go 5, so I also reviewed it very recently, and like its small counterpart, it earned a glowing five-star review.

But what makes the Xtreme 5 so special? Of course it has all of the aforementioned features, whether that be IP68 dust and waterproofing, wired lossless playback or personalizable EQ. But the big difference is made in the audio department.

The Xtreme 5 has a massive maximum power output of 130W, meaning it can supply seismic sound, with thumping bass, driven and direct mids, and vibrant highs. Although it's a great performer all-round, it really is the low-end that wows. I described this model’s bass as “mesmerizing” in my review, and during testing I was blown away by the sheer might of its low-end output, which was significantly improved from the JBL Xtreme 4.

In addition, the Xtreme can squeeze out up to 28 hours of playtime, has JBL EasySing Mic compatibility for karaoke, and like the Go 5 it has customizable LED lighting. If you want the ultimate portable party speaker, look no further than this. The Xtreme 5 usually sells for $399.95 / £329.99 (about AU$560), which is very competitive in the upper echelons of the Bluetooth speaker market, although it's undoubtedly quite the investment.

For a long time, security teams have been dealing with the same problem: a constant stream of security alerts, but not enough context.

Missing details like user behavior, asset importance, or related activity, means there’s a heavy reliance on analysts to work out what actually matters.

This doesn’t just slow teams down; it puts real pressure on teams and limits how much they can realistically review or understand.

Agentic AI changes this dynamic.

Instead of looking at alerts in isolation, these systems can piece activity together, understand what’s happening in context, and in some cases take action on their own.

Often, issues are resolved before they ever need to be escalated. That removes a lot of the manual effort that’s shaped security operations for years.

But while a clear improvement, it doesn’t remove risk—it shifts it.

As systems improve, scrutiny declines

A useful comparison is aviation. As systems become more reliable, people naturally step back. Not because they’re careless, but because constantly double-checking something that’s almost always right starts to feel unnecessary. Over time, trust stops being something you actively think about and becomes something you assume.

The same thing is starting to happen in cybersecurity. As these systems prove themselves, teams spend less time questioning individual decisions. The environment feels calmer, and the lack of issues reinforces that sense of control. The real risk isn’t frequent failure, it’s that when something does go wrong, it’s less likely to be challenged.

Alert fatigue comes from having to pay attention to too much, too quickly. What follows is something different: a gradual drop in attention, where growing confidence in the system weakens the instinct to double-check.

A model built on two interdependent layers

The structure of security operations starts to shift as well. Instead of everything hinging on human decision-making, you end up with two connected layers. People set the intent – defining policy, access and boundaries – while agents interpret it and act on it, often much faster than any person could.

Both layers can be influenced. Traditional attacks aimed at people don’t go away, but there’s now another surface to think about: the data, prompts, and workflows that shape agent behavior. If those inputs are manipulated, the system can still produce actions that look valid, because they follow its internal logic.

At the same time, the distance between decision and execution increases. Human operators aren’t as involved in the moment an action happens, which makes it harder to spot when something isn’t quite right. In practice, each layer ends up relying on the other for validation.

When that assumption holds, the system works efficiently. When that works, everything runs smoothly. When it doesn’t, the gap between them can be hard to see in real time.

How risk scales in an agentic environment

Risk doesn’t just increase in this kind of environment, it spreads differently. Each agent has its own identity, permissions, and decision-making logic, and they’re often connected. Actions taken in one part of the system can trigger responses elsewhere, creating chains of automated behavior.

That means a single bad input or flawed decision doesn’t stay contained. It can move quickly across systems without anyone stepping in. The issue isn’t just speed, it’s how connected everything is. Small mistakes can have much bigger consequences because they’re carried through multiple layers of automation.

Why identity and access need to change

How agents are set up today adds another layer of risk. In many cases, they’re treated as extensions of the user, with the same credentials and access. It’s convenient, but it also widens the blast radius if something goes wrong.

A more resilient approach is to treat agents as their own entities. Give them distinct identities, limit what they can do to specific tasks, and make sure their actions can be tracked and reversed if needed, without affecting everything else.

It’s less about efficiency and more about putting the right foundations in place for systems that are increasingly acting on their own.

Maintaining control as reliance increases

One of the trickier aspects is that failure doesn’t always look like failure. Fewer alerts and faster resolutions can make it feel like risk has gone down, when in reality oversight may just be less active.

Staying in control comes down to how these systems are designed and used. High-impact actions still need some form of verification, even if most routine work doesn’t. It also matters that teams can see not just what an agent did, but how it arrived there—what inputs it used and how it interpreted them.

The ability to step in is just as important. If stopping or overriding an automated process is slow or awkward, it probably won’t happen in time when something goes wrong. That kind of intervention needs to be simple enough to use under pressure.

More broadly, the role of the security professional shifts. It’s not just about spotting obvious problems anymore, but recognizing when something that looks fine might still need a second look.

A quieter, more concentrated risk

Agentic AI will do a lot to reduce alert fatigue, which has weighed on security teams for years. The trade-off is that risk becomes less visible and more concentrated in the space between what people intend and what machines actually do.

In systems that work correctly most of the time, the real challenge isn’t constant failure. It’s what happens when something does go wrong and whether the usual signals that would catch it are still there.

We've reviewed, rated, and ranked the best firewall software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

There is a growing tendency to frame advances in artificial intelligence through the lens of breakthroughs: new models, new architectures, new capabilities.

Innovation is often measured by what is invented, and how quickly.

But in some domains, this framing misses the point entirely.

Financial crime is no longer a collection of isolated incidents, it has evolved into an organized, adaptive, and increasingly industrialized system.

Criminal networks operate across geographies, leverage automation, and continuously refine their methods: they test, iterate, and scale, just as any high-performing organisation would.

In such an environment, the question is not whether an AI system is innovative. It is whether it can operate at the same level of organisation, speed, and adaptability as the threats it is designed to counter.

When Innovation Meets Reality

Most AI breakthroughs do not survive contact with real-world systems.

In controlled environments, models perform well. Data is structured, assumptions hold, and evaluation metrics are stable. But reality introduces a different set of constraints: incomplete information, shifting behaviors, latency requirements, regulatory oversight, and adversarial actors actively attempting to exploit weaknesses.

Financial and state systems, in particular those related to fraud and risk, represent one of the most demanding environments for AI. Decisions must be made in milliseconds, errors carry direct financial and reputational consequences, and the underlying patterns are constantly evolving. Not randomly, but intentionally.

Fraud is not a static problem. It is an adaptive one.

This is where many innovations fail. Not because the underlying ideas are flawed, but because they are not designed to operate under sustained pressure or with the necessary agility to adapt.

The Complexity of the Problem

The industrialization of frauds changes the nature of the response required.

It is no longer sufficient to detect known patterns or react to past incidents. Systems must identify behaviors that have not been seen before, anticipate emerging tactics, and operate continuously across multiple channels and geographies.

This requires more than isolated innovation. It requires systems that can learn, adapt, and scale, not once, but continuously. And behind those systems, it requires something even more fundamental: a culture capable of producing and sustaining that level of performance over time.

The way of the patent

Innovation that exists only on paper has limited impact. Innovation that survives deployment, that continues to perform as conditions change, is what ultimately defines effectiveness. In financial crime prevention, the gap between these two is critical.

In recent years, the financial sector has significantly increased its investment in AI and machine learning, with a sharp rise in patent activity across the industry. From large banks to specialized technology providers, there is a growing recognition that intellectual property can capture and formalize advances in detection, decisioning, and risk management.

According to recent data, AI-related patent filing in the financial sector grew by over 250% in the past five years: from big banks to small startups working in the space, there is a clear interest in adding the value of patents to the business.

But patents, in this context, should not be understood as an end in themselves.

They are not simply indicators of inventive capacity. They are signals of something more structural: the ability to repeatedly transform ideas into capabilities that operate reliably in real-world systems.

Strong ideas

If you obtain one patent, it suggests a strong idea. If you obtain ten, it suggests a strong team. If you obtain one hundred, it suggests a strong culture.

A culture in which ideas are not only generated, but challenged, tested, refined, and integrated into systems that must function under real-world constraints.

This distinction becomes tangible when looking at what such innovation enables in practice.

It allows financial institutions to analyze behavior across extended time horizons in real time, not only evaluating a transaction in isolation, but understanding how it relates to patterns built over weeks or months. It enables a shift from static rule-based detection to continuous behavioral modelling, improving both the precision of anomaly detection and the speed of response.

In environments where decisions must be made in milliseconds, these capabilities are not incremental improvements. They determine whether institutions can intervene while fraudulent activity is unfolding, rather than reacting after the fact.

Some of these approaches are already being deployed at scale within large financial institutions, enabling significantly faster decision execution and more robust behavioral insight across complex transaction environments.

From this perspective, patents are not about invention alone. They are about building the conditions under which innovation can endure and translate into systems that perform under pressure.

From Invention to System Performance

For an idea to matter in this context, it must pass through several layers of validation. It must be new. It must not be obvious. And it must be useful, not in theory, but in the systems that institutions rely on every day. This last dimension is often overlooked.

Usefulness, in a real-world financial system, means the ability to operate reliably at scale, under constraints, and in the presence of adversarial behavior. It means integrating into complex infrastructures, supporting decision-making in real time, and remaining robust as both legitimate usage and criminal tactics evolve.

In other words, innovation is not defined by invention. It is defined by sustained system performance.

Matching the Scale of the Threat

The industrialisation of financial crime introduces a structural asymmetry. On one side, highly organised networks operate with speed, coordination, and adaptability.

On the other hand, defensive systems have historically been fragmented, reactive, and constrained by legacy architectures. Closing this gap is not a matter of incremental improvement. It requires a shift in how systems are designed, built, and evolved.

The level of innovation required is defined by the level of organisation of the threat.

And as that threat continues to industrialize, the systems designed to counter it must do the same.

Beyond Breakthroughs

This does not diminish the importance of research. On the contrary, it reinforces it. Breakthroughs are necessary, but they are not sufficient.

What ultimately matters is the ability to translate those breakthroughs into systems that function reliably in the real world, systems that can operate continuously, adapt dynamically, and maintain performance under pressure.

In financial crime prevention, this is not an abstract challenge. It is an operational reality. And it is one that will define the effectiveness of institutions, the resilience of financial systems, and, ultimately, the level of trust those systems can sustain.

Better understand cybersecurity with the best online courses.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

The defining feature of the AI era is the speed at which AI tools have become a significant part of our working lives. Whether that’s generating content, summarizing data or automating routine tasks, AI’s speed is collapsing timelines that once took hours, days or weeks into seconds.

This is more than just a technological advancement. The rapid adoption of AI has encouraged a culture defined by instant gratification and a shift towards immediacy and expectation.

This culture shift is one of the most powerful forces shaping AI adoption, driving innovation, unlocking productivity and redefining competitive advantage.

Yet, bubbling beneath the surface are risks at a scale we’re only just beginning to understand. Employees are inputting sensitive data into AI systems, automating processes without fully understanding security implications and increasingly trusting outputs that are not properly authorized.

While organizations are increasingly confident in AI’s capabilities, the technology risks outpacing regulation and compliance. This leaves businesses vulnerable to unwarranted data risk and more cyberattacks.

The self-sustaining acceleration loop

AI is being powered by rising demands for speed and productivity. As these models become more intuitive, they remove barriers to use and are woven into everyday workflows.

That creates a feedback loop where speed becomes the priority and anything that slows it down, be it governance, security checks and/or compliance, look like obstacles rather than necessity.

At the same time, organizations are feeding these systems sensitive information with little visibility or control over where it goes, who is using it, or why. This isn’t always deliberate, but a byproduct of urgency.

We’ve seen this before. Convenience wins until the consequences catch up. From weak passwords to rushed cloud migrations, speed has often outpaced security. AI is following a similar trajectory, only faster and at a greater scale.

Regulation and compliance in catch up mode

Regulatory frameworks are also struggling to keep pace. By the time legislation is proposed, debated and implemented, the technology it aims to govern has often evolved. This leaves regulators reacting to yesterday’s risks rather than getting ahead of tomorrow’s flaws. In cybersecurity, that’s a losing game.

The gap between innovation and oversight is widening, and gaps are where threats thrive.

Cybercriminals are already using AI to scale attacks, automate reconnaissance and generate highly convincing phishing campaigns, with AI tools lowering the barrier to entry while increasing the attack surface.

As regulatory blind spots widen, threat actors won’t wait. They will move faster than the systems designed to stop them and exploit every delay.

Reframing the conversation

This is not a case against AI. Its benefits are real and, in many cases, unavoidable. The issue is imbalance, where advancement is favored and regulation and security are compromised.

We are moving too fast without the foundations to support it. As AI becomes embedded in core business processes, small gaps can scale into serious risks.

To unlock AI’s full potential without amplifying risk, we need to reframe how we think about progress. Organizations must understand their data flows in AI environments: what is used; where it goes; and how it is protected. Visibility and governance are not optional, they are the baseline.

Security must also be built in from the outset, not retrofitted. This requires alignment across technical teams, leadership and risk functions. AI cannot sit in a silo, it needs to be integrated into broader security and compliance frameworks, supported by closer collaboration between the industry and regulators.

Slowing down to move forward

To sustain momentum, we may need to slow down and create space for regulation to catch up. Building in governance, validating data use and embedding security controls will introduce friction, but it’s the kind that builds trust and resilience.

While the suggestion to slow down may feel like trying to stop a juggernaut with a stick, taking time now to pause and reflect is vital if we’re not to keep amplifying dangerous risk. A short pause now gives space to assess what is happening, what is needed which allows organizations to take back control.

Right now, AI is accelerating faster than our ability to manage the risk it creates. We need to adjust our priorities before the gap between security and speed becomes too wide to bridge.

We've ranked and reviewed the best antivirus software available.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Enterprises are deploying agentic AI at a pace that has outrun their ability to govern it.

Gartner predicts the average Fortune 500 enterprise will have over 150,000 agents in production by 2028, up from fewer than 15 in 2025.

Yet only 13% of organizations think they have the right governance in place to manage them.

The result is an execution gap: agents deployed in isolation, producing outputs nobody acts on, automating tasks rather than business processes and delivering unclear business value as a consequence.

Governance failures are an execution problem. Agents that can't interface safely with enterprise systems can't automate business processes in any meaningful way. They stay isolated helpers: producing artifacts, fielding customer queries, handling individual tasks.

The execution gap — the distance between what agentic AI promises and what it actually delivers inside the enterprise — remains largely unaddressed.

In 2026 and beyond, the guardrail problem poses an existential risk for enterprises. Adoption has outpaced controls, meaning that agentic AI is scaling faster than robust security measures can be implemented.

The speed of tech progress

The speed of tech progress can no longer stand as a rationalization for falling behind, and enterprises must address it before agentic becomes uncontrollable. Getting guardrails right will separate enterprises that realize full autonomy from those that stall out in pilots.

First, autonomy amplifies risk. Just because agentic AI can act on its own doesn't mean it requires zero human oversight. Autonomy does not equal autopilot. For agentic AI to generate real ROI, agents must do more than reason and respond. They must execute inside the business. That means interfacing directly with enterprise systems: ERP software, finance platforms, supply chain tools and the workflows that run the organization. Without that integration, agents remain one step removed from the work that actually matters.

Operational speed can compromise safety, compliance and reliability. Agents work at a blazing clip and on a more granular level than RPA. But speed becomes a moot point if agentic adoption leads to vulnerabilities such as sensitive data exposure.

Security and IT teams haven’t universally adapted to the new risk landscape. Among the risks agentic poses, "shadow AI" has emerged as a consequence of employees using unauthorized, unsanctioned AI tools or applications. When proper IT oversight or approval gets bypassed, it sets the stage for noncompliance and severe reputational damage. Departmental AI agents are proliferating without central oversight, creating security hazards and fragmented intelligence.

Governance lags far behind adoption. In this case, the guardrail gap might as well be a lack. Surveying more than 3,000 IT and business leaders worldwide, Deloitte found that just one in five enterprises reported mature governance to manage the risks of agentic AI. Autonomy without governance is a liability. This is particularly critical as we move toward the era of programmable finance, with Gartner predicting that 20% of monetary transactions will be programmable by 2030.

How to Lay the Rails Right

Agentic systems perform across a wide range of functions. When building guardrails, there must be no shortcuts. Guardrails bolted on after the fact can't account for the ways agents actually fail: corrupting data, contradicting decisions made elsewhere in the business and creating conflicts between teams acting on different outputs. Controls need to be built into how agents execute, instead of layered on top.

1. Practice measured orchestration

When enterprises accelerate AI adoption by stitching isolated tools across departments, security gaps grow harder to manage — because there’s no unified layer to anchor guardrails to. Start by scoping the broader business objective your agentic system needs to serve, not just the task.

Once you've determined what your agentic system will handle and which structured outputs will return to the workflow, built-in validation and guardrails become platform-level capabilities rather than afterthoughts bolted onto each individual agent.

2. Build governance capabilities

Without clear boundaries, agentic AI collapses. First, determine which decisions it can make independently versus those that need human approval. Real-time monitoring systems that flag anomalies and audit trails that capture the full chain of agent actions will enable accountability and continuous improvement.

3. Scale deliberately

No matter how sexy the pilot, agentic AI needs time to mature within the enterprise; you want to spot potential issues before they appear, not after. Start with lower-risk use cases and easy, single-task wins, as with fraud detection and remediation or vendor reconciliation. Avoid intricate processes with hundreds or thousands of inputs, such as the financial close of a business.

4. Guardrail gap = skills gap

While agentic AI excels at reasoning, the execution of reliable, repeatable business processes still demands deterministic systems — and human oversight to bridge the two.

To ensure smooth agentic operation in an enterprise, train your employees to move from triage, menial activities and repeated manual steps to judgment, governance and strategic decision-making roles. They absolutely require those skills. Scrum and Tiger teams can solve early problems and address early lessons, then pinpoint how agentic addresses your needs.

Putting it All Together: A Guiding Guardrail Principle

Yes, agentic AI scales productivity, but without strong guardrails, agentic AI scales risk even faster. Strategic observability and deterministic guardrails are required to ensure that non-deterministic AI stays compliant with regulatory and business standards, with reliable audit trails as well as rules for exactly when to escalate a decision or task to a human for complex exceptions or strategic oversight.

In the rush to embrace agentic, remember that the attendant tasks don’t represent a series of punch-list items. Veterans of software adoption and replacement projects know that it’s a holistic process where human actions and digital components fall into place with methodical synchrony.

Agentic AI, while it has altered the face of enterprise technology forever, rewards the same discipline every transformative technology before it has: lay the foundations carefully, and you won’t be fighting fires when it scales.

We list the best IT automation software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

For most of the last forty years, data center performance gains came from one place: smaller transistors. Moore's Law and Dennard scaling did the work.

Each new generation of silicon delivered more performance at the same or lower power, and thermal was a maintenance problem, not a performance limiter.

Cooling sat in the background. Operators measured it through PUE, optimized for it where convenient, and otherwise treated it as overhead.

That world is over.

Dennard scaling broke years ago, transistor efficiency gains are leveling off, and AI accelerator TDPs have climbed from 700 watts in the H100 generation to over 1,400 watts in current Blackwell deployments, with NVIDIA's upcoming Rubin platform expected to push further.

Thermal is no longer something that happens after the architectural decisions. It is now the binding constraint on how much performance a chip can sustain, and it is becoming one of the most strategic choices an AI data center operator can make.

Why this matters now

The macro numbers explain why this matters now. Data centers already consume up to 4.5 percent of total U.S. electricity production, a figure projected to reach 12 percent by 2028. McKinsey estimates global data center spending could approach $7 trillion by 2030, and that data center power demand will reach 220 gigawatts in the same window.

None of that capacity arrives quickly. New transmission lines and substations now take five to ten years to permit and build, which means operators cannot simply order more power when they need to scale.

The result is a hard pressure to extract maximum performance from the power they already have under contract. That pressure is what is reshaping how the industry thinks about cooling.

Cooling is no longer just an afterthought

For years, cooling was measured as an efficiency loss, captured through metrics like Power Usage Effectiveness (PUE) that quantified how much energy was burned on overhead before reaching the IT load. Today, the more meaningful metric is how much useful compute you extract per unit of power. NVIDIA's Jensen Huang now describes this as "performance per watt" or "tokens per watt" for AI workloads, and cooling plays a direct role in both halves of that equation.

Direct-to-chip liquid cooling has become the new baseline because it removes heat far more effectively than air. But even direct-to-chip is being pushed to its limit by 1,000+ watt accelerators, and most current deployments still require facility water around 30 degrees Celsius to stay within ASHRAE W2 and W3 envelopes, which means chillers running for much of the year in warm climates.

Better thermal management has effects on both sides of the tokens-per-watt equation. It reduces facility overhead, so more of the contracted power reaches the rack. And it allows chips to operate closer to their full thermal headroom, sustaining higher performance for longer.

Those gains compound. Recent UCLA study has shown that combining a 17 percent improvement in facility efficiency with a 15 percent gain in server-level performance per watt from better thermal management translates to roughly 35 percent more tokens per watt within the same power envelope. In a 10 megawatt facility, that is more than a megawatt of additional usable compute, with no additional grid commitment.

At GTC 2026, NVIDIA CEO Jensen Huang made this argument explicitly. He told the audience that beyond the silicon roadmap, infrastructure-level optimization across power and cooling represents another factor of two in performance still on the table. "There's no question in my mind there's a factor of two in here, and a factor of two at the scale we're talking about is gigantic," he said.

That gain does not come from a smaller transistor. It comes from rethinking how power and thermal energy move through the rack. Recent UCLA study suggests that at least one third of that infrastructure-level gain is attributable specifically to cooling. Cooling is no longer a support function. It is a primary lever for performance.

Water is becoming a hard constraint

Power is not the only pressure point. Water is emerging as an equally critical and often more immediate constraint on data center expansion. Traditional cooling architectures often rely on evaporative processes that consume vast amounts of water. According to the Environmental and Energy Study Institute, large data centers may use up to 5 million gallons per day, comparable to the daily water use of a town of 10,000 to 50,000 people.

This is drawing notice from regulators and communities in already water-stressed areas. The result is longer permitting cycles, higher project risk, and in some cases new developments paused entirely. States and municipalities are also implementing stricter reporting requirements and adjusting electricity rate structures specifically for data centers.

Operators now have to factor water alongside power into site selection. Facilities that minimize energy waste and reduce or eliminate water consumption are better positioned to navigate this environment.

The shift toward next-generation cooling

In response, the industry is entering a new phase of cooling innovation. Air cooling is no longer sufficient for high-density AI workloads. Liquid cooling has become the baseline, but within liquid cooling, not all approaches deliver the same efficiency or scalability.

The next wave of innovation focuses on improving heat transfer at the source: removing thermal energy more effectively at the chip level while reducing system-wide overhead. Some of these approaches draw on heat transfer techniques refined in other high-density power industries such as nuclear power generation, where the challenge of moving large amounts of thermal energy from a constrained physical space has been studied for decades.

The goal is straightforward. Better cooling enables higher rack densities, allows operation at higher facility water temperatures, and reduces or eliminates reliance on water-intensive heat rejection. Just as importantly, the next generation of cooling architectures is being designed to integrate with existing data center footprints, so operators can evolve their infrastructure rather than rebuild it from scratch.

NVIDIA's Vera Rubin platform, announced at CES 2026, was a clear signal of where this is heading. Vera Rubin is designed for 45 degree Celsius supply water, which means dry coolers can do most of the heat rejection year-round and mechanical chillers become optional in most climates. That is a fundamental shift in how cooling infrastructure will be designed for the next decade.

A defining moment for data center design

The data center industry is at an inflection point. AI compute demand is accelerating, and every resource needed to support it, power, water, physical space, is becoming harder to secure. Cooling sits at the intersection of all three.

It determines how efficiently power is used, how much water is consumed, and ultimately, where infrastructure can be deployed. The operators that recognize this now will have a sustained advantage. How to keep data centers cool under AI workload pressure has become one of the most strategic decisions in modern infrastructure.

We feature the best web hosting services: tested and reviewed.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Generative AI has moved quickly from experimentation into early production use in many enterprises. However, very few can confidently forecast what it’s going to cost them in six months.

For a technology that has consumed so much board-level attention and capital, that reflects a lack of certainty, and one that some technology leaders may privately recognize as true of their own organizations.

The spend is real and the direction is clear, but the number at the end of the year can remain genuinely uncertain.

To capture a glimmer of the confidence driving the infrastructure race, Amazon’s CEO has indicated it expects to spend heavily on IT infrastructure to support AI, with an estimated $200 billion in AI capital spending, arguing it is “not going to be conservative” in how it invests in the tech.

In practice, what makes AI different from the infrastructure investments that came before it is not the scale of the commitment but the nature of the consumption.

Cloud computing was unpredictable when it arrived too, but it eventually settled into patterns that finance teams could learn to model. AI hasn’t settled in the same way yet, and much of the reason comes down to how it is being used.

A great deal of enterprise AI use remains exploratory, which is part of what makes forecasting harder. And unlike cloud, which stayed largely within technical teams for years before spreading, AI is moving across the whole organisation almost immediately. That changes everything about how you try to govern it.

The limits of financial visibility

On the surface, some forms of AI appear to offer what earlier infrastructure lacked: clean, granular, real-time data and what it costs. But across the rapidly growing landscape of technology providers leveraging AI in some way, many do not.

In some cases, token-based pricing is precise in a way that early cloud billing never was, and for finance teams accustomed to working with far less, it can feel like a step in the right direction for solving the visibility problem.

We unfortunately still have a long way to go, since simply understanding what was spent last month tells you very little about what will be spent next quarter, particularly once adoption moves beyond the teams who originally shaped the business case.

One must consider that teams across legal, HR, and customer operations are not thinking about token economics (tokenomics). They’re only thinking about whether the tool works.

Cost exposure builds not through any single decision but through dozens of small expansions, each reason in isolation, none of them reflected in a comprehensive forecast. By the time anyone joins the dots, the demand curve has already moved.

Extending the disciplines that already exist

The organizations who are doing a better job managing AI spend have tenured experience managing consumption-based technology. IT asset management (ITAM) teams for example often have more experience dealing with more fixed constructs like users or seats, which makes the consumption-based nature of AI far more challenging.

FinOps teams on the other hand have grounded experience in managing consumption that originated in public cloud. FinOps teams may therefore better positioned to deal with the new tsunami of AI consumption and spending, ensuring that it is governed as adoption scales.

FinOps has also been broadening its scope beyond the initial roots in public cloud, with AI cost management now sitting firmly within that remit for many, a shift reflected in how the FinOps Foundation is increasingly incorporating AI into its guidance. Part of that expansion is about forecasting demand that behaves differently from conventional workloads.

There is also growing interest in whether AI itself can support FinOps practices, particularly in anomaly detection, optimization and, over time, forecasting, as consumption patterns become harder to model.

The challenge is applying FinOps practices early enough so that governance shapes how AI scales, rather than scrambling to restore control once spend has already outpaced oversight.

The compounding difficulty of legacy environments

For organizations whose technology estates were built around consistency, extending governance into AI is harder than it sounds.

AI-first organizations design with cost in mind from the beginning, treating inference the way they would any other product input, with economic constraints shaping architecture decisions before commitments are made.

Retrofitting AI into legacy infrastructure means something different. Existing commercial commitments and operating models do not adapt quickly to a consumption model that is inherently variable, and that friction has a direct bearing on cost.

The difficulty is often that AI is being introduced into environments built around very different assumptions about how demand behaves, and that is part of what makes forecasting harder.

The challenge is not simply new spend, but expenditure ballooning in environments where oversight and control are already difficult to maintain.

Organizations navigating this will tend to run controlled experiments before broad rollout and are deliberate about how adoption spreads. In practice, that is often about containing unmanaged adoption early, before usage patterns, costs and dependencies become harder to unwind.

That same exposure increasingly carries beyond internal governance. As AI appears more often in customer procurement conversations, questions that were once largely internal are starting to be probed externally too.

For organizations whose governance has not kept pace, those questions can force a level of clarity they may not yet be prepared to provide.

From activity metrics to business outcomes

Beyond governance and cost control, there remains a harder question, which is whether AI investment is producing meaningful business value. Most leadership teams are not yet in a position to answer that with confidence, and the metrics currently reaching the board are not making it easier.

Model usage, inference volumes and compute consumed describe activity without explaining value. It is easy to build a compelling board update from consumption data without addressing whether any of it is moving the business.

What gets closer to an answer is understanding whether individual inferences are delivering something a customer would pay for, or something that meaningfully reduces cost or risk.

Incremental business outcome per pound or dollar of AI spend is a harder measure to produce, but it is closer to the economics that matter because it requires a clearer position on what AI is actually delivering.

That is precisely where many organizations are still finding the work harder than it looks, particularly as AI deployment moves ahead of the models used to understand cost and value.

That disconnect matters more as the market expands, because where those economics remain unclear, cost exposure can build in ways that are harder to recognize early and harder to contain later.

For many enterprises, the challenge ahead is scaling AI without allowing spend to outrun the value it is meant to create.

The best cloud storage: tested, reviewed and rated by experts.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Agentic AI is moving rapidly from boardroom ambition to enterprise reality.

Gartner forecasts that roughly 40% of enterprise applications will incorporate task-specific AI agents this year, up from just 5% last year.

This surge forces every CIO, CISO, and technology leader to consider: What should AI be allowed to access, and how should it operate once inside the enterprise?

Many organizations begin by embedding AI agents directly into legacy systems, connecting them to backend databases, APIs, and workflows in the name of speed.

While this inline approach can work in modern, well-governed environments, it often bypasses the approval workflows and controls that legacy systems were built around. Agents can access restricted data, skip approvals, or execute transactions without a complete, attributable record.

The result is a growing governance gap. Decisions tied to sensitive data can’t be reliably reconstructed or defended with the same confidence as human-driven work. Even advanced models stall in pilots because organizations can’t prove how outcomes were produced.

The solution is not to slow AI adoption. It’s to change how AI interacts with the systems that already run the business.

When AI bypasses the system, it breaks it

Consider a finance workflow in an ERP software system. An agent updates vendor bank details and pushes a payment through a fast-track path, bypassing a required approval step and segregation-of-duties check. Later, when the transaction is questioned, the organization can’t prove who approved the change, why it was made, or whether proper controls were followed.

That’s where accountability breaks down. Changes are made inside core systems, but the evidence is incomplete, inconsistent, or disconnected from the system of record.

Emulated human behavior offers a more secure and practical path. These agents operate exactly as a human employee would: logging in with standard credentials, navigating the existing user interface, reading screens in context, following established workflows, and executing tasks while remaining fully subject to every control already in place.

No new APIs. No raw backend data exposure. No rewriting of decades-old business logic or security rules. The guardrails designed to protect against human error or misuse — validations, permissions, approvals, and audit logging — remain 100% intact.

This UI-first approach is especially effective for organizations running mission-critical processes on older platforms. Building secure, governed APIs for legacy systems is expensive and time-consuming, often leaving out protections built into the interface layer.

While emulated human agents may not match the speed of direct backend calls, they provide far more valuable enterprise advantages: immediate deployability, ironclad accountability, and zero disruption to proven controls. Secure operation doesn’t require avoiding AI. It requires rethinking how it fits into the systems around it.

Preparing for emulated human in the enterprise

Three priorities can help organizations prepare for the emulated human approach as AI scales into critical workflows.

1. Place AI at the points where work happens

Most enterprise AI strategies assume deeper backend integration creates better automation. In environments shaped by legacy systems, it often does the opposite: introducing new complexity while bypassing the workflows and controls already built into the interface layer.

Instead, focus AI at the points where it can operate without requiring systems to be rebuilt. This approach dramatically reduces integration overhead, limits exposure of core systems, and allows AI to scale within existing operating models rather than forcing costly modernization.

2. Align AI accountability with human accountability

Agents should operate under named identities and the same policies as employees. They preserve approval workflows, follow role-based permissions, and generate the same audit artifacts — including log entries, change histories, tickets, and recorded approvals — that organizations already rely on to review human activity.

This removes the dangerous two-tier governance model where AI operates under different standards than employees. Organizations can maintain visibility, accountability, and established compliance and risk management controls as AI takes on greater responsibility.

3. Design for adaptability rather than brittle automation

Traditional robotic process automation (RPA) relied on rigid, click-by-click scripts that broke the moment screens changed or exceptions appeared. Emulated human agents interpret context in real time, adjust to variation, and continue operating, just as skilled employees do.

That adaptability is essential in dynamic enterprise environments where policies change, exceptions are common, and systems are rarely static. Instead of constant break/fix maintenance, organizations gain AI that can operate more resiliently inside real-world workflows.

Scaling AI with the systems already in place

As agentic AI scales, enterprises will be judged not only by the intelligence of their systems but by their ability to govern them. The pressure to balance innovation with control will only intensify.

The most durable strategies will be those that embed AI safely within the systems already in place, rather than racing around them. When an agent’s actions can be audited and justified with the same rigor applied to a human colleague, it’s finally ready for production.

That’s how secure, scalable AI will be defined in the enterprise.

We feature the best small business software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Every small business is looking for an edge.

For some, that means protecting margins. For others, it means finding new customers, sourcing better products, entering new markets or simply running the business with less friction.

More often, it means trying to do all of these things at once. Knowing which opportunity deserves attention first and having the time and resources to act on it has always been a challenge.

For decades, this has forced smaller businesses into a trade-off: choose one priority and hope this is the right decision or waste all your time and money and miss an opportunity elsewhere.

The era of agentic business changes this. According to the British Chambers of Commerce (BCC), more than half of UK SMEs (54%) are now actively using AI – an increase from 35% in 2025.

In recent times, the technology has moved from passive assistance - writing, summarizing and answering questions – to autonomous execution.

AI is therefore no longer limited to responding only when prompted but can operate continuously in the background.

A wide spectrum of business functions

In this way, AI agents can now handle a wide spectrum of business functions end-to-end. This includes building digital storefronts, writing product listings, offering dynamic pricing, providing customer service, generating market research, and supporting with marketing.

The real value lies not in overnight task automation but better decision-making with less friction and fewer blind spots. In fact, according to the same BCC research, SMEs using AI report strong net productivity improvement expectations (+71%), while those planning to adopt or unsure show far lower optimism. Importantly, agentic AI is levelling the playing field with larger companies.

The latter have historically had an advantage because they can afford dedicated teams for each business function. SMEs, on the other hand, have had to rely on lean teams, founder instinct and whatever time was left after the urgent work was done. Within agentic businesses, there is immediate access to capabilities which once required high headcount or expensive IT systems.

Examples include testing a new product category, launching into a new market or trialing a marketing campaign with far less operational risk than before. Rather than spending weeks gathering information manually or coordinating across multiple systems, AI agents can help businesses identify opportunities and execute tasks in real time.

Crucial for smaller businesses

In addition, agentic AI has been crucial for smaller businesses looking to grow internationally. It can help them localize product listings and marketing content for different markets, coordinate supplier communications across time zones, and analyze regional demand trends in real time. This reduces much of the operational complexity traditionally associated with cross-border trade and gives SMEs greater confidence to explore new markets that may previously have felt out of reach.

So, the SME conversation around AI needs to move beyond productivity. Saving time matters, but it is not the full story. The bigger opportunity lies in performance: simplifying complexity, reducing avoidable risk, helping businesses act on information earlier.

For an SME, one missed supplier issue, one misread market signal or one poorly timed product decision can have an outsized impact. Becoming an agentic business helps reduce that exposure with complex information easier to monitor, compare and act on. However, it does not remove the need for human judgement. In fact, it raises the value of that judgement by giving business owners clearer options and more time to focus on strategy.

The most successful uses of AI will not be the most futuristic but the most useful, offering practical, transparent information, built around real commercial pain points. The first wave of AI helped SMEs create faster, but the next wave will help them operate smarter.

For SMEs, the question is no longer whether AI can help. It is how quickly they can put AI agents to work on the decisions that determine how they compete, grow and scale.

70+ of the best AI tools tested and reviewed.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

The American entrepreneur Palmer Luckey has played a major part in many major names in the tech industry, including founding Oculus VR, but has risen to prominence for his stewardship of Anduril Industries in 2017 – which puts artificial intelligence (AI) at the heart of its operations and capabilities.

The question of AI ethics

Luckey has long been a proponent of the use of AI in defense, with the Anduril founder even naming his company as such because it shares the acronym.

Speaking with Fox News Sunday in December 2025, he outlined a philosophy that it's much safer, in ways, to incorporate the best possible technologies into military capabilities than it is to ignore emerging innovation, whether AI or quantum, and be left with 'lesser' tech.

For Luckey, there's seemingly no point in taking the moral high ground when talking about matters of life and death – when the very nature of the business is morally called into question to begin with.

The future of military technology

Luckey's statement challenges the common orthodoxy that humans must always be in the loop over high-stakes decision-making, especially with matters of life and death. And, for that reason, it's highly controversial.

The direction of travel is not, however, up for debate, with plenty of examples of AI becoming increasingly prominent in international conflicts.

Ukrainian officials, for example, recently revealed that in 2024, the nation's military used drones to kill Russian soldiers – marking the earliest reported example of the autonomous killing of humans.

Without doubt, it won't have been the last such incident, and points to a future in which those engaged in conflict are likely to use every tool at their disposal to achieve their military aims, regardless of the moral implications.

Retail fraud used to be relatively straightforward.

A stolen card, a fake account, or a suspicious transaction pattern that could be flagged and blocked before serious damage was done.

That version of fraud is still present, but it is no longer the main problem.

What’s appearing now is something more coordinated, automated, and harder to detect in real time: AI-powered fraud rings that behave less like individual bad actors and more like distributed systems.

They test, adapt, and scale in more sophisticated ways that increasingly mirror the technologies retailers themselves are adopting.

Fraud is no longer just responding to ecommerce; it’s evolving alongside it.

From isolated fraud to coordinated systems

For years, fraud prevention has largely focused on individual events: a suspicious login, a stolen card attempt, a bot probing checkout flows. But that model is breaking down.

What is now emerging is coordinated fraud activity that behaves more like a network than a series of isolated incidents. These groups combine automation, synthetic identities, and increasingly realistic AI-generated content to simulate genuine customer behavior at scale. The result is not only more fraud, but fraud that blends into normal digital traffic.

At the same time, fraud rings are executing high-velocity attacks that look more like engineered systems than opportunistic crime. One recent example involved an estimated $4.2 million in fraudulent activity over 48 hours, driven by synthetic identities, spoofed devices, and rapid transaction flows reaching around 180 per minute.

What is notable is not only the scale, but the structure. These are not isolated attempts. They are coordinated operations designed for speed, repetition, and adaptation.

AI is lowering the barrier to fraud

The most important shift is accessibility, as well as scale. Generative AI has significantly lowered the barrier to entry for fraud. Tasks that once required technical expertise or coordinated effort can now be executed using widely available AI tools.

Fraudsters can generate synthetic identities, fabricate supporting documents, and create convincing digital artefacts that simulate legitimate customer behavior in a matter of minutes. This includes everything from account creation to behavioral patterns across browsing, purchasing, and post-purchase interactions.

One of the clearest examples is the rise in returns abuse, which has increased by 15% in the past six months, largely driven by the ease and scalability of AI-doctored images.

In practice, this means fraudsters can submit highly realistic images of cracked, damaged, even moldy, or malfunctioning goods. These images are often convincing enough to pass initial review processes, particularly when combined with legitimate order histories or stolen account credentials.

In several documented cases, fraud rings have used newly created accounts to purchase low-cost goods, then submitted AI-generated images to claim refunds without returning the product. In some instances, empty boxes are shipped back instead, all while refunds are still processed.

Another coordinated operation targeting home goods and fashion retailers used a similar approach at scale, generating approximately $800,000 in fraudulent refunds through repeated low-value claims designed to avoid detection thresholds.

Individually, these cases may appear manageable. But collectively, they show a clear trend: fraud is increasing in sophistication and scale.

The shift toward agent-driven commerce

The next phase of this evolution is already on its way, and it’s closely linked to the rise of autonomous digital agents.

Over the second half of 2025, agentic activity surged by over 2000%. While much of this growth is tied to legitimate use cases such as shopping assistants and automated customer workflows, it also introduces a new layer of complexity for fraud detection. The same systems that allow agents to complete purchases on behalf of consumers can also be manipulated to automate fraud on a larger scale.

Instead of manually creating accounts or placing orders, fraudsters can now orchestrate entire attack chains using agent-based automation. This changes the nature of fraud from individual actions to continuous, self-executing systems. This matters because it shifts the detection problem. When fraud resembles legitimate automation, the distinction between genuine and malicious activity becomes harder to define using traditional rules.

At the same time, retailers are already seeing fraud patterns adapt to this environment. Attackers are increasingly mimicking normal customer journeys, spreading activity across devices, accounts, and timeframes to avoid detection. The result is a system where fraud does not look like fraud until after the fact.

Why traditional fraud tools are falling behind

Most existing fraud detection infrastructure was not designed for the current conditions as they stand. They rely heavily on static rules, historical patterns, and known indicators of malicious activity. But AI-led fraud doesn’t necessarily follow predictable patterns. It adapts in real time, varies its behavior based on changes in the attack surface, and can scale in ways that overwhelm rule-based systems.

Even machine learning models trained on historical fraud data struggle when faced with synthetic behavior that has no direct precedent. This creates a widening gap between how fraud actually operates and how it is detected.

Consequently, many retailers are forced into reactive positions, identifying fraud after fraudulent transactions have already been completed rather than preventing it in real time. This is particularly challenging in areas like returns and refunds, where fraud is often indistinguishable from legitimate customer claims at the point of interaction. The core issue lies in timing alongside detection accuracy.

What comes next for digital trust

The trajectory of fraud is closely tied to the progression of ecommerce itself. As AI agents take on a larger role in how consumers find, compare, and buy products, retailers face a more complex question than simply whether a transaction is legitimate.

They need to determine who, or what, is actually behind the transaction. Is it a real customer? A legitimate AI assistant acting on their behalf? Or a synthetic system designed to imitate both?

The challenge now is no longer just detection, but judgment in real time. Because in an environment shaped by AI on both sides of the transaction, risk and verification can no longer sit at a single point in the process. They must be continuously reassessed throughout the customer journey.

Manage customers for a new business more effectively with the best CRM for startups.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

AI agents are reshaping how enterprises automate work, but their effectiveness depends on access to sensitive systems and data.

The paradox is that granting them the permissions they want creates new attack surfaces that organizations aren’t yet equipped to handle.

This is the defining tension of the AI era.

AI agents are proliferating across enterprises with 91% of organizations already using them yet only 10% have a clear IT management strategy in place.

This gap matters because as these systems grow more autonomous and more deeply embedded in workflows, enterprises are operating without clear visibility, meaningful oversight and control over how their AI agents behave.

The access problem

Our recent research revealed how agents running on OpenClaw, an open-source AI agent automation platform, could expose credentials and leak sensitive information when attackers compromised the communication channels controlling them.

To appreciate the scale of this risk, we must first understand the platform itself. OpenClaw combines a chatbot-style interface with access to external tools and large language models.

Users can then configure agents to browse the web, read and write files, manage inboxes, execute commands, or interact with other machines. In many cases, they’re designed to operate autonomously with minimal human oversight.

That level of access is what makes agents powerful, helping many to manage everyday admin and time-consuming tasks. However, this power is a double edged-sword and can make them a risk to businesses.

When agents become attack surfaces

Agents need access to tools, accounts, applications, the web and more to be useful. Often, this means an agent needs access to secrets: API keys, personal access tokens, credentials, .env files, OAuth tokens.

The agents/models are by default prompted to be as helpful as possible, and that characteristic starts to pose some particular concerns when it comes to credentials and tokens. If an agent such as OpenClaw can’t access a resource, it will ask for credentials right in the chat, exposing those secrets within the context window. Agents will happily store API keys in their unencrypted configuration files, which information-stealing malware is starting to target.

Remote access capabilities could effectively create a back door into enterprise environments. If an attacker gained access to the communication channel controlling an agent, such as a messaging or remote access platform, they could potentially gain access to everything the agent itself could access. In an enterprise context, this is a nightmare.

The paradox of recognized risk

Perhaps the most revealing finding was that some agents recognize risky behavior while simultaneously carrying it out. This underlines how their decision-making ability and autonomous operations can be a business risk.

In one test, an agent correctly identified that exposing an OAuth refresh token through an unencrypted communication channel represented a serious security violation. But it then proceeded to share the token anyway before expressing concern about its own decision.

Organizations should not rely on the invisible guardrails that frontier model providers put around agents. They’re easily circumvented.

But an AI agent cannot divulge credentials that it doesn’t have access to. This is why the conversation around AI agent security cannot focus solely on stronger guardrails. Attackers are already finding ways to manipulate agent behavior through prompt injection, social engineering, and compromised communication channels.

Governance, not just guardrails

AI agents are essentially identities within enterprise systems and need to be managed as such. They perform actions and make operational decisions in ways that increasingly resemble human employees or privileged service accounts. Yet many organizations are deploying these systems without applying the same governance standards.

Most businesses already understand the importance of least-privilege access, audit logging, identity management, and access reviews for employees. AI agents should be subject to the same principles. That means limiting what agents can access, avoiding long-lived credentials wherever possible, and ensuring sensitive information is stored securely through centralized systems with human oversight.

Organizations also need visibility into where agents are deployed, what tools they can interact with, and how to disable them quickly if something goes wrong. If an agent goes rogue, there needs to be a “kill switch,” a way to immediately revoke an agent’s access to resources and shut it down.

Agentic AI systems could deliver major operational upsides, but deploying them without robust identity and access governance introduces significant security risk. As these systems become more deeply embedded across enterprise environments, organizations must stop treating them as experimental tools and start governing them as part of the digital workforce.

This means managing the full lifecycle of agents, from knowing which agents are deployed, what resources they access to and keeping a full audit trail so no one can say, “I don’t know what happened. The agent did it.”

There’s no reason why conventional security wisdom, such as the principle of least privilege, lifecycle management and robust logging, should be thrown out in an agentic age. In fact, it’s more relevant than ever.

We've tested and reviewed the best cloud storage.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Scaling a billion-dollar company in Europe has historically been more difficult than it should be. Not because there aren't enough ambitious founders; rather, it’s because the conditions to scale, regulatory and funding constraints to name but two, have never fully matched the ambition.

However, the game is changing. AI is rapidly making those ‘constraints’ less relevant and with the rise of multi-agent systems, startups can operate with the capability of a larger organization.

The question now is no longer whether Europe can produce the next wave of ‘soonicorns’, (startups nearing a $1 billion valuation), but whether decision-makers are willing to abandon outdated models and build for an AI-native future.

If they do, we will soon see a new foundation for European startups, one where agility, enterprise-grade governance and AI-native architecture are baked-in from the outset.

The architectural opportunity

Europe is not short of successful startups. However, for the region to continue producing top players, we will need to see proactive change from companies - adding intelligent AI features to an existing process or product simply won’t be enough. It involves rebuilding a company’s organizational structure, something that’s only possible by multi-agent systems.

Startups no longer need to wait until they have the necessary resources to take on complicated operations. Instead, they can break those issues down into specific, identifiable problems and assign specialized AI agents to tackle them. These agents will be coordinated, efficient, and able to operate at a speed that is incomparable to a human team.

The knock-on effects are huge. Product cycles shrink and teams can concentrate their efforts on tasks that genuinely call for human judgement. Additionally, technical expertise is no longer restricted to well-funded teams, since vibe coding speeds up prototyping and AI lowers the barrier to building advanced systems. For Europe to take the lead on AI, it must start with its data foundations.

The database problem nobody is talking about

AI strategy is often the main topic of conversation in boardrooms across Europe – which models are appropriate, what use cases should be prioritized and which teams to hire. Infrastructure is often, mistakenly, absent from that discussion. In particular, the database infrastructure that the majority of companies are still developing and why it can be subtly hampering the startups with the greatest potential.

Traditional databases were designed for the past, built for slow applications, fixed infrastructure and data that is handled by humans. This worked well until AI agents came into the conversation.

AI agents require quick, dependable and instantaneous data access to perform real-time, complex actions. For startups attempting to scale quickly, building on the correct foundations is the difference between stalling and success.

The infrastructure conversation is finally catching up, with a concept known as lakebase designed to support this transition. It delivers the reliability of an operational database and the openness of a data lake in one centralized place, so teams can run transactions and analytics without juggling systems.

It enables fast access to data, scales easily through separated storage and compute, and fits modern development habits like instant branching and versioning. A lakebase gives founders an edge that previous startups never had; the opportunity for both their developers and AI agents to build, test, and ship applications quickly, without the constraints of old online transaction processing (OLTP) setups.

What founders must change now

With AI progressing at an unexplainable rate and investors asking questions, a knee-jerk reaction is usually to add a new AI capability to what currently exists. However, this is a short-term solution to a long-term problem.

Startups that approach AI as structural rather than an add-on will define what comes next. This involves raising challenging issues early on, such as how this business should be built if AI is doing a large amount of the work, rather than just what AI is capable of achieving for this product.

Instead of figuring it out after the company has scaled, founders are forced to make architectural decisions early, establishing what agents own and how they work together to make sure humans are kept in the loop.

It also means realising that governance and speed work in tandem. The entrepreneurs who incorporate guardrails early enough that they never become a barrier are the ones who grow the fastest. Integrated into the design from the start, enterprise-grade governance is a hidden competitive advantage. Instead of having to rush to catch up later, it enables you to scale with certainty.

Build it right or build it twice

The time has arrived for Europe, but it won't wait for businesses to continue bolting AI onto infrastructures that weren't designed to support it.

Soonicorns won't be determined by how much they raised, how many AI tools they have used or, how fast they delivered. They will be characterized by the caliber of the decisions made about AI-native architecture, AI agents, and whether or not humans are involved.

The tools are there and the market is shifting. Whether European founders are prepared to build with the same ambition they offer is the only true question that remains. When leaders build the appropriate unified data foundations, everything else will fall into place.

We've featured the best AI website builder.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Most companies don’t understand that today’s AI tools are capable of fundamentally transforming how daily knowledge work is done.

This is because they’re using AI in an unsophisticated way and aiming it at the wrong place.

But this level of transformation is already happening, as millions of knowledge workers have figured out, and as enlightened companies are starting to recognize.

To delve deeper, you first need to understand that most knowledge work is invisible. The essence of knowledge work—thinking, processing, judging, ruminating, planning, mulling—happens in workers’ heads, unseen.

Unfortunately, workplace AI is currently deployed into the knowledge systems that are visible, the outputs —emails, documents, chats, meetings, etc. It doesn’t matter how good the AI is, because when it operates at this level, it’s too late to really transform how the work is done.

To give a practical example, when you need to create a project deliverable, 80% of your effort is likely spent creating the first draft, with the remaining 20% polishing into a final deliverable. AI workplace assistants do a great job with that final polish (which we like, thank you). But to truly transform how work is done, you need AI to help with the underlying, unseen 80% effort used to create the first draft.

The real opportunity: A practical model for AI-driven work

The good news is AI is fully capable to help transform that 80%. This does not require waiting for “better” models or AGI. All you need to do is change how you’re using AI today, by integrating existing LLM-based tools into that invisible thinking portion of your work, rather than just keeping it at the surface-level work outputs.

While the AI vendors haven’t exactly made this intuitive (yet), using AI in this way has exploded in popularity since the beginning of 2026. In practice, the basic approach is to use AI the way software developers do, not as a one-off tool but as something that builds context over time.

Move beyond web-based interfaces where every conversation restarts from scratch

Create a centralized repository, put your critical files into a folder on the business computer which you give AI access to. Start with the classic things (deliverables, meeting notes, project plans, etc.)

Before doing any work, ask AI to interview you about your work style, what’s important to you and your personal preferences.

Review and refine AI’s understanding, ask it to scan through all your files to synthesize your latest thinking, ideas, story arcs, writing style and any other “intelligence” it can determine from your work. Review its findings and go back-and-forth until you feel it has a good understanding of you, your work and your style.

Build upon each session. A crucial step is having the AI tool understand this is not a one-time or manual exercise. Instead, a continued process to create, maintain, organize and update the files, based on what it learns about you over time, each subsequent AI session builds on all the work you’ve done together and what it has learned about you.

In essence, you are asking your AI to create a personal Wikipedia-style repository which gives your AI system an ever-growing continuous context library perfectly built and tuned just for you and your work.

Using AI like this doesn't require a new product or company, but a new way to leverage current tools. This is often called a “second brain”, “AI context vault”, “LLM-powered personal Wiki”, or something similar, and you can do this with any LLM vendor or product.

Most AI vendors now allow users to connect their LLM platforms into other business systems (like email, chat, document stores or productivity suites), which lets workers connect their personal knowledge systems into corporate apps and data.

Workers who use AI in this new way report fundamental shifts in the way they work within the first few hours. After a few days, many workers declare they will never go back to the “old way” of working again.

The tradeoffs to consider

Using AI to transform work in this way is not without its downsides, especially from the corporate perspective.

First, all the “classic” security complexities still apply: How do you know the AI did what it said it was going to do? How do you know it didn’t hallucinate? How do you trust it won’t spin out of control and email all your contacts with nonsense?

Addressing this involves many of the things you probably know but haven’t taken time to investigate yet, including configuring alternate accounts with restricted permissions for AI or setting clear guidelines for when and how AI-generated outputs will be reviewed.

This new process also requires asking workers to slow down and verify what their AI generates, which is pretty much the opposite of why they started using AI in the first place.

Another challenge is visibility. Much of the “back-and-forth” work - which previously happened in the open - now happens within the AI tool and the worker’s personal context vault, where it’s less visible to coworkers and management scrutiny. Individual workers view that as a positive, but to organizations, it can be a liability.

Lastly, when workers build personal AI context vaults using their personal AI subscriptions, the company can’t prevent the worker from taking all that context with them when they leave the company. Companies need to buy proper enterprise AI subscriptions which they can link to corporate SSO and DLP systems. The downside is that enterprise AI pricing is completely different from consumer pricing, and workers using AI like this via enterprise systems can easily consume thousands of dollars of tokens per month.

The bottom line is that today’s AI can fundamentally transform work, but only if there is a mindset reset around how it is being used.

This new approach introduces added complexity. Organizations will need to spend more time understanding, managing, and securing AI differently, but it’s clear that AI operating in this way is inevitable, so the time to start thinking about AI as a “second brain” is now.

We feature the best free office software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

The UK’s autonomous vehicle (AV) sector is entering a period of rapid acceleration. With London preparing for the rollout of driverless taxi services later this year, and regulatory backing strengthened by the Automated Vehicles Act, the shift from experimentation to deployment is becoming tangible.

That momentum is already visible on the capital’s streets. Waymo is currently testing its autonomous ride-hailing service in London, navigating complex urban environments ahead of its planned commercial launch. But as physical deployment accelerates, a more fundamental bottleneck is emerging.

The central challenge is no longer whether autonomous vehicles can navigate roads, but whether the industry can consistently demonstrate that they are making safe, compliant decisions in real-world conditions.

Without that capability, progress toward higher levels of autonomy will stall, regardless of how advanced the underlying driving systems become.

The industry’s hidden bottleneck

Recent incidents in London illustrate the challenge. Reports of an AV entering a taped-off crime scene in Harlesden, or repeatedly turning into a Shoreditch no-through road, highlight how unpredictable dynamic urban environments remain for automated systems. Modern AV systems already perform well at perception.

Using combinations of cameras, LiDAR, radar and AI models, vehicles can detect lanes, pedestrians and hazards with increasing accuracy, and AV companies have now logged tens of millions of autonomous miles globally.

However, the real challenge lies in the transition to Level 4 autonomy, where legal liability shifts from the human driver to the manufacturer. To secure regulatory approval and public trust, companies must be able to explain exactly why a system behaved the way it did in ambiguous situations, such as navigating a temporary road layout, conflicting signals, or unusual pedestrian behavior.

This is where current machine learning approaches fall short. While effective at pattern recognition, they typically operate as “black boxes,” offering limited insight into how individual decisions are reached. In a safety-critical sector like automotive, this lack of transparency creates a major commercial and regulatory constraint.

Manufacturers and regulators need definitive evidence that systems are acting in accordance with local road rules before they can deploy at scale.

The missing layer in autonomous intelligence

To bridge this gap, the industry is increasingly turning to knowledge-based AI, an alternative to large language models that uses carefully curated expert knowledge and structured reasoning to correctly answer complex, high-stakes questions.

Unlike purely data-driven models that infer behavior statistically from past training data, knowledge-based systems combine sensor inputs with explicitly defined rules, traffic laws and domain expertise. Rather than relying solely on probability, they enable vehicles to reason through decisions using structured logic.

That distinction is critical in autonomous driving, where edge cases are difficult to predict and regulatory scrutiny is high. While machine learning remains essential for perception and pattern recognition, knowledge-based AI provides a clearer chain of reasoning behind vehicle behavior.

Decisions can be traced directly back to the rules and logic that produced them, making systems easier to interrogate, validate, and audit.

In practice, this creates several advantages. Engineers gain greater visibility into how systems behave in complex scenarios, helping them identify failure points and improve performance.

It also makes systems easier to adapt for different markets, as local driving rules and compliance requirements can be updated through the reasoning layer rather than retraining or redesigning the entire AI system. This allows manufacturers to scale AV platforms more efficiently across jurisdictions.

From autonomous driving to auditable autonomy

Rather than replacing machine learning, knowledge-based AI acts as a supervisory reasoning layer, applying structured rules and safety logic to monitor and validate vehicle behavior in real time. The result is not simply a vehicle that can act autonomously, but one that can justify its actions.

And the implications extend well beyond autonomous driving. As AI systems are deployed in domains where decisions carry legal, financial or safety consequences, the question of how those decisions are produced becomes as important as the outcome itself.

This is already becoming a defining issue in sectors such as financial services and healthcare, where regulators increasingly expect companies to explain how AI-driven decisions are made.

Ultimately, knowledge-based AI enables AI systems to incorporate defined rules and reasoning into their decision making, rather than relying solely on statistical prediction. In autonomous vehicles, this could take the form of validating maneuvers against traffic laws before execution, but the same principle applies wherever decisions must be explainable, defensible, and auditable.

As AI becomes more deeply embedded in critical infrastructure and public services, the ability to evidence how decisions are made will move from a desirable feature to a baseline requirement across industries.

Proof over performance

The AV industry is often framed as a race to build vehicles that can drive themselves. Increasingly, however, the real challenge is building systems that can explain and justify their decisions in a way regulators, manufacturers and the public can trust.

Knowledge-based AI offers a definitive route to solving that problem. By combining machine learning with structured reasoning, it enables manufacturers not only to improve autonomous behavior, but to explain why systems acted as they did.

For the UK, long-term leadership in autonomous mobility will not be determined by perception systems alone. It will depend on which companies can deliver AI that is demonstrably safe, compliant, and auditable at scale.

We've featured the best AI tool.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

The reported cyber attack involving Canvas and the subsequent ransomware payment will inevitably trigger familiar debates around paying ransomwares.

Most organizations facing ransomware attacks avoid publicly confirming whether a payment was made. Even where payments occur, communications are typically cautious, limited, or deliberately ambiguous.

Admitting to a ransomware payment creates legal, regulatory, reputational, and ethical complications. It can invite scrutiny from customers, insurers, regulators, and shareholders. It may also create concern that the organization has become vulnerable to future extortion attempts.

On one hand, transparency can be viewed positively. Stakeholders increasingly expect honesty during cyber incidents, particularly where personal data is involved. Attempting to conceal the reality of an attack can create longer-term trust issues if details later emerge through other channels.

For many organizations, the decision to pay a ransom is ultimately driven by operational and financial calculations rather than principle alone. If they don’t have things like ransomware protection, backups, or logs it makes it an almost impossible task to recover.

Cyber insurers, legal advisers, and incident response firms may conclude that prolonged recovery, forensic investigation, service restoration, regulatory management, and reputational damage could cost substantially more than the ransom demand itself.

Pressure to restore services

In sectors like education, where downtime directly affects students, exams, coursework, and institutional continuity, the pressure to restore services quickly can become commercially and socially overwhelming.

That does not make payment risk-free or strategically desirable, but it does explain why some organizations determine that the immediate cost of disruption outweighs the uncertainty and expense of a prolonged recovery process.

However, transparency also exposes a more uncomfortable reality within modern ransomware incidents: it does in fact pay to be a cybercriminal.

Yet focusing solely on the ransom payment itself misses the larger issue.

This incident appears to reinforce a wider trend emerging across modern digital platforms: attackers are increasingly exploiting trust itself.

Reports suggest threat actors abused Canvas “Free-For-Teacher” accounts, leveraging a legitimate platform capability designed to support accessibility and adoption. Rather than forcing entry through traditional technical weaknesses, the attackers operated within accepted trust boundaries.

For education providers, this creates a particularly difficult balance. Platforms are intentionally designed to reduce friction for teachers, students, and external collaborators. Accessibility is part of the value proposition. However, the same openness that enables rapid adoption can also create opportunities for malicious actors to blend into normal platform activity.

This is not simply a security engineering issue. It is a governance issue around how digital trust is granted and monitored at scale.

Identity has become the primary security boundary

Cybersecurity strategies historically concentrated on protecting networks, endpoints, and data centers. Increasingly, those controls sit behind identity systems that determine who is trusted, what access they receive, and how quickly they can move through interconnected platforms.

Modern ransomware groups and financially motivated actors increasingly prefer credential abuse, social engineering, and exploitation of trusted workflows because they are often less visible than conventional intrusion methods. A valid account can bypass many of the controls designed to detect malicious behavior.

The challenge becomes even more pronounced in education as, unlike tightly controlled corporate environments, educational ecosystems are inherently decentralized. Institutions regularly support temporary users, external educators, contractors, collaborative learning environments, and remote access requirements. The result is a digital environment where trust relationships are broad by design.

That creates a difficult strategic question for providers and customers alike: how do you preserve accessibility without creating exploitable trust pathways?

The human consequences are often underestimated

Cyber incidents are still frequently measured through technical metrics: records exposed, systems encrypted, or hours of downtime incurred. Those measures rarely capture the wider societal impact.

In education environments, disruption affects students during formative periods of their lives. Exam preparation, coursework submission, academic continuity, and communication channels can all be interrupted simultaneously. Parents and educators face uncertainty around outcomes they cannot directly control.

There is also a more uncomfortable consideration in that educational platforms frequently contain data relating to minors. Even where sensitive information is not immediately weaponized, long-term exposure risks remain difficult to quantify. Personal information tied to younger individuals may retain value for years through identity fraud, social engineering, or future credential abuse.

The emotional dimension of cyber attacks is still poorly understood within many boardrooms because it does not fit neatly into conventional risk reporting.

The due diligence dilemma

Most schools, colleges, and mid-sized organizations cannot realistically perform deep technical assurance assessments against large SaaS vendors. Procurement teams are often left reviewing compliance certifications, security statements, audit summaries, and contractual language that may provide only partial visibility into actual operational practices.

This creates an accountability imbalance.

Customers remain responsible for protecting their own stakeholders and data, yet their ability to validate supplier resilience is constrained by commercial scale and information asymmetry.

That challenge is not unique to Canvas. It reflects a broader maturity gap across the SaaS market.

Many providers publish extensive security documentation, but external assurance still struggles to address practical questions such as: What assumptions are made about “legitimate” users? What controls exist around free-tier or trial account creation?

For customers, obtaining meaningful answers to these questions can be difficult without substantial procurement influence and the result is a market where trust is often inferred rather than verified.

The larger issue beneath the incident

The reported Canvas ransomware payment will understandably drive debate around criminal incentives and incident response decisions. Yet the more strategic question sits elsewhere.

The challenge for organizations is no longer confined to protecting infrastructure from external intrusion. It is understanding where trust is granted, how legitimacy is established, and what happens when a trusted platform becomes the weakest link in a much larger interconnected ecosystem.

That is not merely a cyber security concern.

It is becoming a fundamental business risk question about dependency, governance, and the fragility of digital trust at scale.

We've featured the best cloud antivirus.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

AI is undoubtedly accelerating data scientists' work, but it is also quietly eroding how data science skills are built in the first place. As copilots, automated pipelines, and increasingly capable models take on more of the hands-on work, the role of the data scientist is shifting toward solution design and strategic problem-solving.

Although this may be a welcome evolution for those who have long earned their stripes in the field, it introduces a risk many organizations, as a whole, are underestimating—the loss of repetition and practice that makes this expertise stick.

By reducing first-hand experiences and the challenge of problem-solving, AI-driven automation risks weakening the foundational expertise required for true data science mastery and system-level thinking. According to research from Anthropic, developers who delegated tasks entirely to AI showed weaker learning outcomes even when productivity gains were modest.

For years, developing data science skills meant spending time close to the work. This entailed tasks such as cleaning up messy datasets, performing exploratory data analysis, manual feature engineering, interpreting model outputs, and diagnosing why a model is underperforming.

This kind of hands-on work may not always be efficient, but they are effective. Repeating steps, getting stuck, figuring out what went wrong, and iterating builds intuition and creates a deeper understanding. Repetitive, direct interaction with data, tools, and code transforms knowledge into proficiency, then mastery.

But there’s a tension emerging: the very aspects of AI that make practitioners more productive—automation, speed, and reduced manual effort—are also removing many of the repetitive, hands-on workflows that historically helped data scientists build technical depth and lasting expertise.

Warning signs

The impact on data scientists is immediate and somewhat invisible. When probable answers are just one prompt away, there's less incentive to internalize patterns or build the mental models that enable independent critical thinking and judgment.

Over time, practitioners can complete tasks with AI assistance but struggle to diagnose issues, adapt approaches to unfamiliar contexts, or evaluate whether an AI-generated output is actually correct. In a field where edge cases and ambiguity are the norm, that gap matters.

Without the necessary adaptations to recognize and maintain core expertise, organizations will start to see the warning signs appearing subtly in judgment, troubleshooting, and knowing when to question AI outputs.

How organizations shift their tech teams and data scientists towards thinking in systems as opposed to tasks while reinforcing those core technical competencies will make a difference in ensuring those warning signs won’t progress so far as being clear and obvious negative impacts on the organization.

Hands-on engagement reinforces understanding

This is where organizations need to be deliberate. Not every task needs to be fully automated. The goal isn’t necessarily to slow down AI adoption or force a return to purely manual workflows, but to ensure that as work becomes more efficient, learning doesn’t become incidental.

Here are three frameworks that can help leaders be more intentional about where and how skill practice happens, ensuring AI reinforces learning as well as efficiency:

At the organizational level, dedicate learning time to close the loop between assisted work, knowledge retention, and deliberate practice on fundamentals. If skill erosion is not visible in productivity metrics, then leaders should implement proficiency metrics and periodic assessments.

At the team level, peer and manager reviews are critical to create accountability for independent judgment. This entails reviewing not just outputs but also reasoning, and fostering an environment in which team members challenge each other to explain why things work.

1. At the organizational level, dedicate learning time to close the loop between assisted work, knowledge retention, and deliberate practice on fundamentals. If skill erosion is not visible in productivity metrics, then leaders should implement proficiency metrics and periodic assessments.

2. At the team level, peer and manager reviews are critical to create accountability for independent judgment. This entails reviewing not just outputs but also reasoning, and fostering an environment in which team members challenge each other to explain why things work.

3. At the individual level, the key principle is to preserve engagement with the problem and being deliberate about what parts of the work you stay close to and what you delegate to AI. In some cases, it’s valuable for practitioners to have a dedicated space to engage more directly with the underlying work, such as exploring data without automation or validating AI-generated outputs step by step. Anthropic's aforementioned research supports a specific version of this: Using AI to understand, not just produce.

Fostering these moments of deeper, hands-on engagement across organizations reinforces understanding and long-term capability in ways that passive consumption cannot.

Learning through action makes mastery possible

The AI era is redefining what it means to be a data scientist. As faster tools and more automated workflows unlock new possibilities, teams can focus on more complex problems. But expertise doesn’t emerge from speed alone. It is often best built through experience and a knowledge of fundamentals.

As organizations continue to embrace AI, the challenge is preserving the conditions that build real skills. The “old school” practices that once defined data science—hands-on work, repetition, and learning through friction—are the very mechanisms that enable mastery. Ensuring that work becomes easier without making technology expertise harder to achieve will be critical in the AI-driven future.

We've featured the best AI tool.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

The retail industry is about to lose one of its oldest assumptions: that the shopper at checkout is definitely a human.

30 to 45 percent of U.S. consumers already use generative AI for product research and comparison, and that reliance will inevitably become more pronounced at checkout.

Agentic commerce is beginning to find its way into more consumers’ buying journeys as they look for new ways to shop.

If this new way of shopping maintains its pace, agentic shoppers could make up $190 billion to $385 billion in U.S. ecommerce spending by 2030.

AI agents aren’t only an emerging trend, they are becoming a new class of customer in the commerce ecosystem. But retailers' platforms and websites were not built for this kind of machine-led activity.

There are new pressures building on merchants to rethink and redesign their systems to support autonomous agents and avoid misclassifying legitimate traffic as risky when humans become more hands-off in their buying journeys.

Besides the challenge of becoming discoverable by AI agents, retailers need to be able to verify who is making transactions at checkout when the “shopper” is actually a machine.

That requires understanding which agents are authorized, which ones are malicious, and which ones represent real, valuable customers.

AI agents break the traditional trust model online

The status quo of online retail is being disrupted by AI agents, not because they introduce fraud directly, but because they break the signals merchants have relied on to measure trust for years.

Protocols and identity layers look increasingly different as agents operate in ways that can make them look like suspicious automation under today’s fraud rules. As agents make transactions using APIs rather than typical browsing flows, behavioral analytics loses its predictive power.

In many cases, the usual browsing journey that these brands have used to infer trust simply won’t exist. Retailers can’t assume that the agent is acting on behalf of a legitimate human without proof, so the question shifts from: “Is this user real?” to “Is this agent authorized to act for this user right now?”

The data already points to why this matters: By the end of 2025, online orders driven by LLM referrals were up more than 1,000% year over year. Even so, purchases executed by bots still make up fewer than 1% of all orders.

This is more than a shift in volume. The models that have been trained on human behavior patterns and to recognize bots as bad traffic now struggle when the “user” is a bot with no history and no trusted profile. The data gap creates a dual risk, more fraudulent activities slipping through, and more legitimate orders being declined.

The infrastructure behind agent-safe commerce

Retailers need to start treating AI agents as a new kind of digital customer in their trust systems. This requires an architecture that can authenticate which AI platform or agent is initiating a transaction, rather than treating all machine-driven interactions as anonymous bot traffic.

Ecommerce teams need to focus on providing machine-friendly commerce data with details like product pricing, in-store availability, shipping rules, and return policies that are well-structured, so agents can easily interpret them.

More importantly, they need to distinguish between three categories of activity, malicious automation, authorized agent-driven transactions, and blended human-agent behavior. And they need a way to instantly differentiate between automated threats and AI agents buying on behalf of valuable customers.

The hidden risk: blocking the next wave of customers

It’s a common misconception that the biggest threat retailers are facing is fraud, when the greatest risk is rejecting legitimate orders. What we are seeing now is retailers accidentally blocking agent traffic because it closely resembles typical bot traffic, which means they are losing visibility into how they are being recommended and selected and ultimately into transactions themselves.

Retailers need better classification systems that can separate hostile automation from authorized intent. This requires a more agent-ready commerce stack in five key areas:

Audit the stack for agent readiness: review product data, API accessibility, and machine-readable content to identify where trust breaks across the buying journey

Verify the agent behind the transaction: confirm the identity of the platform or service initiating the order (e.g. ChatGPT, Claude, etc.)

Prove the shopper’s permission: ensure the agent is acting with explicit authorization with controls around limits and categories.

Modernize fraud models for machine-led behavior: optimize classification accuracy, so legit agent-assisted orders aren’t treated like fraud.

Extend trust controls beyond checkout: prepare for agent-driven returns, exchanges, order edits, or support requests.

If retailers implement these steps, they are moving in the right direction to redesign the shopping experience and rebuild the infrastructure beneath it, so they can capture and not block agent-driven demand.

Machine-led commerce is on the horizon

For now, retailers and ecommerce merchants have time to adjust their strategies before agentic commerce enters a mature stage. The shift will start in narrower, repeatable purchase categories, but as the adoption grows, a competitive gap will emerge between retailers that prepared well, and those that didn’t.

To gain that advantage, online brands that modernize their identity, authorization, and risk infrastructure now will be in a better position to support machine-led transactions without adding any friction for the customer behind them.

The retailers that get this right will reduce fraud while capturing a new class of customers. Because even if shopping is done by machines, trust will still need to begin and end with the human customer.

We feature the best credit card processing.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Andy Jassy has enjoyed a long-running and successful career in the technology industry, being a part of the Amazon family for many years – including serving as CEO of AWS for nearly 20 years – before taking over from Jeff Bezos in 2021. In business and life, he believes, there are no shortcuts to success.

Getting hands-on

Jassy coined this turn of phrase when describing AWS in 2017, speaking with CNBC. The company was one of the fastest-growing hyperscalers at a time when the public cloud was becoming a critical part of the technology ecosystem.

Speaking to the success of AWS, Jassy said newer competitors on the market may be able to replicate the technology that the organization offers, but that the years of operational experience accrued made it dominant.

In that vein, Jassy suggested that AWS had been through experiences in dealing with customers that all hyperscalers would have to overcome – and there was no way to answer those questions without going through those same tribulations.

Putting in the hard yards

Compression algorithms are incredibly useful, especially in the age of big data and especially data-hungry large language models (LLMs).

Compression algorithms were the revolutionary tech at the heart of the 2013 HBO show Silicon Valley, and since then many companies have sought to ease the burden, including Google with its TurboQuant algorithm.

As Jassy suggested, however, experience in life and business doesn't work in the same way as data. The quote is perhaps more relevant today than it was then, in light of organizations around the world shedding entry-level jobs.

With businesses cutting the talent pipelines that could have led to years-long careers – much like Jassy's several decades at AWS – it may worsen not just the skills crisis but also create large experience gaps in the business world in the decades to come.

Bill Gates is a one of the stand-out technology pioneers, and has experienced his fair share of hype cycles, having led Microsoft for so many years. When new technologies emerge, it's normal to get excited – but sometimes the rate of progress and the expectations of not just consumers but other businesses fail to match the reality of innovation.

Technology hype cycles

The 'Road Ahead' was a huge bestseller and drew a lot of attention when it launched in 1995. Author Bill Gates, who was CEO and chairman of Microsoft at the time, used the book to opine on various philosophical and technological themes. One highlight in particular was a segment on technological hype cycles and the attitude of people toward innovation.

The first part of the quote – highlighting our fixation on where innovation might lead immediately – alludes to the immediate spike in media attention, excitement and, sometimes, overcommitment. We've seen that time and again over history – with AI a great example of a technology that's undergone numerous hype cycles since the 1960s.

We also fail to capture the reality of compounding gains over many years – with technologies needing not just breakthroughs but ecosystems and support layers. Over the period of a decade or so, we may not realise the small gains made along the way – but zoom and suddenly you realise how different things really are.

Excitement about the future

Exciting technologies today, including AI, threaten to follow in the footsteps of breakthroughs of yesterday, like the internet, smartphones, or even social media.

With expectations heightened, patience narrowing and technology exponentially improving, there's an argument to make that the situation is getting worse, not better, compared with when Bill Gates wrote that sentence in 1995.

Quantum computing is a prime example of how many, including investors, overestimate where the technology might be within a couple of years, projecting the lack of visible improvement forward – to the extent where many write off the tech altogether. Now, however, scientists expect us to build a superpowerful machine by 2030.

Artificial intelligence has transformed enterprise cybersecurity into a machine-speed quickdraw contest.

Today, threat actors routinely use AI and automation to launch sophisticated, multi-stage campaigns that exploit gaps between disconnected security tools.

Once inside a network, modern attacks move laterally across cloud environments, endpoints, and applications within minutes.

Because defensive windows have shrunk from hours to seconds, security teams must rely on AI-driven analytics to correlate threat telemetry and trigger automated remediation before a breach spreads.

To achieve this coordination, many organizations are aggressively pursuing platform consolidation. The logic is simple: by replacing a fragmented patchwork of niche security vendors with a single, unified security platform, a Security Operations Centre (SOC) can centralize its data, simplify management, and orchestrate automated responses more fluidly.

The hidden risks of the single ecosystem

While consolidation can simplify things, it also changes an organization's risk profile. When multiple layers of cybersecurity are interconnected through a single vendor’s control plane, dependencies build up. This level of architectural reliance introduces severe systemic vulnerability.

If your monitoring tools, identity systems, and automated response mechanisms all live under one roof, a single point of failure can paralyze your entire enterprise. A major software flaw, a configuration error, a vendor cloud outage, or a supply chain compromise can trigger a cascading failure that knocks out multiple layers of defense simultaneously.

Furthermore, extensive centralization strips an organisation of its long-term architectural flexibility. Once integrated into a single ecosystem, switching providers or adapting to shifting regulatory and digital sovereignty requirements becomes a massive, cost-prohibitive operational hurdle.

The balanced solution: Hybrid AI architecture

Faced with these challenges, forward-thinking cybersecurity leaders are looking at a happy medium between inefficient platform fragmentation, and total consolidation by adopting a balanced, hybrid approach.

This strategy centralizes AI-driven analytics and detection where shared visibility adds the highest value, while deliberately maintaining strict independence in critical operational zones. A resilient hybrid architecture divides the security environment into two distinct operational mandates:

1. Centralized visibility and detection: Security teams should continue to feed telemetry from endpoints, networks, and cloud infrastructure into a centralized, AI-driven engine such as an advanced SIEM or XDR platform. This allows AI to analyze vast pools of data in real time, map attacker behaviors, and coordinate high-speed incident responses across the enterprise.

2. Isolated control layers: To prevent a total system collapse during a crisis, critical defense layers must remain insulated from the primary detection platform. Two pillars require absolute autonomy:

Identity and Access Management (IAM): Systems controlling user authentication and policy enforcement (like Okta or Active Directory) should not be deeply intertwined with the automated response platform. If an attacker compromises the automated security system, an isolated identity layer prevents them from gaining total, unhindered access to the entire enterprise kingdom.

Backup and Recovery Infrastructure: Disaster recovery tools lose their effectiveness if they rely on the exact same network infrastructure they are designed to restore. Maintaining independent, immutable, and air-gapped recovery layers ensures that even if a ransomware campaign or platform outage takes down the primary network, the business can safely restore operations from a position of absolute control.

Designing for survival

The reality of modern enterprise IT is inherently hybrid, spanning legacy systems, multi-cloud environments, and distributed global workforces. Attempting to force this sprawling complexity into a single security platform is impractical and not without risk.

As artificial intelligence continues to accelerate the threat landscape, the pressure to automate and simplify will only grow. Unified AI ecosystems are essential for operational speed, but true resilience requires architectural balance. Future security strategies will not be judged solely on how quickly they detect a threat, but on how effectively the business can maintain continuity during a catastrophic disruption.

By blending centralized AI intelligence with strategically separated control layers, enterprises achieve the ultimate defensive posture: machine-speed responsiveness without the risk of systemic collapse.

Our rankings of the best cloud backup platforms.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Artificial Intelligence (AI) has become a defining factor in the Managed Service Provider (MSP) market - not only as the service clients want most, but as an operational enabler that MSPs can harness to scale teams, protect margins and deliver better service.

Amongst a backdrop of fiercer competition, smaller deals and a widening talent gap, AI-driven efficiency gains will become essential to ensuring sustained growth.

Recent statistics show that the MSP environment is increasingly defined by tighter deal sizes, cautious buyers and rising delivery cost. Growth hasn’t disappeared altogether, but it is harder to earn.

Not only does securing new business in a crowded market require clearer differentiation. Many MSPs also find that they are continuously having to prove their value to clients, facing dual pressure to maintain high performance levels while operating more efficiently at the same time.

Here are the five key trends currently shaping the market – and how MSPs can adapt:

More competition makes winning deals harder

MSPs need consistent client acquisition to drive revenue. Otherwise, growth slows, revenue shrinks and planning becomes unreliable. However, data shows that winning new customers is getting harder.

Most new clients are switching from another provider rather than buying first-time. This means more providers are competing for the same accounts, with buyers expecting clear proof of value before signing on the dotted line.

When clients have more choices and are more selective, standing out requires more than marketing claims. MSPs should expect their prospects to put heightened scrutiny on pricing, service scope and proven results and be prepared to answer difficult questions.

Those who can demonstrate how their services reduce business risks, improve uptime or increase operational efficiency will be in a stronger position to win new business.

Additionally, structured, profitable and scalable service models will be key to converting demand into revenue.

Average deal sizes are declining

Not only are deals currently harder to close, deal sizes are also declining. As organizations reduce IT budgets, many MSPs are finding that clients will only commit to smaller contracts. Large annual contracts are becoming less common, impacting average monthly recurring revenue across the channel. Taken together, these factors are limiting revenue growth and expansion opportunities for MSPs.

Many are finding that they have to build revenue growth in smaller increments rather than huge account wins. However, data also shows that growth in the market is somewhat uneven: While some MSPs operate with little or no margin, others are experiencing the opposite.

Cost pressure is a recurring theme. Rising labor, tool and IT infrastructure costs are directly constraining growth. Those still posting strong margins have found ways of absorbing higher costs and are managing to weather the storm, with performance in the top margin tiers remaining steady.

The skills gap is having an impact

Talent constraints create additional operational challenges as MSPs are facing difficulties hiring technicians or increasing their workforce to support expanding service portfolios. Often, routine tasks continue to consume large portions of technician capacity.

MSPs should harness automation and AI to reclaim this valuable time. Many are already applying these technologies in high-volume workloads including monitoring, ticketing and alert management, but only a minority so far has achieved broad automation. Moreover, only few have extended AI use to outward growth initiatives such as sales, marketing and client onboarding.

Expanding automation across more areas will reduce manual effort, improve consistency and productivity and allow MSPs to scale operations without increasing staffing at the same pace.

AI is becoming a key differentiator

Looking at where future growth is coming from, AI and automation are emerging as the biggest opportunities. Both have become top client needs ahead of security and backups. Many customers now prioritize AI-driven capabilities over more traditional services.

This creates new opportunities as well as new pressures. MSPs that can turn AI and automation into clear, outcome-focused services will be better placed to stand out in competitive bids and meet evolving client expectations.

However, with providers still working on defining, packaging and pricing their AI related services, it will be some time before AI and automation become meaningful revenue streams. Those that move early to formalize offerings – for example, by packaging AI as a defined service (AIaaS) and showing clear, measurable outcomes from automated workflows – will have a head start in capturing client demand and securing a larger share of the market.

Security remains a reliable growth engine

Cybersecurity and backup services continue to deliver reliable core revenue for MSPs. Clients rely heavily on MSPs for these areas, and for many providers, security represents a key source of income, second only to endpoint and network management.

This is not just driven by growing general security awareness, but also by the ongoing threat and attack levels. With MSPs providing the primary source of cybersecurity advice for their clients, demand is likely to remain high.

Cybersecurity also offers important opportunities for revenue expansion, followed by business continuity and disaster recovery (BCDR). As clients seek to boost their protection against cyber threats, they also invest more in data recovery to improve their resilience against cyber incidents.

To meet client expectations and make the most of the opportunities available, MSPs should treat and market security as a core offering. Providers that strengthen their security capabilities and closely integrate them into their service packages will find it easier to retain and win new business.

This means going beyond basic protection tools such as anti-malware, firewall and network security. Advanced threat protection is essential, while endpoint detection and response (EDR) should be a foundational part of every security stack.

Consolidating security, monitoring and backup tools where possible can remove unnecessary overhead, simplify operations and allow technicians more time to focus on other tasks. AI has an important role to play in this too, delivering smart security insights and automating actions.

As the market evolves further, MSPs will have to work smarter to convert demand into sustained revenue and growth. The providers that will lead in the next cycle are not simply those that add more services. They will be the ones that simplify their stacks, automate intelligently and package emerging capabilities like AI into measurable outcomes.

We feature the best ITSM tools.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Businesses are facing a new challenge - shadow AI. For decades, enterprise teams struggled with ‘shadow IT’, in which employees would bypass procurement processes and approvals to adopt their own cloud platforms and SaaS apps.

Today, employees are rapidly adopting generative AI, AI copilots, and automation platforms outside of controls put in place by centralized IT department. Teams are unleashing the potential AI, but IT isn’t always aware and that’s creating a real risk related to ‘shadow AI’.

The speed of AI adoption is outpacing governance. Yes, employees should absolutely be experimenting with AI. It can automate manual tasks, help employees focus on higher-value work, and drive better decision-making.

The challenge is that companies aren’t always aware of AI usage. Unlike traditional software, AI models and automation tools don’t require significant infrastructure or procurement. Users can adopt new tools right away, without IT’s involvement.

Operational visibility

As adoption grows, AI is getting baked into departmental processes without proper governance or oversight. Companies are no longer just struggling with procurement. They’re struggling with operational visibility.

They don’t know what AI tools their employees are using. They don’t know what data is being uploaded. They don’t know where sensitive data is stored and that leaves companies exposed to operational, compliance, and reputational risk.

Vendor sprawl is creating additional complexity, as it is one of the biggest challenges with unmanaged AI usage. Many companies have woken up to the fact that AI is already being used throughout the business. The problem? They’re trying to simplify operations by adding more AI tools on top of already fragmented technology landscapes.

Every department is procuring different AI platforms. Employees are creating custom automations. Suppliers are dropping AI capabilities into their products with little oversight.

It’s created a disjointed ecosystem of tools, suppliers, and automated workflows. Vendor sprawl is only exacerbated when you throw multiple providers into the mix, such as outsourcing vendors, public cloud platforms, and SaaS vendors, where accountability is divided among parties.

AI blind spots

Add AI into the mix and you’re creating additional blind spots. When an automated workflow breaks, produces incorrect results, or violates compliance standards, who is responsible? The AI model supplier? The underlying software vendor? The automation platform? The person who deployed it? The data source?

If companies don’t have strong governance around AI activity and service integration, these questions will be difficult to answer. AI transformation is an operating model problem, not just tech and many are looking at AI transformation the wrong way. Rather than just trying to deploy AI tech, leaders need to consider how AI tools are used across the business.

Building AI resilience isn’t about using the most AI tools. It’s about building governance, responsibility, and operational resilience into AI activity from the start.

It requires a shift in mentality. IT teams can’t just be gatekeepers anymore. More teams will use AI tools with or without IT approval. Attempting to restrict AI usage will lead to more shadow IT.

IT and IT service management teams need to evolve to focus on service integration, governance, and operational oversight. This includes:

• Creating transparency into AI usage
• Setting responsible AI usage guidelines
• Managing supplier risk
• Integrating AI into operational workflows
• Setting accountability for AI-driven decisions
• Enabling innovation with proper governance

Organizations need end-to-end visibility into AI usage across teams, suppliers, automation tools, and third-party AI services. Without it, there will be cracks that appear in their operational resilience.

Governance will become even more important as regulatory pressure mounts. Governance is only going to become more important as legislators turn their attention to AI. With new regulations like the EU AI Act coming into play, as well as new interpretations of existing data protection legislation, companies are going to be expected to account for how AI tools are monitored, governed, and used.

But most companies are adopting AI long before they have considered AI governance. By the time governing bodies step in to regulate how businesses use AI, businesses will likely be far behind on governance considerations.

Employees may inadvertently share sensitive information through public AI systems. Companies may start using AI-generated content for customer-facing operations without fact-checking or validating quality. Internal decisions may be made by automated workflows with no visibility or auditability.

4 Steps to avoid a shadow AI crisis

It’s not too late for businesses to avoid a shadow AI crisis. However, they need to take action to responsibly manage AI tools and usage.

1. Understand how AI is being used Gain an understanding of what AI tools are being used across the organization, by who, and for what purpose. This includes informal or department-led initiatives happening outside of IT.
2. Define responsible usage guidelines Set clear guidelines for responsible AI use, data practices, supplier risk management and accountability. You don’t need to create restrictive approval processes. But you should create practical guardrails for teams to follow.
3. Treat AI as an operational service AI is increasingly being integrated into business-critical workflows. As such, it should be treated like any other critical service. Define who’s responsible for AI activity, how suppliers are managed, and how security and compliance is enforced.
4. Approach AI governance as a company-wide initiative AI governance shouldn’t be the sole responsibility of IT. Procurement, security, HR, operations, legal, and executive leadership all need to work together.

The reality is organizations don’t need to fear AI. But a starting point is recognizing how unknowingly they’re already losing visibility and control around the technology that’s increasingly powering their business.

We've featured the best AI chatbot for business.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

AI doesn’t make integration intelligent by design. It just makes the gaps harder to ignore.

In mergers and acquisitions, technology doesn’t rescue a poorly prepared integration, it exposes whether two companies were ever ready to operate as one.

Fragmented systems, inconsistent data, weak governance and misaligned access controls: none of that disappears after the deal closes. It sits there, undermining value.

McKinsey’s 2025 State of AI survey found that nearly nine in ten companies now use AI in at least one business function.

Separately, Bain’s 2026 M&A report found that AI adoption in M&A more than doubled last year, with one in three dealmakers now systematically deploying it inside the deal process and across the post-deal operating model.

That acceleration is significant, because many companies are deploying AI before they have resolved whether their data, permissions and governance can support it. In integration work, this becomes visible very quickly.

AI turns M&A fragmentation into business risk

Every acquisition entails some operational overlap that is hard to avoid. The problem is that unmanaged AI use can turn overlapping into an operational contradiction.

Diverse data definitions across the now-integrated businesses can produce inconsistent outputs; different access controls create permission risk; and conflicting governance models leave accountability unclear.

Accounting for duplicate systems that create cost and process drag, AI accelerates these problems rather than resolves them.

When AI draws on inconsistent data across a combined business, its outputs are not obviously unreliable. They look authoritative but misinform decision-making before anyone identifies the contradiction underneath.

Boston Consulting Group analysis found that six in ten companies have yet to show measurable results from AI investments, with poor data quality, inadequate architecture and fragmented governance among the most cited barriers. In M&A, those weaknesses are not inherited once they are inherited twice. Each company brings its own version of the problem, and the merged organisation multiplies every gap.

The risk is not that AI fails outright - it is that AI scales operational fragmentation faster than the business can control it.

The hidden integration problem is governance

Consider two companies that are individually well governed: their permission structures still conflict when merged, data definitions diverge and ownership blurs. Every AI workload layered onto the combined organisation deepens the friction.

This is not a problem of poor management on either side it is structural, and it surfaces the moment companies attempt to operate as one.

After a deal closes, the pressure is immediate. Leadership teams want to combine workforces, standardize systems and start using AI across the new business. Speed is paramount. But AI introduces questions that cannot be deferred.

Who can access which data? Which data is AI allowed to use? Who owns AI outputs? Who audits the decisions AI informs? Which policies govern the new operating environment and who intervenes when outputs are wrong?

These are not questions that resolve themselves over time. Left unanswered, they become embedded in how the combined business operates.

Why this becomes a deal-value problem

This is where deal theory starts to weaken. Synergies depend on shared processes, data and operating discipline. If AI is asked to operate across fragmented foundations, costs become less predictable, integration timelines stretch and time-to-market slows. Security exposure widens as uncontrolled data flows multiply across two estates.

We see this most clearly when companies try to scale AI across a combined business before agreeing on the basic operating rules beneath it. A deal can look attractive on paper, but if the merged organisation cannot produce reliable data flows, consistent governance and stable access controls, AI initiatives will struggle to deliver the value the deal was built on. The gap between what leadership expects and what operations can deliver grows each quarter.

For buy-and-build strategies, the risk compounds with every acquisition. If each new business brings its own systems, data rules and access logic, AI becomes harder to govern with every deal. Without a disciplined approach to operational readiness, the cost of integration escalates faster than the value it was supposed to generate.

What operational maturity looks like in AI-led M&A

The task is not to slow AI adoption. It is to decide what must be standardized before AI is scaled.

For leadership teams, these questions matter most:

1. Can we trust the data? Have the systems and data estates across both companies been fully mapped before any AI workload touches the combined environment?

Without this, AI draws on sources that may conflict, producing outputs that appear reliable but are built on inconsistencies that cannot be traced or corrected.

2. Is ownership clear? Who governs AI outputs, who audits decisions and who is accountable when something goes wrong?

In the absence of defined ownership, errors compound silently and post-incident remediation becomes exponentially more costly than prevention.

3. Is access controlled? Are permissions standardized so that AI draws only on data it is authorized to use, across an environment where the rules are consistent?

Inconsistent access controls are not just a governance risk they create direct security exposure as AI workloads traverse data boundaries that were never designed to be shared.

When these three questions are resolved, cost becomes predictable and the business can scale with confidence. When they are not, every new AI initiative adds risk. The companies that create value fastest from M&A will not be those that apply AI most aggressively.

That means mapping before scaling, standardizing before deploying and resolving ownership before delegating decisions to automated systems. Deal value depends not only on what a business acquires, but on how quickly the combined company can operate intelligently.

AI will not hide operational fragmentation it will put a spotlight on it.

We review and rank the best cloud storage software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

At the end of April, Vimeo, the second-largest video hosting, sharing, and streaming service after YouTube, publicly confirmed it had suffered a data breach affecting around 119,000 users and customers.

As is often the case, however, the devil is in the details. ShinyHunters, the ransomware group that claimed responsibility, threatened to release Vimeo data on the dark web after breaching the defenses of Anodot, an analytics company that provides real-time anomaly detection.

Anodot's product requires direct access to its customers' cloud data sources, such as Snowflake, BigQuery, S3, and Kinesis, to monitor metrics at the data source level.

On April 4, Anodot reported a broad outage when its data collectors went down across Snowflake, S3, and Kinesis. What initially appeared to be an availability incident turned out to be an active intrusion, and ShinyHunters were already inside Anodot's environment and, by their own claim, had been there long enough to map the connected customer environments.

They exfiltrated OAuth tokens and API keys that Anodot used to read its customers' clouds, then logged directly into those customer clouds.

The knock-on effect was felt by dozens of companies, including Rockstar Games, with ShinyHunters claiming to have exposed the company’s internal analytics and reporting data on the dark web after Rockstar Games refused to pay the ransom.

As for Vimeo, the company confirmed that user metadata, including technical information, video titles, video metadata, and customer email addresses, was exposed, but made it clear that video content, passwords, and payment details were not.

ShinyHunters has also listed Zara, ADT, Udemy, Hims & Hers, Adidas, CarGurus, Crunchyroll, and dozens more on the same leak site, all reportedly breached through the Anodot vector.

A growing B2B risk model

This is far from a one-off or novel incident; it reflects a threat actor strategy that has quietly become one of the dominant risk models for B2B data services. By any measure, a vendor that requires privileged access into customer cloud environments represents a high-value target.

Once attackers obtain the vendor’s credentials, they effectively gain a passport to potentially limitless downstream environments. Every customer that has federated trust with that vendor can then be exposed to weaknesses within the vendor’s environment.

Indeed, any data warehouse query, from anomaly detection, observability, BI and reverse-ETL to customer data platforms, security scanning and marketing analytics, sits in the same architectural crosshairs. The situation and risk are anything but unique to Anodot.

The key question for security teams is not whether a vendor appears secure on paper. Granted, certifications, audits, penetration testing and other evaluation processes provide an important snapshot of security maturity, but they do not necessarily reflect how risk propagates if a trusted third party is compromised.

In these environments, exposure is often shaped as much by architectural dependencies and access design as by the vendor's security posture.

Central to the challenge security leaders face is the rapid growth of cloud-native infrastructure, SaaS delivery models and API-driven integrations. By definition, this has significantly increased the number of third-party services operating within enterprise environments.

For example, many analytics, observability, AI, security and operational platforms depend on persistent connectivity to customer environments to function effectively, often through APIs, OAuth grants, service accounts or cloud identity roles.

In many organizations, these integrations have evolved incrementally over time, resulting in increasingly complex trust relationships between internal systems and external vendors.

While these architectures improve operational visibility and automation, they can also create indirect attack paths that extend beyond the customer’s own security perimeter. This is what Anodot and its various customers have been dealing with.

Mitigation strategies

As mentioned, this has become a well-understood attack vector and, as a result, security and infrastructure teams are increasingly reassessing how trust is delegated across cloud and data environments, particularly where vendors maintain continuous or privileged access.

Options include reducing standing access and limiting the scope of third-party permissions wherever possible. In addition, architectural approaches such as short-lived credentials and customer-controlled access revocation are increasingly being adopted by organizations seeking to reduce downstream exposure in the event of a vendor compromise.

Elsewhere, organizations are reducing unnecessary retention of customer data within third-party environments, limiting the amount of information that could potentially be exposed during a breach. This is a very sensible move from an overall data protection and privacy standpoint, regardless of how victims are actually breached.

In practice, many IT and security leaders are now evaluating vendors not simply on compliance certifications or audit status, but on how access is structured, monitored, constrained and revoked across interconnected environments.

This reflects a growing recognition that security exposure is increasingly shaped by trust architecture and dependency management as much as by perimeter defense or endpoint protection alone.

Rethinking the trust model from the ground up

Mitigation strategies matter, but the most durable protection comes from choosing vendors whose architecture doesn’t create the problem in the first place. The Anodot breach is a useful illustration of what the high-risk model looks like: a vendor that sits inside customer environments, holds long-lived credentials, and becomes a single point of failure for everyone downstream.

The lower-risk alternative inverts that model entirely. Rather than a vendor reaching into your cloud, data flows outward from the vendor to you. The vendor supplies structured data through an API or a managed delivery pipeline; you consume it.

There are no OAuth grants into your warehouse, no service accounts in your cloud, no persistent session the vendor maintains into your infrastructure. If that vendor is compromised, the attacker gets the vendor’s own environment. They do not get a skeleton key to yours.

This distinction is increasingly relevant for the teams operating at the data-intensive end of security - threat intelligence, digital risk protection, fraud detection, and similar functions — where the volume and variety of external data sources creates significant third-party exposure by default.

For those teams, the question worth asking of every data supplier is simple: does your product require any form of access into my environment, or does data only flow outward from yours to mine? The answer shapes your blast radius in ways that no compliance certificate can.

We've featured the best encryption software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Satellite constellations are already transforming global connectivity, extending the Internet’s reach to nearly every corner of the planet. Now, as conversations turn toward compute in orbit, the focus is expanding from connectivity alone to how distributed infrastructure will shape the future of digital services.

But what does it really mean for connectivity when infrastructure extends beyond Earth? The answer is crucial, because space isn’t just another deployment site, it introduces fundamentally different opportunities and constraints that challenge how modern digital services are designed and delivered.

Understanding Space Infrastructure

Space will not replicate the data center environments we know today. Constraints like launch capacity, radiation, power generation, cooling, and physical size mean orbital compute resources will likely be smaller and more specialized than hyperscale infrastructure on Earth.

Rather than lifting existing data centers into orbit, space is likely to inspire new forms of distributed compute and storage nodes, designed to complement terrestrial systems.

Because these distributed resources need to work together seamlessly, connectivity becomes the critical enabler. In other words, the real shift isn’t about relocating data centers to space. It’s about extending the distributed architecture of the Internet itself.

The opportunity lies in distribution

For decades, application architecture has evolved to improve user experience. Content delivery networks moved content closer to users. Cloud platforms introduced elasticity and geographic redundancy. Edge computing pushed processing toward the point of data creation. Space introduces another dimension to this model.

Rather than relocating entire applications, organizations will likely distribute functions across multiple environments, including terrestrial clouds, edge infrastructure, and space based platforms, all depending on what makes architectural sense.

Satellite-based Earth observation systems, for example, generate enormous volumes of imagery and sensor data. Processing portions of that data in orbit before transmitting results back to Earth could reduce bandwidth requirements and accelerate insights.

Other use cases may involve distributing cached content, supporting connectivity in remote environments, or enabling services for moving platforms such as ships, aircraft, and industrial operations.

What matters most is that space becomes another place where parts of a service can run, alongside existing terrestrial and cloud infrastructure.

Orbital connectivity follows different rules

Designing systems that rely on orbital infrastructure also requires understanding how satellite connectivity differs from terrestrial networks.

Satellite constellations are dynamic by nature. Satellites move continuously, requiring constant handoffs between spacecraft and ground stations. Network paths change continuously as satellites move and the routing topology shifts with them.

Even when performance is strong, these dynamics introduce behaviors that traditional network architectures were not built to accommodate. Latency profiles differ too. Low-Earth orbit constellations operate at a fraction of the altitude of geostationary satellites, which matters, but a 20–40ms round-trip is still not terrestrial fiber.

Bandwidth characteristics also differ. Satellite connectivity is often asymmetric, with significantly more capacity for downloading data than sending it back upstream. Power constraints and radio transmission requirements make large uplink transfers more expensive than their terrestrial equivalents.

These realities mean that not every workload belongs in space. Instead, the most effective architectures will carefully consider which components should run where, based on latency sensitivity, data volume, and operational constraints.

The internet is extending its reach

Today's Internet already spans continents and oceans through vast terrestrial and subsea infrastructure. Satellite networks aren't a future concept, they are operational now, delivering connectivity globally and extending reach to places where traditional infrastructure is difficult or impossible. Future orbital compute may yet introduce new processing and storage capabilities as well.

For service architects, this means digital platforms may soon operate across a combination of terrestrial fiber infrastructure, subsea cable systems, wireless access networks, hyperscale cloud environments, edge compute platforms, and satellite constellations or other orbital systems.

From a user’s perspective, however, none of this complexity is visible. They simply expect the service to work. But when a single user interaction may traverse a local access network, a regional ISP backbone, a subsea cable system, a cloud region, and potentially a satellite link, performance issues can emerge anywhere along that path - from congestion on a terrestrial route to disruptions at a satellite ground station.

So while space based compute infrastructure may still be years away from large scale deployment, the architectural questions it raises are already relevant today.

Understanding how these pieces interact will be the key to building resilient digital services, whether the infrastructure supporting them sits in a data center, at the network edge, or hundreds of kilometers above the Earth.

We've featured the best cloud computing provider.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

The enterprise AI gold rush is over. What comes next is far less glamorous and far more important: execution.

Boards are no longer funding experiments, and they are demanding execution.

Indeed today, many boardroom conversations have shifted focus from pilots and demos to a much more difficult question: what does it really deliver in production?

The answer lies inside real organizations, where systems are fragmented, processes are constrained, and risk is non-negotiable. And this is where most AI initiatives stall because the organisation is unable to operationalize them.

Success is no longer about demos and model capability, but whether a firm can deploy AI safely, reliably and at scale within existing systems.

We are entering a new phase. Not the model era. The execution era.

How we got here

Now, cast your mind back to 2023 and the dominant challenge in enterprise AI was access including access to capable models, enough processing power, as well as engineers who knew what they were doing.

This period was genuinely exciting, and yet it was also an extremely expensive way to learn that a graveyard of ‘proofs of concept’ does not amount to business transformation. In hindsight we can see that in most cases, the model itself was rarely the problem, it was the business which fell short.

Fast forward to today, and it is more than evident that frontier model capability is beginning to converge, and this means that differentiation shifts towards orchestration, governance, execution, and integration inside real enterprise environments.

Put simply, we know that frontier models can handle most knowledge-work tasks competently so that capability is no longer the limiting factor. The limiting factor is whether AI can operate inside the systems businesses already run, without introducing new risk, friction, or complexity.

From isolated intelligence to integrated execution

This requires a shift from isolated intelligence to integrated execution because in production, AI does not exist in a vacuum. It interacts with legacy systems, approval chains, compliance requirements, and fragmented data sources that were never designed for autonomous systems. This is precisely where most AI initiatives break.

Much of the conversation around enterprise AI risk still centers on hallucinations and incorrect outputs. These issues matter, but they are not where most deployments fail as the real failure mode is governance.

AI systems struggle not because they lack intelligence, but because they lack the ability to operate within structured organizational environments. They cannot reliably enforce policy at the point of action, nor provide clear accountability for what was done and why. Enterprises do not adopt AI because it is intelligent. They adopt it because it is predictable, controlled, and accountable.

There is a fundamental difference between a model that can generate an answer and a system that can execute a workflow. Generating a procurement recommendation is trivial. Executing a procurement workflow inside a legacy ERP software system respecting approval hierarchies, flagging exceptions, and producing a clear audit trail is not. This is where trust is built.

The next steps

If you want to understand where AI will create real enterprise value, then look to regulated industries such as banking, telecoms, and utilities. These sectors are not slow adopters. They are disciplined adopters. They operate within strict compliance frameworks, data sovereignty requirements, and deeply embedded legacy systems.

In regulated environments, for example, a single AI-triggered action may require policy validation, role-based approvals, compliance logging, and explainability before execution is permitted. Here, AI cannot bypass these constraints as it must operate within them.

This creates a natural filter because once AI works in these environments, it works anywhere. For many enterprises, particularly in regulated industries, sovereignty over data, workflows, and model orchestration is becoming just as important as model intelligence itself.

A great deal of today's AI is assistive. It helps individuals, for example, to write, analyze, summarize, and recommend and this has value, but it’s not transformative. Instead, transformation begins when AI moves from assistance to execution when it can act within defined boundaries, navigate real workflows, interact with multiple systems, escalate when necessary, and produce a clear record of what it did and why.

This is where ROI becomes visible, but it also significantly raises the bar. Autonomy without control is not useful as it is a liability. The execution era is therefore not just about capability; it’s about controlled autonomy.

The next AI leaders may not be the companies building intelligence itself, but the companies making intelligence operational across real enterprise systems. In that sense, the strategic battleground is shifting from models to execution infrastructure.

The gold rush was about possibility. In the execution era, intelligence alone is cheap. Trusted execution is the real infrastructure layer.

We feature the best data visualization tools.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

The UK is experiencing a watershed AI moment, and the momentum is real. British AI startups raised £6 billion in venture capital last year, and in just the first three months of 2026 they have already raised more than half that figure again.

The Government's recently launched Sovereign AI Unit, backed by a £500 million public investment, is designed to accelerate this momentum by giving the UK's most promising AI companies direct access to computing power, R&D support and government procurement opportunities.

The ambitions are right. The UK has genuine strengths in AI research, a world-class university sector and a growing startup ecosystem attracting serious global capital.

But there is a fundamental question these ambitions raise, one the telecoms industry needs to put firmly on the table: you cannot scale AI without the connectivity infrastructure to support it.

The case for quality, not just coverage

Coverage maps tell you where the network is. Performance data tells you whether it actually works. More than 95% of the UK's landmass has at least some 4G coverage, more than many countries across Europe, and on that measure the UK performs well. But coverage is only part of the picture.

We all know that the UK isn’t where it should be with quality standalone 5G. The UK currently ranks last among 16 comparable high-income Western European markets on key 5G performance measures, with only 15% of 5G sites delivering the standalone architecture that is the global gold standard.

This gap has real consequences. Analysis from Analysys Mason and Opensignal shows UK users get just 5.8 Mbps of 5G speed for every euro (£0.87) they spend each month, the weakest return among comparable European markets. In Portugal, consumers get almost four times as much at 20.9 Mbps per euro (£0.87).

But the crucial point is this: we know exactly what the problem is, we know what the solution looks like, and we have the tools to close the gap. The good news is that there is a smarter, faster and more cost-effective path to the 2030 standalone 5G target than the one the UK is currently on.

AI needs physical infrastructure, not just software

This is where the conversation needs to get specific. AI is not just software in the cloud. It requires a robust, low-latency, high-capacity network backbone to function at scale. The applications that will determine whether the UK's AI investment translates into economic growth do not run on aspiration. They run on milliseconds and bandwidth.

Delivering AI at scale requires three things working together. The first is standalone 5G architecture for ultra-low latency below 10 milliseconds and the massive bandwidth capacity that real-time applications demand.

The second is dense small cell networks, with AI applications requiring cells significantly closer to users than traditional macro towers allow. In dense urban areas, high-quality standalone 5G requires between 37 and 96 small cells per square kilometer.

The UK currently has approximately 5,000 deployed across the entire country, leaving significant room for targeted investment to close that gap. And finally, edge computing infrastructure positions processing power closer to where data is generated, enabling the real-time responsiveness that applications like autonomous vehicles and industrial automation require.

Good 5G is not about coverage percentages. It is about consistent experience, whether you are a start-up looking to scale, a commuter on a train, or a fan at a football stadium. Getting this right is what will allow the AI companies attracting record levels of capital to scale their most demanding applications on home soil.

Shared infrastructure is the fastest route forward

The most efficient path to closing the investment gap already exists. Shared infrastructure is cheaper and faster to deploy, requires fewer sites, consumes less energy and, critically, it works.

Shared models have already freed up £3.4 billion for UK operators and €26 billion across Europe to reinvest in network quality. Rather than spreading capital across redundant deployments, sharing allows operators to direct investment where it matters most: performance and coverage quality.

Unlocking shared infrastructure at scale requires a planning system that supports it. The Product Security and Telecommunications Infrastructure Act was passed over three years ago and remains largely unimplemented. Full implementation would unlock upgrades on over 6,200 sites today.

Treating mobile and fixed broadband equally under Permitted Development Rights would remove an unnecessary barrier to deployment. Creating an environment which rewards quality-focused investment such as a structure that supports sharing over sole-use builds would further accelerate progress. These are practical steps; the levers are already there.

The opportunity is there to be seized

A fully realized standalone 5G network could contribute £159 billion to the UK economy by 2035. That is not a distant or theoretical prize. It is the direct return on infrastructure investment decisions being made right now.

The UK has everything it needs to lead: world-class AI talent, growing capital flows, genuine government commitment and an infrastructure sector ready to deploy shared solutions at pace.

The delivery choices made between now and 2030 will determine whether the UK's AI ambitions translate into genuine economic leadership. This country has every reason for confidence.

Fix the network, back shared infrastructure, clear the planning barriers, and the applications the UK is funding today will scale here, on infrastructure built for the job. That is an outcome well within reach.

This is no longer a technology question. It is an execution question – and one the UK is well placed to answer.

We've featured the best AI tool.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Physical home media has gone through a turbulent time the last few years. With the rise of streaming services, demand for physical media over the past few years has steadily declined, with people choosing the convenience of streaming over physical discs.

There's still a dedicated fanbase of physical media collectors, though, and more recently streaming price rises and splintering means people have more interest just owning the stuff they want to watch. I’ve been writing about my hope for the resurgence of 4K Blu-ray, and physical media in general, since 2023. Now in 2026, I’m actually more hopeful than ever. It couldn’t come at a better time either, with the 20th anniversary of Blu-ray’s debut on June 20th, 2026.

I recently spoke to Kath Summersgill, Joint Group Head of Sales at Key Production Group, an agency specializing primarily in physical music and packaging manufacturing with vinyl, cassette and CD. However, the group also works with Blu-ray, both video and audio varieties, and DVD. We discussed the state of Blu-ray production, and physical media in general, and she had some encouraging things to say.

Promising numbers

“We’ve seen an increase in Blu-ray sales of over 10,000%, particularly in Blu-ray Audio” Kath tells me. “That’s over the span of the past eight to 10 years.” For a format that’s been on the decline, that’s an incredibly encouraging number.

Kath then mentions the ERA (Entertainment Retailer’s Association) report from December 2025, which reveals sales revenue for Music, Video and Gaming sales. “Although there was an overall decrease in the physical video format, Blu-ray actually increased by 3%”. While that may not sound like a lot, it’s a positive after some particularly bad numbers.

If you read more into the 2025 ERA report, 4K Blu-ray sales increased 19.5%, which is an extremely encouraging number. The strongest selling disc of the year was Wicked, a disc I regularly use for testing AV equipment and one of the main highlights of our Blu-ray Bounty feature (more on that later).

So, why have 4K Blu-ray sales turned around? For that answer, we’ll have to look to streaming services.

You can't rely on streaming

One of the most frustrating things people have with streaming services is the availability of movies. At one time or another, most people will have experienced a movie leaving a streaming service, only for it to either go to a rival service (that typically you won’t subscribe to) or for it just to disappear.

I’ve even seen horror stories of people buying movies on a streaming service that then also disappear. A Reddit thread in the r/AmazonPrime subreddit is a great example of this, where user u/Electrical_Paper6286 has had it happen “4 times between 2 movies”. Although the movies eventually returned, it’s a sign of how tentative the ‘ownership’ of movies on streaming platforms can be.

It’s one of the key issues affecting people’s trust in streaming services and something that’s driving people to physical media. Kath relates it to vinyl. “We know that vinyl is never ever going to replace streaming, but it exists very happily alongside it. I think that Blu-ray is the same, it offers different things that streaming doesn't. It's very much something that you can have and hold and you can keep and you can play over and over again.”

Kath also points out another issue with online-based movie and music streaming. “[With physical] you're not at the whim of your internet connection speed, or whether or not certain libraries drop certain titles, licence changes”.

This is another frustration. Numerous times I’ve gone to watch a movie on streaming and due to connection issues , it’s either streamed in reduced quality, buffered or just not streamed at all. This isn’t a problem with physical media.

A passionate fanbase

As I mentioned above, I’m a budding collector of 4K Blu-ray. While I don’t have fully stacked shelves (yet), I do have a collector’s edition or two and more than a few steelbooks.

In FilmStories’ article about the ERA 2025 report, they mention that steelbooks and special editions helped the growth in 4K Blu-ray in the UK, with every one in 10 4K Blu-rays released having some sort of steelbook or special edition, and due to their higher prices, they made up £2 of every £10 spent on 4K Blu-ray in 2025.

I tell Kath I’m a sucker for nice packaging and she agrees and she relates it to a recent vinyl release that Key Production Group handled. “We find people are doing this. We did a vinyl release recently with 72 variants and even though the packaging was the same, the color of the vinyl was different.”

(I’m also a sucker for colored vinyl, with a rust-effect Jack White/Dead Weather release from a Third Man Records Vault collection being a particular highlight in my stack.)

While special editions are great, it’s also the work of independent distributors and manufacturers, delivering more excellent 4K restorations than ever, that gets more people to invest in 4K Blu-ray.

The Criterion Collection and Arrow Video are two of the big names, but other organizations such as Kino Lorber, Shout Factory, Boutique Home Video and the BFI are crucial. These companies are producing more sought-after titles and giving them excellent restorations that mean people want to own them in the best possible quality.

In November 2024, I started the Blu-ray Bounty. This is an ongoing monthly column where I test the latest 4K Blu-rays from each month — and since its debut, the column has been growing.

We’re covering more discs than ever, covering a wider range of genres, and I have a feeling it’s only going to get bigger. I’ve produced tons of lists of excellent 4K titles that are perfect for showing off home theater systems, such as this 6 action movies list and 6 classic movies that show what 4K can do. and a good chunk of my reference discs for AV testing came from the Blu-ray Bounty.

I’m also an active user of the r/4kbluray subreddit and this is again one of the most passionate subreddits I’ve come across. Users update each other on releases, give their thoughts and reviews on the latest titles and always showing off their collections in the best possible way.

While it may well have been doom-and-gloom for 4K and Blu-ray in the last couple of years, I for one am hopeful for its future. What better way to celebrate Blu-ray’s 20th anniversary than with some good news.

Thinking of buying a new TV?

Try our TV size and model finder! You tell it how far you sit from your TV, we'll tell you what size to buy based on viewing angle advice from image quality experts, and we'll recommend our three top TVs at that size for different prices.

SpaceX CEO Elon Musk has been a central figure in the rise of robotics in the last decade, both as a builder of robotics, as well as a user of robotics, with the company he leads. Despite progress across the field of robotics in recent years, there are aspects of implementation that haven't always been so smooth.

The age of automation

When his past company Tesla was incorporating more automation and elements of robotics into its production of the Tesla Model 3 in 2018, the company ran into various issues.

Elon Musk summarized the issue while issuing comments during a shareholder meeting in June that year, suggesting the approach to automation wasn't conducive to actually increasing productivity.

Specifically, the robots installed struggled with automating final assembly tasks (such as placing flexible trim pieces and hoses) – with Musk also later tweeting that the company made a mistake in implementing "excessive automation".

The lesson was that automating anything and everything within scope was a mistake because there were certain tasks that humans are, and continue to be, strong in. Qualities that robots have, and continue to, lack may include dexterity and cognitive reasoning.

The future of robotics

Tesla's push into robotics has continued at pace since then, with the company's Tesla Optimus soon to enter mass production with a targeted $25,000 retail price.

But whether the technology has advanced enough to make a mark remains to be seen. These qualities include advanced AI, as well as cognitive reasoning and contextual understanding necessary to understand and operate within the physical world.

We've seen plenty of examples of humanoid robots that look the real deal – but still cannot engage in tasks that require a high level of dexterity and understanding to perform well in real-world scenarios.

• Illinois is set to ban smart glasses being used while driving
• The bill makes no distinction between glasses with and without displays
• Many online fear that it gives cops too much power to pull drivers over

Illinois is poised to be the first US state to ban smart glasses — of any kind — while you’re driving. Importantly, the bill makes no distinction between smart specs with a display and those without.

Once Governor JB Pritzker approves the bill, people caught flouting the rules could face fines of $75 (or $150 for repeat offenses) and the possibility of misdemeanor or felony charges if involved in a serious crash while wearing smart glasses.

Other states, such as New York, have proposed bills limiting smart glasses use while driving, but so far none have progressed as far as Illinois’ has — though that could soon change if states decide to take Illinois’ lead.

The hope is that this proposal will make roads safer by reducing distractions for drivers.

While there’s possibly some advantage of drivers having, say, navigation on a HUD in front of them to find their destination — which is something Amazon is hoping to offer its delivery drivers with its own smart glasses — attempting to text chat or watch a video on your glasses while driving is a terrible idea.

So, to discourage this kind of dangerous driving, it’s perhaps safer to just ban smart glasses and avoid any possibility of temptation.

Safer, but for who?

While many can agree that having a display distracting you while you drive isn’t ideal, some are questioning why non-display glasses — which are completely hands-free and boast zero visual distractions — are included in the ban.

Some have therefore wondered if there’s an ulterior motive to Illinois’ smart glasses approach, or if it’s at least not very well thought out.

Over on Reddit one user pointed out that the law “Gives cops license to pull over anyone and claim ‘oh, i thought those were smart glasses’” which could be abused by bad actors to write invalid tickets — with the user linking to a viral example of a cop using Florida’s existing driver laws to pull over a woman for texting while driving using a phone in her right hand, and doubling down even when the woman shows she doesn’t have a right hand.

Meanwhile, a commenter replying to Gizmodo’s coverage of this story said the rules have “Nothing to do with driver safety. Everything to do with law enforcement not wanting to be recorded,” as it’s much easier to record police with your smart glasses than holding up a phone.

On the flip side, Illinois does have precedent for banning audio distractions; headphones, earbuds, or other headsets that play audio into both ears are illegal under the state’s vehicle code. One-ear headsets are generally allowed, and there are exemptions for some professions and audio devices that improve hearing, like hearing aids.

Because audio can be a major distraction while driving — you might not hear sirens if you have active noise cancellation turned on, for example — even in places where it isn’t expressly against the law, it is advised against, and can work against you if you’re caught in an accident while immersed in your music.

Smart glasses don’t fully immerse you because they have open-ear audio, but their audio notifications and music playing into both of your ears could cause a distraction.

Additionally, because the tech is evolving so quickly, creating nuanced carve-outs today might lead to legal disputes or confusion down the line, especially as lawmakers aren’t known for being particularly tech-savvy. There’s a simplicity to just banning smart glasses outright while driving.

Of course, these rules are just for one state, assuming they get signed into law at all, but smart glasses regulation seems to be on the agenda for a growing number of local and national governments in an attempt to curb bad actors.

So don’t be surprised if similar rules start being proposed in your local area, and be sure to follow any new smart glasses rules that are introduced if you like using a pair.

In the modern workplace, the line between personal convenience and professional obligation hasn’t just blurred, it has effectively vanished.

At the center of this shift is WhatsApp.

What began as a tool for social connection has evolved into the primary catalyst for a shadow communication era, where enterprise messaging is often conducted in the palm of a hand, often entirely out of sight of the organization.

Once viewed primarily as a consumer messaging platform dominant outside the United States, WhatsApp has increasingly become embedded in global business workflows as the go to enterprise messaging platform.

Cross-border client relationships, hybrid work environments, and international collaboration have accelerated adoption among U.S.-based professionals, particularly in industries such as legal services, finance, healthcare, and consulting. For example, monthly active WhatsApp users on iOS in the U.S. have increased 39% since 2020.

Unfortunately, the platform’s ease of use and worldwide adoption have led it to become a ticking time bomb for organizations across all sectors. We are no longer dealing with a minor IT headache, we are facing a multi-billion-dollar legal and operational liability.

The Regulatory Great Awakening

In the last two years, global regulators have signaled a permanent shift in how they view corporate communication. The era of firms looking the other way while employees use consumer apps for speed, is over.

Regulators are no longer treating off-channel messaging as isolated employee misconduct. Increasingly, enforcement actions point to systemic governance failures where organizations lacked the controls, oversight, and technology needed to manage modern communication behavior.

The Paradox of Privacy vs. Compliance

The very features that make WhatsApp a boon for personal privacy make it a blind spot for corporate oversight. This creates a fundamental breakdown in three key areas:

Record-Keeping Failures: The “Delete for Everyone” feature is loathed when it comes to regulatory requirements. If a message can be scrubbed from existence at the whim of a user, the firm has failed its duty to maintain an immutable audit trail.

The Encryption Trap: End-to-end encryption is essential for protecting communications from external threats. However, when organizations rely on consumer-grade encrypted apps without enterprise oversight, they may lose the ability to retain records, supervise business communications, or respond effectively to audits and litigation.

The Global Compliance Gap: Utilizing consumer apps often leads to a jurisdictional nightmare. Data flows across borders without the safeguards required by GDPR, while U.S. organizations face growing exposure under HIPAA, SEC and FINRA recordkeeping obligations, and state privacy frameworks such as CCPA and CPRA. The challenge is no longer isolated to financial services or healthcare—it now spans any organization where sensitive customer, legal, or operational conversations occur on unmanaged channels.

Data exposure

We’ve already seen what happens when encrypted messaging apps claim to be secure and then fall victim to breaches, resulting in private and sensitive communications being exposed online. This not only exposes a company financially but puts their brand and reputation at stake.

Law firms are facing a particularly difficult balancing act. The legal sector’s growing embrace of mobile-first communication is reshaping client expectations. Recent industry analysis found that 89% of Am Law 200 firms now deploy mobile applications for client communication or matter management, increasing pressure on firms to balance convenience with governance and discovery obligations.

Clients increasingly expect the speed and convenience of mobile messaging, while firms remain responsible for preserving communications, protecting privileged information, and meeting discovery obligations. This tension is pushing many firms to reevaluate whether consumer messaging apps can coexist with enterprise-grade governance requirements.

Mitigating Off-Channel Risks: A Practical Roadmap

Ignoring the WhatsApp phenomenon is no longer a viable strategy. Organizations must proactively transition from shadow messaging to secure, governed ecosystems. To avoid regulatory or security exposure, leadership should consider the following steps:

1. Conduct a Reality Audit: Acknowledge that your employees are likely already using these tools. Survey your teams to understand why—is it the interface, the speed, or the client’s preference?

2. Define the “Off-Channel” Policy: It is no longer enough to have a broad policy. Firms must explicitly define what constitutes business communication and mandate that these conversations occur only on approved, captured platforms.

3. Research Enterprise-Grade Alternatives: The goal isn't to take away the convenience of mobile messaging, but to provide a compliant version of it. This means implementing solutions that offer WhatsApp messaging experiences for the user while ensuring data is captured, archived, and owned by the enterprise.

4. Analyze Security and Compliance: Before fully adopting a solution, ensure it meets your business needs. Is it compliant with the necessary regulatory bodies? Is archived communication securely transferred and retained? Checking these boxes could make or break your organization’s success.

5. Prioritize Data Sovereignty: Ensure that your communication ecosystem allows you to separate personal and professional data on a single device, protecting employee privacy while maintaining corporate control over business records.

6. Vet Communications Partners Carefully: Organizations should evaluate whether a communications provider can support multiple channels and devices, integrate with existing compliance and archiving systems, provide immutable audit trails, and support regional data residency requirements. Flexibility and interoperability are becoming increasingly critical in globally distributed workplaces.

The Path Forward

The WhatsApp time bomb detonates when an organization waits for a regulator to knock before addressing its communication gaps. In an era where a single deleted message can lead to an eight-figure fine, the transition to secure, compliant communication is no longer an IT project, it is a core pillar of corporate survival.

Organizations that thrive in this new landscape will be those that embrace transparency and governance, turning their communication ecosystems from a liability into a strategic asset.

We feature the best privacy tools and anonymous browsers.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

A US cyber breach now costs $10.22 million on average, but the figure itself is only part of the warning. What matters more is what it reveals about the way organizations are managing risk.

For too long, cyber risk has been treated as a technical problem to be solved by technical teams, but that position is becoming harder to defend. The companies hit hardest by cyber incidents are those without the visibility, governance and accountability to respond when pressure hits.

According to IBM’s latest research, the average cost of a data breach in the US is the highest of any region globally. At the same time, FBI data continues to point to hundreds of thousands of cybercrime complaints each year, with losses measured in the tens of billions.

A growing proportion of businesses are also now formally disclosing incidents, with one 2025 survey suggesting that 76% reported a breach or potential breach to authorities.

The direction of travel is very clear – cyber incidents are becoming more expensive, more visible and harder to contain. Leadership teams need to ask whether they can prove they have control before an incident forces that conversation.

The cost is driven by more than the attack itself

The financial impact of a breach is shaped by how long the organization remains exposed and how confidently it can demonstrate that the right controls were in place.

On average, it takes 241 days to identify and contain a breach – this extended lifecycle creates a prolonged period of uncertainty where operational disruption, regulatory obligations, customer impact and reputational damage begin to compound.

This is where the difference between security activity and business governance becomes clear. Two companies can experience similar attacks, but very different outcomes.

One may detect the breach internally, escalate quickly and respond in a controlled way, while another may only become aware when an attacker, customer, partner or regulator forces the issue into the open.

That gap comes down to whether risks were understood in advance and if the business had a defensible framework for responding under pressure.

Exposure is not random

Cybercrime exposure varies significantly between organizations, states and sectors, but it is rarely random. Industries such as healthcare, financial services and technology continue to carry higher risk because of the volume and sensitivity of the data they manage.

IBM’s research shows that healthcare breaches remain among the most expensive, with extended recovery times and higher regulatory scrutiny.

However, some of the more complex risks are emerging beyond the obvious high-value targets. Supply chain compromise is now one of the costliest attack vectors because a single weakness in a third-party system can create consequences across multiple businesses.

In an increasingly connected commercial environment, exposure often sits outside the four walls of the company itself.

Phishing also remains one of the most persistent routes in and attacks are becoming more targeted, more convincing and harder to detect at scale, particularly where there is limited visibility across people, processes and third-party access points.

When you bring these factors together, exposure starts to look like a reflection of how an organization is built, governed and controlled.

AI is widening the governance gap

AI is now changing both sides of the cyber risk equation. For attackers, it is making familiar methods more effective. Around 16% of breaches now involve the use of AI, most commonly to enhance phishing and social engineering attacks, lowering the barrier to make these more convincing and personalized.

For businesses, the risk is just as much internal. AI tools are being adopted quickly, often by teams looking to improve productivity or accelerate decision-making. The problem is that adoption is frequently moving faster than oversight.

The report highlights that 63% of companies still lack formal governance policies for AI, and where AI-related breaches do occur, the vast majority involve systems without proper access controls.

There is a familiar pattern here. As with cloud adoption a decade ago, enterprises are moving quickly to capture the benefits of a new technology, while the controls needed to manage its risks are still catching up. The result is a widening gap between those experimenting with AI and those that can evidence how it is used.

Governance is becoming the dividing line

The businesses that manage breaches most effectively tend to have done the work before the incident happens. They understand where their risks sit, know who owns them, and have defined processes for escalation and recovery. Just as importantly, they can evidence that structure when customers, regulators or insurers ask difficult questions.

That’s why recognized frameworks such as ISO 27001 are becoming more important, forcing companies to take a systematic approach to risk, governance and accountability. They also create a baseline that can be reviewed and tested over time.

This distinction matters both operationally and commercially. Around 86% of affected organizations report operational disruption following a breach and, in many cases, that disruption directly affects revenue, service delivery and customer trust.

For the businesses that can evidence good practice, strong governance frameworks are opening doors, particularly in regulated sectors and complex supply chains. For those that cannot, this creates more friction and risks lost opportunities.

Compliance is now part of business resilience

There is still a tendency in some companies to treat compliance as an administrative exercise, but that view is becoming swiftly outdated. Today, compliance is becoming a way for businesses to prove they manage risk consistently. It brings structure to decision-making, accountability to ownership and evidence to claims of good practice.

This is especially important as cyber risk becomes more visible to investors, customers and regulators. A business may have strong technical controls, but if it cannot demonstrate how those controls are governed, reviewed and maintained, it will struggle to build trust when scrutiny increases.

The ability to evidence control is becoming almost as important as the control itself.

A more realistic view of cyber risk

Geography plays a role in cybercrime exposure, but it’s not the root cause. Differences in governance, investment, leadership focus and operational discipline all shape how businesses experience and manage cyber risk.

That means exposure can be reduced, but only when leadership teams understand where risk actually sits and what is needed to manage it. The mistake is assuming that cyber resilience can be achieved through technology alone. Technology is essential, but it doesn’t define ownership, test processes, align teams or prove accountability – governance does that.

For leadership teams, the starting point is knowing where risk exists, how it could materialize and what the potential business impact would be. From there, the challenge is putting the frameworks in place, along with the ownership and oversight that allows them to operate with clarity under pressure.

Businesses that navigate incidents well have prepared for the moment before it arrives. That preparation shows up in faster decisions, clearer responsibilities and a more controlled recovery.

The scale of cybercrime in the US will continue to grow, but the difference in impact will still come down to how well the organization was governed before it needed to prove it.

We've featured the best endpoint protection software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

It is a concerning truth that the planet we live on is becoming more dangerous.

According to data from the International Disaster Database, the number of reported natural disaster events has steadily risen in the last 40 years, driven by factors such as climate change and more extreme weather.

This is supported by the World Meteorological Organisation (WMO), which found that the period from 2015-2025 was the hottest 11-year period on record, fueling heavy rainfall and tropical cyclones.

Natural disasters are undoubtedly becoming much more prevalent, which presents a constant and unavoidable risk for businesses, homes and critical infrastructure in both rural and urban areas.

During crises like these, it is crucial that connectivity is recovered and sustained across networks to ensure rapid and effective emergency response, while enabling pre-emptive safeguards to be implemented in the event of future catastrophes.

Without this, there is a danger of citizens not receiving the vital life-saving information and resources they require.

The importance of Communications Service Provider (CSP) networks

In the aftermath of a natural disaster, Communications Service Provider (CSP) networks serve as the crucial connective tissue that underpins restoration efforts. Without reliable connectivity, the systems that support critical infrastructure cannot function effectively.

For instance, power grid operators rely on real-time telemetry from thousands of distributed IoT sensors, transformers, substations, and relay switches to identify failures, reroute power, and restore supply across affected areas.

Similarly, emergency medical teams depend on end-to-end connectivity to support telemedicine consultations, transmit patient data from field sites to hospitals, and coordinate ambulance dispatch across disrupted terrain. Even the logistics of disaster relief, such as routing aid convoys, coordinating shelter capacity, and tracking resource deployment, depend on continuous, low-latency network availability.

In each of these scenarios, the CSP network is not merely a supporting player; it is the foundation upon which every other recovery system stands.

Rescue for the rescuers

Emergency response teams encounter substantial challenges during natural disasters, particularly when established network connectivity is disrupted. Every phase of their operation, from search and rescue missions to transmitting critical patient data between emergency sites and hospitals, relies on seamless communication and coordination.

Without these crucial capabilities, the speed and effectiveness of their efforts are severely compromised. Time lost could mean lives lost. CSPs and their resilient, high-availability network infrastructure provide teams with the lifeline they need to make every second count.

Importantly, in the aftermath of a natural disaster, this connectivity ensures families are quick to receive news about their loved ones. It also enables organizations to assess damage and recovery costs, helping both themselves and their customers get back on track as quickly as possible.

Hurdles and roadblocks: connectivity challenges between rural and urban areas

A multifaceted approach is key to overcoming connectivity challenges. This means employing a range of communication technologies including mobile and satellite solutions; devising disaster response plans using observability tools to generate real-time insights; and utilizing robust and redundant infrastructure, as well as resilient power systems. These necessities are universal. However, there are several factors for CSPs to consider that are exclusive to rural and urban areas.

For the latter, restricted priority access for emergency teams is a challenge that becomes apparent when disasters create extreme congestion around the emergency site. First responders need open and constant access to the scene to administer treatment and coordinate rescue or transportation, which is made significantly more challenging in densely populated areas. Nevertheless, urban environments do benefit from faster restoration efforts because of their robust infrastructure.

On the other hand, rural areas – spread out over greater distances due to their sparse populations – do not have the quality of infrastructure necessary to respond to catastrophic events as swiftly. Amid a natural disaster, access to reliable communication channels is vital in both rural and urban areas, as it can provide both consistent access to information for emergency teams, as well as life-saving resources for communities that are ill-equipped to deal with these disasters.

The foundations of network availability: AI integration and real-time observability

In the chaos and confusion of natural disasters, the flow of communication and information is critical. It is often the difference between a successful or unsuccessful emergency response. So, what can service providers do to guarantee emergency teams continuous network availability during these testing times?

Clear and constant visibility of the entire digital landscape – underpinned by real-time, high-fidelity data – is the essential requirement. Analyzing real-time communications and performance between services and infrastructure, and transforming that data into actionable intelligence, regardless of the geographical location of the data, allows for extensive monitoring of network resiliency and redundancy.

By building a deep and comprehensive understanding of the network’s behavior and performance, CSPs can derive predictive, service-level insights and put measures in place to ensure networks can withstand the extreme conditions of a natural disaster.

Achieving this observability requires embedding intelligent curation and analytics directly into the network data pipeline. Ensuring that service providers work from precise, context-rich intelligence rather than attempting to reason across a flood of unrefined data.

From here, advanced network monitoring and analytics tools can continuously interpret performance while identifying anomalies before they escalate into larger issues. Preventive maintenance initiatives, guided by these insights, can also be employed to regularly inspect, update and replace ageing or faulty hardware, mitigating the risk of outages during a crisis.

Some CSPs are utilizing artificial intelligence (AI)-powered tools to enable predictive maintenance, analysing curated, contextually enriched network data to pre-empt potential failures. The quality of that underlying data is decisive: AI models trained on raw, unfiltered data feeds are prone to false positives, missed anomalies, and unreliable predictions, undermining the very resilience they are intended to support.

It is only when network data has been curated, enriched with operational context, and structured for AI consumption that predictive analytics can be trusted to guide real decisions.

Finally, preparation is vital to counteract the erratic and chaotic nature of natural disasters. Gaining complete end-to-end observability offers service providers real-time, service-level insights into the causes of congestion and service degradation.

When combined with user feedback, organizations can use these insights to develop effective disaster response and business continuity plans.

Securing the front lines

Natural disasters across the world have elevated the role of CSPs, particularly in disaster recovery and resilience planning. Their ability to restore the network and fortify it against failure has significant real-world consequences.

In times of emergency, CSPs must adopt a predictive approach to address different challenges specific to both rural and urban areas. Network observability, underpinned by curated, high-fidelity data and the integration of AI, provides decisive advantages in maintaining network availability and accelerating recovery.

Regions should therefore treat connectivity and the intelligent data infrastructure that sustains it as a prerequisite for effective emergency response, investing in the curation and analytical capabilities that allow service providers to act with precision when it matters most.

We reviewed and ranked the best cloud backup.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Retailers are currently obsessed with the wrong side of the screen.

The industry is watching a race between Google, Shopify, and Amazon to build the next great interface, the AI agent that can search, recommend, and eventually execute a transaction without a human ever clicking a “buy” button.

But while the market focuses on how these agents will talk to customers, a much more dangerous gap is opening up behind the scenes.

The hard truth is that most retail organizations are structurally incapable of being operated by a machine. We are moving from AI that suggests to AI that acts, from conversational shopping to delegated execution.

In this transition, if a business has not mapped its decision ownership, internal data flows, and operational accountability, an agent will not reduce complexity. It will simply scale confusion at a speed the business cannot handle.

From suggestions to delegated execution

Most people still treat AI agents as smarter chatbots, or as a conversational layer designed for product discovery.

This is a fundamental misunderstanding of the technology’s trajectory.

An agent is software with permissions to take action. Platforms like Shopify are already leaning into this reality, having recently released integrations that move beyond discovery to allow for direct agent-led checkouts.

Realistically, we are ready to delegate low-risk, high-volume tasks that are easily reversible, such as product data enrichment or internal data preparation. We are not yet ready to delegate high-stakes commercial decisions, and the same can be said about legal contract approvals or final pricing strategies.

The risk profile changes entirely when you move from an AI that tells a customer which shirt to buy to an AI that is authorized to spend that customer’s money.

Preparing the surface vs. the operating system

Retailers are spending millions to ensure their product catalogs are machine-readable so they show up in agent-led searches. However, a machine-readable catalog is not the same as a machine-operatable business.

There is a gap between hype and reality. On the one hand, Gartner recently predicted that 60% of brands will use agentic AI by 2028. On the other, according to Deloitte, only 11% of organizations have actually deployed agents with success. This highlights a massive disconnect between interest and actual infrastructure readiness.

In this regard, the biggest operational gaps exist in the “boring” middle layers, such as real-time inventory accuracy across twenty different markets, pricing consistency between channels, and warehouse logistics.

Currently, these answers live in a fragmented mess of ERPs, spreadsheets, and employees’ knowledge. When an agent asks, “Is this item actually in stock?” it needs a definite answer. And if your internal systems are in conflict, the agent cannot function.

You cannot run an agent on fragmented data. Instead, you need a dynamic “digital twin” of your day-to-day operations in the form of a single, living data layer that reflects the true state of your business in real time. In a nutshell, you cannot build a working complex system until you have a working simple system.

The decision architecture bottleneck

The real bottleneck in retail today is decision architecture. An AI agent cannot improve a process the business itself does not understand.

In my experience, very few companies can actually map how a decision is made across teams. They still rely on “Slack-based” or “Email-based” approvals that leave no digital trace for a machine to follow.

Before automating, a company must map who owns a decision, what data is trusted for that decision, and what the thresholds for human escalation are. This mapping, combined with your operational data, forms the context layer, the digital twin that the agent uses to ground its judgment.

The warning sign that you are automating confusion is when your teams spend four days a week cleaning data and only one day making decisions. If a human cannot explain the logic, it is impossible for an agent to execute it.

When automation scales complexity

There is a pervasive myth that adding AI will automatically streamline a business. In reality, automation often makes systems more complex. When agents act quickly across weak or fragmented data, errors scale faster than a human team could ever manage.

This is why Gartner predicts that 40% of agentic AI projects will be canceled by 2027 due to a lack of clear business value or the absence of these essential risk controls.

For instance, if your inventory systems disagree, a human might catch the discrepancy during a manual check. An agent, operating on a “junior employee” level of judgment, will simply place the wrong order or promise a delivery that likely won’t be fulfilled.

Certain areas, such as sensitive brand topics, high-margin pricing strategy, and complex customer compensation, should never be fully automated. These require human critical thinking and accountability, which machines lack.

The new meaning of trust

Trust, today, goes beyond a customer’s perception of the brand. It encompasses the technical and operational trust between the customer, the agent, and the merchant.

We are already seeing this friction play out in the courts. A recent 2026 legal battle between Amazon and Perplexity over shopping agents browsing on a human’s behalf has forced a debate on whether agents should be treated as transparent digital identities or human replicas.

Retailers are bracing for this by updating their fundamental terms of service. Target, for example, recently updated its terms in collaboration with Google to address third-party agent behavior and consumer liability.

To maintain control, retailers must treat agents like employees on a payroll. They need their own digital identities and clear permission scopes, as well as rigorous audit trails.

How to keep control? By defining exactly what an agent can read, buy, and change, and by ensuring every action is traceable and reversible by a human.

The five levels of readiness

In this landscape, the companies that thrive will be those whose operations are clean enough for agents to act safely. This requires five forms of readiness:

• Data readiness: One reliable operational truth across all systems
• Decision readiness: Clear ownership of what is automated and what is escalated
• Process readiness: Redesigning workflows for an agent-first world, instead of patching old ones
• Governance readiness: Full audit trails and transparent human accountability
• Commercial readiness: A deep understanding of how agents improve margins

Here’s an example. If a retailer had 90 days to prepare, they should start by picking one high-volume, narrow workflow where the ROI is obvious. Build a “digital twin slice” of just that process by tracing the inputs, the approvals, and the outcomes. Prove it works in a small, measurable way before expanding.

The most uncomfortable question executives must ask is this. If we disappeared tomorrow, is our data foundation and decision-making process documented well enough into a clear digital twin that a machine could replicate it, or does our business context only exist in our employees’ heads?

If the answer is the latter, I’m afraid to say no amount of AI investment will save you.

However, for those willing to do the hard work of operational cleanup today, the coming agentic era offers the first genuine opportunity to scale the best part of their business without scaling the chaos.

We've featured the best AI tool.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Trust is a major issue hampering the adoption of AI technology, and at the core of this is the problem of ‘black box’ AI.

As enterprises race to implement AI projects, many have bought-in pre-trained black box models, which provide answers, but no explanations.

Many of the better-known AI tools are considered black boxes - we cannot see inside, they perform tasks well, but we’re not necessarily sure how.

40% of organizations called out explainability as a blocker preventing trust in AI, according to McKinsey. To truly derive value from AI technology in the enterprise we need something different from the existing approach many have taken. We need solutions that offer greater transparency in how they work and how they arrive at the answers they deliver.

If CIOs, developers and end users can work together, we can arrive at AI that is transparent, adaptable and aligned with real needs. Just as we expect academic researchers to ‘show their workings’ by citing their sources, we should expect the same of AI systems.

New technologies and methods already exist to enable this accountability, and regulations help mandate transparency and accountability. Businesses need to engage proactively with this: an AI system is in many ways like an employee.

We ‘hire’ it to do a job, and, like an employee, we need to understand what it does in order to measure and monitor its performance.

The cracks in the first wave

When ChatGPT changed the world forever back in November 2022, the barrier to entry of training capable models meant enterprises mostly relied on pre-trained, proprietary options from large technology companies to move quickly.

Many have continued this strategy, even though these models are not trained on a business’ data, often failing to meet the specific needs of that organisation, and offer little transparency about what is going on ‘under the bonnet’.

In conversations with IT decision-makers, we hear genuine issues raised around AI compliance, ethics and competitiveness. Potential toxic biases and discrimination can have real world impact for people interacting with and depending on the output of AI-powered tools. Ultimately, these risks slow down adoption and limit potential use cases and applications.

For enterprises, this is a key risk around AI, and a barrier towards building trust. The same McKinsey survey found just 17% of respondents said they were currently working to mitigate issues around explainability, despite acknowledging it as a problem.

The report also said that systems which offer more explainability will be a key enabler as AI moves beyond early use case deployments to scaled adoption across the enterprise. Even though regulation has made forward steps, risk management still needs to come from businesses taking a lead in tackling this issue themselves.

The shift toward openness and customization

As businesses begin to step back and take a longer view on AI adoption, it is becoming clear that transparency and governance are just as important as speed. For years, adopting AI meant relying on opaque, one-size-fits-all models where you had little visibility into how decisions were made and even less ability to tailor them to your business.

These "black box" systems forced organizations to accept generic outputs, release their proprietary data to third-party providers, and hope the results were accurate and unbiased. This can be a significant blocker for many highly-regulated industries and use cases.

That approach is rapidly giving way to a new paradigm: open, customizable models that give businesses full control over how AI is built, fine-tuned, and deployed using their own data, on their own terms.

By opting for a data and AI platform that brings compute to the data, enterprises can ensure that AI works within governed parameters and you have model choice and control. Your data never has to leave your account, so you maintain governance, privacy, and compliance throughout.

The result is AI that actually understands your business context, delivers more relevant answers, and evolves as your needs change. This puts the strategic advantage of AI firmly in your hands, not a vendor's.

Building AI that people trust

As AI moves from experimentation to real business decisions, trust becomes the defining challenge. Agents – AI systems that can reason, take actions, and work across tools on your behalf – represent an enormous leap in productivity, but only if people trust them enough to rely on them.

That trust doesn't come from marketing promises; it comes from being able to see exactly what an agent did, why it did it, and what data it used to get there - while using a human in the loop for key decisions. Observability and transparency aren't just technical nice-to-haves, they are the foundation that determines whether your organisation will actually adopt AI or keep it sidelined as a pilot project.

Explainable and observable AI are key parts of our Responsible AI principles at Snowflake, and it needs to be a governing principle for any organisation that hopes to reap the benefits of AI. Compliance, legal, and business teams need to be able to verify AI behavior just as rigorously as any other business process, turning AI from a black box into something your entire organisation can confidently stand behind.

Taking an integrated approach involving CIOs, developers and data platforms, companies can work to build AI that people find easy to trust, and which also delivers for the enterprise in a way that pre-built, opaque AI cannot.

Opening the box

In the rush to capture the benefits of AI, many enterprises have discovered that black box systems, however powerful, introduce risks that outweigh their initial convenience. Lasting value will only emerge when businesses can understand, interrogate and confidently govern the technology they deploy.

The path forward lies in transparent, explainable AI that is observable, accountable and aligned to an organization's own data and needs.

By embracing openness, integrating human oversight and adopting platforms that prioritize responsible, well-governed AI development, enterprises can finally unlock AI’s potential at scale.

This is not just a technical preference but a strategic imperative, as transparency will determine long-term trust, regulatory readiness and competitive advantage.

Organizations that invest now in explainability and observability will be best positioned to build AI systems that deliver dependable value long after the first wave of black box hype fades.

We list the best Robotic Process Automation (RPA) software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Cyber is no longer a supporting capability within defense operations. It now plays a central role in how military organizations assess threats, coordinate activity and make operational decisions.

Across NATO and allied forces, cyber intelligence is becoming embedded throughout the operational chain, from situational awareness and force protection through to targeting and strategic planning.

At the same time, the threat landscape is becoming more aggressive and interconnected. State-aligned cyber actors are operating with greater coordination, while the boundary between cyber and conventional military activity continues to erode.

The conflict in Ukraine has demonstrated how tightly digital and physical operations are now linked. Cyber intelligence is increasingly fused with conventional sources to support real-time operational decision-making on the ground.

In this environment, delays caused by reformatting, translation or inconsistent intelligence structures are no longer minor inefficiencies. They create operational friction at the point where speed, clarity and shared understanding are most critical.

This shift is unfolding alongside a renewed emphasis on collective defense. Coalition operations are intensifying, interoperability is under greater scrutiny, and the ability to exchange intelligence rapidly across trusted partners has become mission-critical.

As a result, intelligence platforms are no longer simply background technology. They now form part of the operational backbone supporting defense decision-making. Yet many of the systems still in use today were designed for commercial security environments, not doctrine-led military operations.

When cyber intelligence and doctrine diverge

Most cyber threat intelligence platforms in use today originate from the commercial sector. They were built to support enterprise security teams, where priorities center on speed, automation and scale.

Defense operates differently because military intelligence is governed by doctrine. Frameworks such as NATO’s AJP-2, UK MOD JDP 2-00 and the US JP 2-0 define how intelligence supports operational and strategic decision-making. They establish shared terminology, structured processes and standardized reporting formats that allow forces to operate cohesively across commands and nations.

Crucially, doctrine is not simply theoretical guidance. It provides a common framework for direction, collection, processing and dissemination across the intelligence cycle, ensuring intelligence can move consistently from analyst to commander in support of operational decisions. When cyber intelligence does not align with these frameworks, friction emerges at the point where speed matters most.

In many defense environments, analysts are already operating under significant pressure, managing high volumes of data from multiple sources. When intelligence must be translated, restructured and reformatted before it can be operationally relevant, that burden increases at exactly the moment clarity and speed are most critical.

The consequences extend beyond delay. Misalignment can lead to duplicated analyst effort, inconsistent terminology across organizations, loss of contextual understanding and difficulty fusing cyber intelligence with HUMINT, SIGINT and GEOINT into a coherent operational picture.

In coalition environments, where multiple organizations must work from a shared understanding, these inconsistencies can reduce confidence in intelligence at the point where it is needed to support planning and command decision-making.

This is no longer simply a question of efficiency. As cyber intelligence becomes more tightly integrated with operational planning, delays and inconsistencies at this stage can have direct mission impact.

Defense can no longer trade interoperability for sovereignty

The challenge is compounded by two parallel pressures shaping defense across the UK, Europe and allied nations.

The first is data sovereignty. Governments are placing greater emphasis on where intelligence is stored, how it is controlled and who can access it. Systems must align with national requirements for security and governance, particularly when dealing with sensitive or classified information.

The second is interoperability. Defense operations remain inherently coalition-based. Intelligence must be shared across trusted partners quickly, and in a format that can be immediately understood and acted upon.

Balancing these priorities is not straightforward. Commercially oriented platforms were not designed with this dual requirement in mind. Retrofitting them to meet both sovereign control and coalition interoperability introduces complexity.

It creates workarounds that place additional burden on analysts and planners, while increasing the risk of inconsistency across organizations.

Over time, this approach becomes increasingly difficult to sustain in operational environments.

Defense operations require intelligence by design

Defense organizations are reaching a more fundamental question than how to adapt commercial cyber intelligence platforms. They are beginning to ask whether those platforms were ever designed for the operational realities of modern defense in the first place.

An alternative approach is now required. Intelligence systems must be built around military doctrine from the get go, supporting the structures, processes and standards that govern operational decision-making, rather than sitting adjacent to them.

This requires shared terminology, structured reporting and recognized intelligence frameworks to be embedded into the core architecture of the platform. Cyber intelligence must integrate seamlessly with disciplines such as HUMINT, SIGINT and GEOINT, contributing to a unified operational picture rather than existing in isolation.

It also requires interoperability and sovereignty to be balanced by design. Intelligence must move efficiently across coalition partners while remaining aligned with national requirements for security, governance and control.

When these foundations are in place, the operational benefits become clear. Intelligence can move from analysis to decision-making with greater speed and consistency. Collaboration improves across commands and coalition partners. Analysts spend less time translating or restructuring outputs and more time generating operational insight.

As cyber intelligence becomes increasingly central to defense operations, the systems supporting it must evolve accordingly. Platforms designed for commercial security environments are no longer enough. Defense requires intelligence systems built for operational reality from the ground up.

We've featured the best encryption software.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Demand for AI and cloud services is driving a new wave of data center investment across Australia, but growing scrutiny around power, water and infrastructure planning is changing how these facilities are developed.

Governments are increasingly positioning digital infrastructure as part of broader economic and AI strategies. In Victoria, the state government recently launched a Sustainable Data Centre Action Plan tied to a reported $25 billion digital infrastructure pipeline, including plans to map future developments against energy and water availability.

At the same time, the NSW Government has moved 15 data center projects through its Investment Delivery Authority as demand for AI and cloud infrastructure accelerates. Tens of billions of dollars of capital have already been committed to future data center projects in Australia, with national capacity projected to more than triple by 2035 as operators continue expanding AI and cloud infrastructure.

As hyperscale developments move through the pipeline, governments are increasingly focused on the pressure growing demand could place on electricity networks, water resources and planning systems.

The new rules shaping data center growth

Australia’s data center sector is entering a new phase of regulatory oversight. The Federal Government’s recently announced national interest framework for data centers and AI infrastructure provides a compass for future regulation, as governments attempt to keep national interests in energy, water and infrastructure at the forefront of the sector.

The framework sets out five key areas developers are expected to address as part of project approvals. These include aligning projects with Australia’s strategic and economic interests, supporting the energy transition, managing water sustainably, investing in local skills and strengthening Australia’s own digital capability.

The framework prioritizes national interests in energy, water and infrastructure as part of data center approvals, particularly as governments respond to the growing resource demands. It also reinforces the focus on sovereign capability to ensure Australia’s own digital capability can be independently controlled from within Australia, avoiding reliance on or influence from other countries.

Energy, water and infrastructure constraints

Access to reliable power is becoming one of the defining challenges in data center development, with many developers exploring alternative power sources and renewable energy to keep projects on track. AI usage is expected to increase power requirements for data centers by 150 to 200 per cent.

The federal framework makes clear that developers are expected to reduce pressure on the electricity grid by underwriting renewable energy, financing grid connections and participating in demand-flexibility programs that shift grid usage depending on network availability.

Water usage is also becoming a more prominent consideration as governments respond to the cooling demands associated with hyperscale facilities and AI infrastructure. The framework states that operators must adopt efficient technologies and practices that promote sustainable water management.

Beyond energy and water, developers are facing broader construction and delivery constraints. Rising construction costs, constrained power access, labor shortages and long lead times for specialized equipment are all affecting how quickly facilities can be delivered.

Land availability and planning regulation are growing areas of concern for developers. Regulatory bodies can take considerable time to issue approvals, while opposition to some data center developments is further slowing construction activity.

Why modular construction is gaining momentum

These pressures are contributing to increased interest in modular construction methods. Rather than relying entirely on conventional on-site construction, modular data centers use prefabricated modules containing structural, electrical, plumbing and cooling systems that are manufactured off-site before installation.

Designing, building and testing modules in controlled environments can reduce delays caused by severe weather conditions, labor shortages and other factors that typically affect conventional on-site construction. Modular construction can provide greater cost predictability and faster project delivery.

Modular construction also allows developers to scale projects incrementally as demand grows. Developers can begin with a base configuration and expand capacity with additional modules, particularly where standardized power and cooling mechanisms can be more easily controlled in prefabricated environments.

The increasing use of modular construction is influencing broader energy strategies around data center development. Off-site construction can support earlier commissioning and improve alignment between renewable energy provision and construction milestones where renewable power sources are available.

While modular construction can improve delivery speed and cost predictability, it does not remove the underlying infrastructure constraints affecting the sector. Developers still need access to sufficient power, land and network capacity, while planning approvals and sustainability requirements are becoming increasingly significant factors in project delivery.

States are taking a more active role

As hyperscale developments and AI infrastructure continue to expand, governments are placing greater focus on the pressure growing demand may place on energy and water resources.

The NSW Government recently announced that 15 data center projects will progress through the NSW Investment Delivery Authority at a time when about half of Australia’s planned data center capacity is clustered in Sydney.

Data center developments now account for approximately 12 per cent of all non-residential building investment in the state. However, around $40 billion worth of projects were not endorsed because they were considered too speculative or lacked sufficient preparedness.

Victoria’s Sustainable Data Centre Action Plan points to a similar policy direction, with Melbourne expected to host around 25 per cent of Australia’s planned data center capacity. State governments are increasingly moving beyond passive infrastructure approvals toward more active coordination of energy, water, planning and workforce settings for AI infrastructure development.

With critical infrastructure projects already moving through the planning process, governments are facing increasing pressure to ensure energy, water and broader state interests remain protected as the sector continues to grow.

As AI and cloud demand continue to accelerate, governments are paying closer attention to how data centers are planned, powered and integrated into existing infrastructure systems.

The next phase of Australia’s data center expansion is likely to depend not only on how quickly projects can be delivered, but on how effectively energy, water and planning systems can support that growth.

We've featured the best AI tool.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Microsoft recently warned that attackers are impersonating IT help desks on Teams to gain access – and if that sounds bad, well, it’s just the opening move.

The attack begins when an employee gets a message from an external user claiming to be part of the company’s third-party IT support. A common-enough setup, and the kind of thing you might expect in a normal working day.

Perhaps the employee is expecting a similar message for an outstanding ticket – and so they engage with the user and, when prompted, grant remote access.

Once attackers have that foothold, they can progress to execute a full tenant lockdown using only Microsoft's own legitimate features, without ever deploying traditional ransomware. It won’t look like malware, and that means traditional defense systems won't catch it.

A real-time chat in a sanctioned collaboration tool, with a plausible IT support pretext is hard for busy employees to spot. For hackers, it’s a simple way to gain access to privileged and confidential data.

All they need is a few user-approved clicks and they have gained access to Quick Assist, registry persistence, lateral movement across the victim's environment and eventual data exfiltration over HTTPS. All without triggering suspicion.

Data theft is just the opening move. Once attackers have privileged access through this kind of social engineering, the same foothold opens the door to full tenant ransom scenarios. Attackers can encrypt OneDrive and SharePoint content at scale, locking legitimate administrators out of the tenant by hijacking Global Admin accounts and conditional access policies.

They can hijack native M365 features like sensitivity labels to render data inaccessible.

Hoist by your own petard

IT decision makers may believe they're covered against this kind of theft or lockout because they have ransomware protection in place, but the reality is that many are more exposed than they know.

This attack class is effectively invisible to standard endpoint protection software, because the encryption that locks companies out of their critical data is performed by Microsoft's own features, not malicious code.

Hang on, you might say – in that case, isn’t this an easy fix? Don’t I just log in myself and un-encrypt the data? Sadly, the solution is anything but straightforward. Recovery from a full tenant takeover can take weeks and often requires direct Microsoft intervention.

During that period of time, critical business activities are likely to be disrupted or even halted completely, leading to potentially major financial and reputational losses.

Overall, the Microsoft Teams help desk impersonation attack works because it weaponizes the trust organizations put in systems like Microsoft 365. That level of often-blind trust puts organizations at risk, because native M365 controls were built for administration, not for resilience against real-time social engineering.

Building 360 protection for 365

Clearly, the risk posed by this kind of social engineering attack is significant. It highlights the fact that Microsoft 365 has become critical infrastructure that demands a dedicated operational control plane, not just admin tooling. Businesses cannot simply plug, play, and walk away, hoping the system will protect itself. They need to have a deep level of insight into what’s going on across their tenant, who has access, and whether anything unusual or suspicious is taking place.

As a result, visibility into privileged role assignments, configuration drift, and admin activity in real time is no longer optional. It's the difference between a contained incident and a business-stopping event.

Organizations need an operating layer that provides that continuous visibility across thousands of configuration attributes and follows a least-privilege administration protocol. Spotting configuration drift, privilege changes, and anomalous activity is only possible when you know what 'normal' looks like, and that requires years of telemetry across complex, real-world tenants.

This approach can help build in tenant resilience within the Microsoft 365 environment, reducing the damage that a single human slip can cause, and ringfencing malicious access quickly after a breach.

Another key consideration is the introduction of next-gen technology to improve defensive intelligence, speed, and granularity. An AI-enabled operating layer can surface anomalous configuration drift and privilege changes the moment they happen, not days later in a log review.

By drawing on proprietary tenant context - permissions, role assignments, configuration history, and behavioral baselines built from millions of real-world events - AI can surface malicious activity that generic tooling would miss entirely.

In cases like these, a rapid response is crucial. The quicker controllers are alerted to the danger, and the quicker entry is revoked for the suspicious user, the lower the chance of either a data breach or a lockout.

At root, the Teams attack exploits the oldest cybersecurity risk in the book: human error. No organization's staff are error-proof, which means additional defensive help is required to preserve the integrity of critical M365 tenants.

In reality, the addition of a powerful, intelligent control layer is the only way businesses can prevent a single approved remote session from escalating into domain-wide compromise.

We feature the best Active Directory documentation tools.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Co-founded by Reed Hastings in 1997, Netflix started life as a rental DVD service in the mold of Blockbuster. But, 20 years later, the company dramatically pivoted to being an online streaming service, fully embracing the internet era.

Changing with the times

Five years after launching Netflix's streaming platform, Hastings was speaking with Forbes on the business' pivot and its role in the emerging internet landscape.

This shift, according to reports, was decades in the making, with Hastings plotting it since Netflix's inception, with the DVD rental business a means to grow the customer base.

His comments highlight the belief that our society is entering a new age defined by the internet and the shift of many businesses from bricks and mortar to an online ecosystem. The comments also frame the new "age" of humanity as transcending the reliance on a particular material – instead basing progress on the shift to the internet.

The new age

This notion is hardly original – plenty of figures in the tech industry have suggested we are graduating to a new age of humanity defined by an idea or material.

For example, physicist Michio Kaku identified several ages in the last few hundred years, including the Steam Age, Age of Electricity, and the Silicon Age that began in the late 20th century and lasted until just recently.

And now? With the constraints of Moore's Law imposing physical limits on computation, he suggested a new age of humanity could belong to quantum – with the embryonic technology of quantum computing allowing us to transcend conventional power constraints. Others, meanwhile, attribute a new age of humanity to AI.

As technology advances, the significance of customer loyalty has also surged in the BFSI sector.

Loyalty provides market stability and resilience during downturns, while emotionally engaged customers become brand advocates who reel in new clients at lower acquisition costs.

Retention is key - studies show that increasing retention by just 5% can boost profits by over 25%.

Intelligence-in-Motion doesn’t replace Agentic AI; it amplifies and supports it by ensuring data flows, decisions, and actions occur in synchronization across people, processes, and technology.

It creates a shift from isolated automation to a connected intelligence economy, where financial institutions operate with agility, precision, and resilience. Its real world of use cases range from real-time loan processing and adaptive fraud detection to regulatory compliance automation.

How Intelligence-in-Motion enhances Agentic AI

Intelligence-in-Motion is best defined as the seamless orchestration of multiple AI, automation, and data intelligence solutions—each acting as an individual component, working collaboratively to learn, adapt, and continuously optimize.

It creates a dynamic ecosystem where Agentic AI agents, predictive analytics, GenAI models, and traditional tools collaborate to turn isolated AI capabilities into connected, outcome-driven intelligence.

For BFSIs, this means loan approvals that adjust to risk in real time, compliance systems that self-audit, fraud detection that anticipates emerging threats before they materialize, and increased customer loyalty. Put simply, it enables human-AI collaboration by elevating human capabilities.

By enabling transparent orchestration between humans and AI systems, BFSIs can achieve a balance between automation and empathy, efficiency and ethics. Employees become “AI conductors”, guiding the system’s output toward responsible and customer-first outcomes.

Creating loyalty value for BFSIs

Enhancing customer loyalty in the BFSI sector delivers substantial strategic and financial value. Loyal customers not only cost less to serve but also drive higher revenues and improve employee engagement.

As loyalty grows, employees generate more revenue through cross-selling and longer relationships, leading to greater lifetime value and diversified income streams.

Moreover, loyalty provides market stability and resilience during downturns, while emotionally engaged customers become advocates who help attract new clients at lower acquisition costs.

With customer acquisition expenses rising across financial services, retention becomes a powerful efficiency driver. In embracing technology and AI organizations can optimize operations and deliver highly personalized experiences that keep customers returning.

Greater operational efficiencies generated

Beyond enhancing customer loyalty, Agentic AI, powered by Intelligence-in-Motion, creates greater operational efficiencies. By acting as the connective tissue that links Agentic AI with existing enterprise ecosystems, it enables data orchestration across departments.

This works to ensure the integrity and traceability of every AI-driven decision. This level of accountability enables operational efficiencies that can positively impact bottom-line revenue.

Example use cases include:

Real-time loan processing: Intelligent orchestration reduces application turnaround from days to hours, while preserving human oversight at key decision points.

Adaptive fraud detection: Cross-agent collaboration enables systems to share business intelligence, detect anomalies faster, and respond instantly, reducing false positives and losses.

Regulatory compliance automation: Multi-agent systems automatically align policies with the latest standards, continuously updating audit trails and documentation.

Customer experience enhancement: AI-driven assistants coordinate personalized product recommendations, financial planning insights, and support interactions—all within one intelligent framework.

By integrating Agentic AI with Intelligence-in-Motion, BFSIs achieve fluid coordination between data, models, and human operators—an essential step toward AI maturity and regulatory trust.

Key considerations to ensure trust in AI

To sustain this orchestration layer, key IT infrastructure elements must be built for Intelligence-in-Motion to ensure trust in AI. BFSIs must invest in resilient digital foundations which should include:

1/ AI-optimized infrastructure consists of various tech provisions including GPUs, AI-specific silicon, and in-memory data processing to support large-scale Agentic AI operations. These must be in place to meet AI’s requirements.

2/ A unified data strategy, which means breaking down data silos and using frameworks such as Retrieval-Augmented Generation (RAG). This can transform unstructured data, such as videos and photo files in the insurance industry, into usable intelligence which is vital for enterprises whose data is growing exponentially.

3/ Secure and ethical AI governance which is essential for protecting an organization's data and people. Transparency, bias mitigation, explainability, and continuous monitoring each play critical roles in ensuring safe outcomes.

With these three key elements in place, Intelligence-in-Motion becomes a trust engine—ensuring that each AI action remains auditable, explainable, and aligned with organizational values.

Defining the BFSI industry through AI

Intelligence-in-Motion may be the next rational step in the Agentic AI journey to ensure that evolution happens safely, coherently, and with purpose. Together, they lead the shift from isolated automation to a connected intelligence economy, where financial institutions operate with agility, precision, and resilience.

There are already numerous applications across industries that demonstrate how Agentic AI is reshaping businesses to be smarter, faster, and more resilient. Intelligence in Motion works to enhance Agentic AI’s capabilities, to drive customer engagement, and improve operational efficiencies.

For organizations in the financial services industry, Intelligence-in-Motion is a strategic decision to advance AI’s potential for the business. Those who invest in orchestrating their AI capabilities with intelligence today will set new industry standards and stay ahead in the fast-changing future of finance.

We feature the best data visualization tools.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit