Tech
tech · the day's top 10 · june 11th
storyflo · tech
Jun 11, 2026 · 41 min listen
Listen · storyflo · tech
tech · the day's top 10 · june 11th
0:00-40:52
Live · Kokoro-82M
While hyperscalers and neo-cloud providers may get the lion’s share of attention for providing AI infrastructure, many enterprises are taking a build-it-themselves approach to meet their specific AI requirements. The success of such projects is crucial to achieving business objectives, yet companies face significant challenges as they try to scale pilots to production.
Organizations must keep up with the dynamic, ever-changing demands that AI applications place on compute and network infrastructure, from the data center to the edge. That means architecting systems to grow as demand warrants and to avoid performance bottlenecks. The architecture must also account for AI-driven security vulnerabilities and ensure appropriate defenses are in place.
Yes, it’s a tall order. But here, in simplified form, is a three-step plan for meeting those objectives.
Integrating all the required components in piecemeal fashion for an AI factory is complex, costly, and fraught with integration risk. Start with a modular design, based on proven NVIDIA reference architectures . A modular approach combines pre-validated accelerated computing hardware, AI software, and orchestration platforms, as well as networking and storage capabilities.
A modular strategy speeds implementation and creates a faster time to value for your AI infrastructure. Using modules that combine compute, networking, and storage makes it easier to scale capacity as needed, whether in the data center or at edge facilities.
In addition, the modular approach simplifies the job of addressing varying requirements, from inferencing engines at the edge to massive-scale model training in the data center, while staying within the same solution family.
The same applies to easing integration processes, as modular platforms offer pre-validated software. The Cisco Secure AI Factory with NVIDIA approach, for example, includes hardware ( Cisco AI PODS ) that is pre-validated to work with NVIDIA AI Enterprise software; Cisco Security and Splunk Observability software; orchestration platforms such as Ubuntu, Red Hat OpenShift, and Rancher by SUSE; as well as storage systems including VAST Data, Everpure (formerly Pure Storage), Hitachi Vantara, Nutanix, and NetApp.
Companies can also choose to manage the hardware and software with the cloud-based Cisco Intersight platform, which provides monitoring and management for physical and virtual infrastructure from the data center to the edge.
Embedding security throughout your AI infrastructure is critical to ensure continuous monitoring, threat detection, and response. However, this step can introduce tremendous complexity, especially given the bevy of cyber threats that AI introduces. Addressing them means implementing security solutions to cover all components of your AI infrastructure, including AI models, agents, applications, workloads, and the underlying infrastructure.
With agentic AI, which essentially empowers agents with decision-making capabilities, you need to secure agents as if they were employees. That means zero-trust policies should apply, including precise, context-aware controls to enforce least-privilege access for AI agents. If an agent is behaving suspiciously, it should be quarantined and investigated.
A critical benefit of Cisco’s modular approach is having all required security software built in. It simplifies integration and deployment while ensuring all security bases are covered.
Even if you follow steps one and two, you may still need assistance in determining your best deployment options.
Working alongside a vendor with a strong partner program and expert guidance can be a great asset. Value-added resellers (VARs) add value through expertise gained from numerous customer deployments and close relationships with their partners. Many also carry relevant certifications, such as the new Cisco AI Infrastructure Specialist Certification , which demonstrates credibility.
Vendors and VARs also offer professional services and NVIDIA enterprise support . The upfront costs are well worth it in the long run to minimize technical deployment and financial risks, lower your overall AI cost per token, and realize faster time-to-value from AI investments.
Learn how the Cisco Secure AI Factory with NVIDIA can help ensure a sound foundation for your enterprise AI projects.
OpenAI is in advanced talks to lease a proposed 10‑gigawatt data center campus in southern Ohio, a deal that could include financial backing from Nvidia. The project, estimated to cost at least $500 billion given current chip, power and construction prices, would place OpenAI in control of the computing equipment under a 20‑year lease, with payments beginning once the site becomes operational. The first phase is slated for 2028, and Nvidia is expected to supply the hardware while guaranteeing both OpenAI’s lease obligations and the developer’s financing.
The structure illustrates a growing trend in AI infrastructure where model developers, chip manufacturers and energy providers forge long‑term partnerships to secure compute capacity amid soaring demand. Analysts say such symbiotic arrangements are becoming the norm, and that enterprises need to negotiate contracts that preserve flexibility and avoid reliance on a single vendor’s ecosystem.
The proposed financing builds on a partnership announced last year in which Nvidia committed to invest up to $100 billion as each gigawatt of its systems comes online, with the initial phase using its Vera Rubin platform. By guaranteeing the lease and financing, Nvidia would act as both hardware supplier and financial backstop, turning the relationship into a sponsor‑tenant model rather than a simple vendor‑customer link.
The campus aligns with a Department of Energy initiative to redevelop the former Portsmouth Gaseous Diffusion Plant near Piketon, Ohio. SoftBank‑owned SB Energy plans to build 10 GW
Residential proxy services route internet traffic through consumer devices to make connections appear to originate from real home IP addresses. Security researchers have tracked their use by threat actors for credential stuffing, ad fraud, and denial-of-service operations. What has been less understood is how widely those services have already penetrated enterprise networks, often without IT or security teams knowing.
As it turns out, the risks posed by residential proxies to enterprise networks are widespread. Infoblox analyzed billions of DNS resolutions across its Threat Defense Cloud customer base and revealed just how a big a problem it is. Key findings from the research include:
Monthly query volume to those domains grew roughly 25% between January 2025 and April 2026, reaching over 500 billion queries per month.
Residential proxy traffic appeared in every industry vertical examined, with at least 40% of customers in each sector affected.
Over 90% of pharmaceutical and food and beverage customers showed such traffic; more than 60% of government and banking customers did as well.
Brightdata, the most prevalent service observed, appeared in over 50% of cloud customer networks.
Grass, a cryptocurrency-paying proxy service, appeared in roughly 30% of customer networks.
A 265% single-day spike in affected customer networks querying IPIDEA domains occurred around the time Google disrupted that service in January 2026.
“We’ve got over approximately 65% of our cloud customers making connections to residential proxy services, which is kind of crazy,” Renée Burton , vice president of threat intelligence at Infoblox, told Network World . “We’re a company that’s got enterprises, governments, banks, car companies, police departments, and 65% making those connections is a very high number.”
A residential proxy routes internet traffic through consumer devices, including home routers, mobile phones, IoT devices, and applications with embedded proxy software. Unlike commercial VPNs or anonymization tools like Tor, which signal to destination sites that a connection is masked, residential proxies make traffic appear to originate from a specific real consumer device. The destination has no indication the connection is not what it appears to be.
The entry point into enterprise networks is the device itself. Employees connecting personal phones or laptops to corporate Wi-Fi bring any proxy software already running on those devices onto the network. Corporate devices can carry proxy SDKs embedded in consumer applications installed by the user. IoT devices deployed in corporate environments, including media streaming boxes or digital picture frames, may arrive with proxy software pre-installed or receive it through a firmware update.
Cisco is in the years-long process of shifting from a hardware-centric business focused on switches and routers toward a broader software and services strategy, aiming to position itself as a central player in cloud, security, and AI-driven networking.
Cisco remains a dominant hardware vendor but has spent recent years investing heavily in software to build recurring revenue streams, said Jack Gold, president of J.Gold Associates . In fact in its Q3 earnings call in May, Cisco said that 49% of total quarterly revenue now comes from subscriptions to software, security and contract support rather than one-time purchases.
“What they are trying to do is get to a place where rather than just sell you a server or network switch and I’m done, is make themselves into basically a cloud service provider,” said Gold.
At the core of Cisco’s strategy is its growing focus on security and network visibility . With its equipment embedded across enterprise, telecom, and service provider networks, Cisco has a unique vantage point into data traffic . Gold noted that this visibility allows the company to expand into advanced security offerings, particularly as artificial intelligence introduces new challenges.
One emerging opportunity is identity management for AI agents . While identity tools for human users have been around for decades, managing identities for potentially millions of AI agents represents a largely untapped market. “This is a greenfield environment,” Gold said, adding that many organizations are still uncertain how to approach the issue.
In May Cisco announced plans to acquire Astrix Security for an undisclosed amount to bolster its AI agent security portfolio. Astrix is known for its security platform that specializes in identifying, managing and securing AI agents and non-human identities, such as machine-to-machine connections.
Cisco is also working to unify its existing portfolio into integrated platforms, which Gold says is its greatest challeng e. “ They still have a lot of ‘components’ that are not fully integrated at their customer sites. That’s why they are trying to build an overarching cloud management console. But it might be problematic for many customers who still have individual components they’ve had in place for years to fully get the overall integration in place, especially if they also have other vendor’s networking products in place ,” he said.
Cisco did just this month roll out an overarching management scheme called Cloud Control that promises a single management plane spanning networking, security, compute, observability, and collaboration.
Competition remains strong. Rivals like Hewlett Packard Enterprise and Palo Alto Networks are pursuing similar platformization strategies , while cloud providers including Amazon Web Services, Microsoft, and Google offer security and identity solutions tied to their own infrastructures. However, Cisco’s strength lies in its extensive installed base and partnerships across enterprises, hyperscalers, and semiconductor firms, Gold said.
The window between vulnerability discovery and active exploitation has been shrinking for years, and frontier AI models have accelerated that compression. To address that shift, F5 this week announced an expansion of its web application and API protection (WAAP) capabilities for its Application Delivery and Security Platform. The new features span three areas:
AI-powered web application firewall (WAF): Conducts enhanced behavioral detection in F5 Distributed Cloud Services, using a neural network model to score every request in real time rather than relying on signature matching.
API Security Local Edition: Delivers on-premises API discovery, visibility and security for air-gapped and regulated environments with no cloud dependency.
Virtual patching: Enhanced capability combines BIG-IP Advanced WAF and F5 Distributed Cloud Web App Scanning to apply runtime protection at the application delivery layer while remediation proceeds.
The AI-powered WAF is currently delivered through Distributed Cloud. F5 said it is in active engineering work to bring the same capability to BIG-IP, Nginx Plus, and Nginx Open Source for customers running on-premises or in restricted network environments.
“If the attacker is a machine and can devise new attack sequences in seconds, then your response to that cannot be signature-based. It has to be based around the behaviors that you detect and analyze,” Joel Moses , vice president of strategic engineering at F5, told Network World .
The AI-powered WAF in F5 Distributed Cloud combines the company’s existing WAF with a neural network model for behavioral characterization.
Rather than comparing traffic against a library of known attack signatures, the system assigns a numerical risk score to every request based on multiple signals. That score gives security teams specific, actionable context rather than a binary block-or-allow decision.
The concept of not relying on signatures has been a mainstay of security best practices for well over a decade, with vendors often promoting the use of heuristics-based technology. Moses said the F5 approach differs from earlier heuristics-based detection in both scale and capability. Earlier heuristics operated with a much smaller sampling window. The neural network model processes traffic across larger sampling windows and follows more paths through distance anomaly detection, making it more effective against attack patterns that have no existing signature.
The model is custom-built within F5’s AI center of excellence, not a fine-tuned version of a commercial foundation model. “It’s our own property developed inside of our AI center of excellence, and it is custom tuned for the purpose that it’s delivering,” Moses said.
Too many enterprises remain ignorant of the European Union’s 2024 Cyber Resilience Act, the first elements of which enter force on June 11, according to a new survey.
Two-thirds of respondents to the survey by Open Source Security Foundation said they were unfamiliar with the CRA, which aims to make hardware and software sold in the EU more secure.
As well as the CRA’s demands on vendors, it also has implications for users of open-source software , hence the Foundation’s interest in the topic. Among other measures, the CRA creates the role of open-source steward within the enterprise, with responsibility for ensuring that a security policy is in place for any software being used within the organization.
The first part of the CRA to enter force, on June 11, concerns the designation of conformity assessment bodies by member states. Then, from September 11, manufacturers will be required to begin reporting vulnerabilities in their products to the relevant authorities. The remaining obligations under the Act, which include substantial financial penalties, will apply from December 11, 2027.
The impending sanctions seem not to have concerned businesses: 56 percent of respondents to the OpenSSF survey were unaware that non-compliance fines could reach €15 million or 2.5 percent of global annual turnover.
The lack of knowledge about the implications of the Act surprised OpenSSF CTO Christoph e r Robinson . “We’ve been speaking on this topic for some time and we’re scratching our heads on why more companies are not aware of the implications of the Act,” he said.
He surmised that some companies don’t think EU regulations on hardware and software security apply to them — but such concerns will soon be a global matter. “Other countries, like Japan, are considering similar laws,” he said.
One area of misunderstanding could be that the CRA applies to vendors, and their customers may think that the requirements under the Act didn’t apply to them. He said that this was a misguided approach, particularly when the CRA’s application to open-source software is taken into account.
“There are about 700 million projects in Git Hub. If you work for an organization like a bank, you have little idea which of those projects are being used,” he said.
Under the Act, software companies will have to supply a software bill of materials (SBOM) that has been passed as secure, he said.
Companies that supply US federal government organizations already face this requirement, he said: “If you’re selling to the US government — which is the largest customer on the planet – you should be providing an SBOM.”
Cybersecurity consultant Hans Study said that by addressing the supply chain issue, the CRA is a step in the right direction. “Almost every application has dependencies, whether that is free and open-source software, commercial packages, or some mix of both. The problem has always been responsibility, and the blame game that comes with it. What the CRA does is make it harder for companies to dodge that responsibility when they are building, selling, or placing products with digital elements on the market,” he said.
Artificial intelligence doesn’t exist in a vacuum. It runs on infrastructure that is increasingly constrained, contested and, in many cases, outside a company’s control.
That reality is starting to surface in subtle ways. Vendors are adjusting access to AI capabilities, introducing tiered usage models and quietly reshaping what customers can expect from their tools. Microsoft, for example, has already shifted features and access within its Copilot ecosystem, signaling that capacity is not unlimited.
This isn’t new. In the early days of the internet, service providers could throttle access based on demand or pricing tiers until regulation stepped in to standardize availability. AI is beginning to follow a similar trajectory but with a more complex set of constraints: power availability, data center capacity, geopolitical risk and vendor concentration.
What makes this different is how quickly AI is being embedded into core business workflows. Nearly three-quarters of organizations are already using AI to automate processes across multiple business functions. Yet most have done little to account for the business interruption risk that creates. Many enterprises treat AI as always-available infrastructure. In reality, it is capacity-constrained, vendor-dependent and vulnerable to disruption.
The next phase of AI maturity isn’t about adoption. It will be about resilience, continuity and dependency management.
The question is no longer whether work can get done without AI. It is whether businesses can operate at the speed and volume they have already committed to without it.
Many organizations have redesigned workflows around AI-enabled efficiency. Tasks that once took hours now take minutes. Teams have been streamlined, and service-level commitments have been tightened. In many cases, entire operating models assume continuous AI availability.
In practice, it doesn’t hold. Even short disruptions can expose the gap. During a recent Microsoft services outage, some organizations lost access to AI models embedded in their workflows. Employees had to manually process tasks that had been automated — slowing operations and creating backlogs almost immediately.
At a small scale, that’s manageable. At the enterprise scale, it becomes a continuity risk. Planning for AI disruption starts with a mindset shift. Most continuity planning assumes degradation: systems slow down but still function. However, AI introduces scenarios where capabilities are unavailable altogether.
When building out a business continuity plan, three things are key:
Know what breaks. Most organizations don’t have a clear inventory of where AI is embedded across their workflows, including dependencies on specific vendors, models and infrastructure. Without that visibility, it’s difficult to understand failure points or build a mitigation plan around them.
As a veteran of IT leadership, and just over two years into his current role as VietBank CIO, NghiaTran has rebuilt a strategic engine by not trying to out-spend the competition but by investing in AI-driven customer intelligence, like behavioral analytics and CRM integration. And since sensitive banking data can’t leave the building, flagship AI innovations, like their smart office tracking system (SOTs) and intelligent management system (IMS), were built entirely in-house using open-source components including a self-hosted LLM, rather than tools procured from enterprise vendors.
Delivered in just a few months on a lean budget, says Tran, SOTs cut document approval cycles by 35%, earned VietBank a CIO ASEAN Innovation Award in 2025, and drew an invitation from the Vietnamese government to present at last year’s National Digital Governance Conference.
From conceiving and building AI initiatives in-house to urgently deploying AI instead of waiting for perfect data, Tran has a vision of how to progress that makes the most sense to the business. “If we keep waiting for perfect data, we fall behind our competitors,” he says. The means by which to measure success, he adds, is through culture, in that even when hardware costs are skyrocketing as AI chip demand surges globally and business units feel the strain, giving people autonomy and room to grow make their work and place worth sticking around for.
What Tran is building at VietBank with a lean team, a clear plan, and an insistence for action, is a reminder that clarity and execution matter more than immediate and impatient scaling.
“My professional focus is on building a resilient technology foundation, advancing cyber maturity, and aligning with the complex IT ecosystem with business strategy and regulatory expectation,” he says. “My role is to ensure technology isn’t only innovative, but also secure, scalable, and directly tied to business value.”
Tran also details cybersecurity as the sector’s most underappreciated risk, keeping pace with neobanks, and adapting to change. Watch the full video below for more insights, and be sure to subscribe to the monthly Center Stage newsletter by clicking here .
On AI enabling diversification: I deployed agentic AI for the bank, which helps to automate and optimize critical processes such as document processing, approvals, and reporting to leadership with reduced manual operation, increased transparency, and greater data security within the internal environment.
Our IT targets value across efficiency, control, security, and scalability, and that’s my role. My target for IT support for the business is to improve information retrial, and write the quality and consistency of internal reporting and decision support. And from that, I and my team try to develop the technology that’s enables the business to function, and to help them to maximize their efforts.
Last year, an engineer working for a messaging app posted a question on TeamBlind, the anonymous forum for verified tech workers: Did every company restrict ChatGPT, Claude, and Gemini — or was it just his?
When the company he worked for banned these tools, it offered an internal alternative built on ChatGPT, but the engineer didn’t like it because it slowed him down. “It was kinda useless,” he said.
The TeamBlind thread quickly filled with responses from techies at other organizations who joined him in his frustration that company-approved AI tools were heavily restricted or stripped of many useful features.
A week later, the same engineer returned to the forum with a workaround. Using a WebAssembly-based LLM engine, he managed to run a coding model entirely inside his browser, with conversations stored locally and no outbound network traffic for his employer to detect. “Happy coding,” he wrote on the forum. “DM me for features.”
Often, the employees who best understand the capabilities of gen AI are also the most likely to bend or break organizational rules governing its use. Engineers and, perhaps counterintuitively, other workers who have undergone mandatory AI training often see official guardrails less as strict boundaries and more as hurdles to overcome in the name of speed. A recent LexisNexis report found that 74% of AI-trained employees use unauthorized AI tools , versus only 17% of untrained employees.
“The issue is the gap between employee capability and enterprise-ready tooling,” says Dani McCormick, VP of product at Nexis Solutions. “Those with greater awareness of AI tools are more likely to experiment and incorporate them into their workflows.”
Training appears to remove some of the hesitation employees may initially feel toward gen AI, which can act as a barrier to adoption. “The takeaway isn’t that training creates risk, but that it surfaces demand faster than many organizations are prepared to meet,” McCormick adds.
Given all these, CIOs need to walk a fine line between encouraging AI adoption and controlling how these tools are used. That’s a difficult task that requires a rethink. As employees grow more comfortable with gen AI, traditional approaches, including blanket bans, may no longer work and can even prove counterproductive.
A more productive approach would be to capitalize on shadow AI’s silver lining. Using restricted AI tools can also be a sign that employees see value and are trying to move faster, says Seth Cohen, CIO at P&G. “The opportunity is to bring that learning into a system that’s right for the company and can scale,” he says.
But figuring out how to create that system can be a challenge for many CIOs under pressure to encourage experimentation while also protecting sensitive data and maintaining control over an increasingly fragmented AI landscape.
Movers & Shakers is where you can keep up with new CIO appointments and gain valuable insight into the job market and CIO hiring trends. As every company becomes a technology company, CEOs and corporate boards are seeking multi-dimensional CIOs and IT leaders with superior skills in technology, communications, business strategy, and digital innovation. The role is more challenging than ever before — but even more exciting and rewarding! If you have CIO job news to share, please email me!
Citigroup is a global financial services company based in NYC that provides a broad range of financial products and services. Saluzzo joins from Google, where he most recently served as VP of core developer engineering and product management. Earlier in his career, Saluzzo held several senior tech leadership positions at American Express and tech infrastructure leadership roles at Goldman Sachs. He holds a BA from SUNY Geneseo.
Arch Insurance North America, part of Arch Capital Group Ltd., includes Arch’s insurance operations in the US and Canada. They provide a wide range of property, casualty, and specialty insurance for corporations, professional firms, and financial institutions. Jalozie joined as VP, IT application development, and served as interim CIO since May 2025. He held a variety of IT and leadership positions prior to joining Arch.
Diebold Nixdorf automates, digitizes and transforms the way people bank and shop. Its integrated solutions connect digital and physical channels for millions of consumers every day. Most recently, Singh served as CIO at automotive technology supplier Visteon Corp., where he led enterprise AI programs, cloud transformation initiatives, and cybersecurity operations. His background also includes senior tech leadership positions at Ford Motor Co., DTE Energy Co., Horizon Global Corp., and Ally Financial Inc. Singh holds a BE from North Maharashtra University and an MBA from Michigan State University.
Topgolf operates over 100 venues around the globe, powered by Toptracer technology. They offer a variety of tech-driven games, a food and drink menu, space to host large events, and a vibe focused on more play for all. Spears joins Topgolf from CEC Entertainment, where he served as CIO. Prior to CEC Entertainment, he held leadership roles at Six Flags Theme Parks, Urban Air Adventure Parks, KPMG, and EZLynx.
Crown Castle owns, operates, and leases approximately 40,000 cell towers across the US. Most recently, Lennon served as CIO and digital officer at Net Power, where he developed and led a digital strategy for a new phase of growth. He’s also held CIO roles at Archrock, Jardine Lloyd Thompson, Maersk Oil, and UniversalPegasus International. Lennon began his career with the Royal Air Force in the UK.
BDO USA operates as part of the BDO International network, which spans more than 160 countries and provides audit, tax, and advisory services through independently owned member firms. Maza was most recently CIO of a large insurance brokerage and risk management firm, where he led an IT organization of approximately 250 professionals. He holds a BS from DeVry University and an MS from DePaul University.
Send this story to anyone — or drop the embed into a blog post, Substack, Notion page. Every play sends rev-share back to storyflo · tech.
We’ve simplified responses to 👍 / 👎. Past comments are archived but no longer visible.
The software typically enters devices through SDKs that app developers embed to monetize free applications. Common vectors include VPN apps, streaming applications, screensavers, and productivity tools. In many cases, users are enrolled with minimal notice. Burton described one example: A user signs up for a streaming service, and buried across multiple linked terms documents is consent for the device to join a residential proxy pool. Burton said the nominal existence of consent does not resolve the problem. The real question, she said, is whether users understood what they were agreeing to.
Residential proxy traffic does not register as malicious to standard endpoint or network security tools. The traffic uses legitimate devices and legitimate network protocols. The problem is not the traffic itself but who is generating it.
Burton compared the dynamic to the open resolver problem. An open resolver is a DNS server configured to accept and respond to queries from any IP address, rather than restricting responses to authorized users, which allows outside parties to abuse its network resources. Residential proxies present the same structural problem at the device level.
“It’s very similar to the open resolver problem,” Burton said. “You had these open resolvers, which then allow[ed] someone from outside of your network to actually use your network, originally for DNS, but here they can make full connections.”
The security industry itself uses residential proxies to conduct threat intelligence work, since the traffic appears to originate from real consumer locations. That creates a practical tension Burton described directly. Security companies need residential proxy access to see what threat actors are actually doing, but the same infrastructure creates exposure when it appears inside customer networks.
Residential proxy traffic also introduces some risk to enterprise networks including:
Reputational and legal exposure . When residential proxy traffic routes through a corporate IP address and is used for denial-of-service activity, credential stuffing, or connections to malicious infrastructure, that IP address appears in the incident record.
Despite some smaller product lines, such as its UCS server business and Webex, Gold believe Cisco retains a significant advantage due to its scale and reach. “They’re the 800-pound gorilla in this space,” Gold said.
Looking ahead, Cisco’s ambition is to become more than a hardware provider . The company aims to act as a comprehensive network fabric operator—effectively overseeing and securing the flow of data and AI-driven activity across complex environments.
The model trains continuously on real-world telemetry. F5 said this allows the system to identify novel exploit patterns and stop CVE chaining at Layer 7 before formal signatures exist.
In testing by SecureIQLab, F5 WAAP and F5 AI Guardrails achieved a combined 97.09% total security score, including 100% accuracy against key risks listed in the OWASP WAF Top 10 and API Top 10, along with perfect scores for bot attack mitigation and Layer 7 DoS protection.
For customers already on the Distributed Cloud platform, enabling the AI-powered WAF produces measurable operational changes. Moses said customers who activate the feature typically reach blocking mode faster than those relying on hand-configured signature rules. He noted that F5’s false positive rate dropped from approximately 18% to approximately 1%.
The promise of the AI-powered WAF is dramatically more powerful virtual patching against emerging threats.
Virtual patching has long been part of WAF deployments, but the threat dynamics around it have shifted. Frontier AI models can find and exploit vulnerabilities faster than most organizations can move a fix through development and testing. The combination of BIG-IP Advanced WAF and F5 Distributed Cloud Web App Scanning applies a virtual patch at the application delivery layer from the moment a vulnerability is identified. The patch operates at runtime while a software fix works through development and testing cycles.
Moses positioned virtual patching as a tool for the remediation window, not a substitute for fixing the underlying code. “It’s a tool in your arsenal, and it can be a powerful one, depending on how quick or how slow, relatively, your organization operates its fixes,” Moses said.
According to Michael Callahan , VP of Cyber Strategy at Salt Security, one of the issues that could cause problems in the future is the growing use of AI in the software development process. “The Cyber Resilience Act assumes enterprises know what is in their software. That assumption breaks down when AI coding assistants are generating a significant share of code. An AI assistant has never read your organization’s security policies, your licensing obligations, or your open-source governance standards. The code it produces may contain dependencies, patterns, or vulnerabilities that your security team cannot easily trace back to a specific decision or a specific developer.”
Enterprises are quickly running out time to fix issues and many are pessimistic about their chances. According to the OpenSSF survey, only 41percent of manufacturers expect to be fully compliant by December 2027, while 39 percent do not know when they will be.
It may be that the proposed fines could concentrate minds. Robinson said that it could be like GDPR where a few heavy fines drew companies’ attention to the regulation. The upper limit on fines is per infraction, not per company, he said: “Something like that could wipe out an SME and seriously hit large corporations.” The legislation should be something that all businesses need to be aware of, but there is still a long way to go.
Plan for absence, not degradation. If an AI system goes offline, what happens next? In many cases, there is no fallback. Skills have atrophied, staffing models have changed and processes have been optimized around automation. This is where risk management needs a seat at the table, not just IT.
Reintroduce operational buffers. Resilience requires redundancy — whether that’s retaining institutional knowledge, maintaining alternative workflows or diversifying providers. These investments rarely show immediate returns, which is why they are often deferred.
This is not fundamentally different from how organizations approached cybersecurity a decade ago. What once felt optional is now baseline.
As AI becomes embedded in core operations, the financial exposure tied to its disruption is becoming harder to ignore. This exposure does not fit neatly into existing insurance frameworks.
There are parallels to the early days of cyber risk. Before stand-alone cyber policies existed, losses were often absorbed — or disputed — across general liability, crime and fraud coverage. Insurers responded by introducing exclusions and, eventually, dedicated cyber policies.
AI risk is following a similar path, but with additional complexity. Events like the CrowdStrike outage, which affected systems globally, raised questions about business interruption coverage , with organizations pursuing claims tied to financial losses. In that case, cyber coverage was a likely entry point.
AI introduces a different layer. A disruption may not be a cyber event at all. It could be tied to power grid constraints affecting data centers, vendor-driven capacity limits, regulatory restrictions or geopolitical events. The failure is external and not necessarily malicious, which raises a fundamental question: Where does the loss sit?
For most organizations today, the answer is unclear. That uncertainty is driving early conversations around stand-alone AI coverage. While those products are still evolving, the more immediate priority is understanding where exposure exists and where it may be underinsured.
The more we understand customers, the better we can serve them. And we can redeem a lot of value-added service, confidence, safety, and security with AI.
On inward-facing AI: Data accountability is a very important principle in banking, considering all the sensitive information, security files, and finance statements. So material must remain fully within the bank’s control. For me, AI is of great value so we chose to develop in-house with a native model. We could make the banking provide intelligence and trust, and a smart office system was designed so documents and the entire model stay within the bank environment, which protects confidence, avoids external token costs, and aligns with state regulations about the data profession.
This approach gives us the flexibility to innovate while maintaining full control over our data and architecture. The smart office tracking system (SOT) we deployed, after only a few months and using a small amount of budget, keeps sensitive information on-prem. Using agents, SOT can summarize and optimize documentation, while IMS is multifaceted and we have an internal assistant to look up the regulation procedure, support the operation, and mitigate data-related risk. We apply it to process management, like automation, approval process management, and asset control management, integrating a holistic ecosystem.
One of the biggest challenges organizations face with AI use is how uneven it can be across the business. While some teams have integrated AI deeply into their daily workflows, others remain hesitant or disengaged.
“That imbalance is often where unsanctioned usage is most visible, and where there’s the greatest opportunity for better alignment,” says McCormick.
One way to close that divide is through hands-on AI training programs that address both the technical and ethical dimensions of AI use. These programs should teach employees how to integrate authorized AI tools into their daily work while explaining why using those authorized platforms matters, from protecting sensitive data and ensuring compliance, to maintaining transparency and accountability across the organization.
“Training is most effective when employees can apply it in their day-to-day roles, whether that’s improving decisions, accelerating innovation, or strengthening execution,” says Cohen.
These trainings should include everyone, not just tech workers, because gen AI tools are becoming mainstream, and employees with little formal technical background are increasingly experimenting with them on their own — a trend many CIOs have noticed.
“I’d say around 30% of untrained staff are more curious and exploring capabilities,” says Art Thompson, CIO at the City of Detroit. The real focus, he adds, should be empowering people to use technology responsibly. “If not, the shadow ecosystem will grow and we’ll have less visibility than we do today,” he adds.
A strong AI training program needs to address judgment, governance, and trust all at once, while also giving employees a broader understanding of the organization, its partners, and the wider ecosystem in which their AI tools operate. Workers need to understand how their choices can affect data security, customer trust, regulatory compliance, and business relationships.
Founded in 1969, Telephone and Data Systems (TDS) provides broadband services and wireless infrastructure through its subsidiaries TDS Telecom and Array Digital Infrastructure. Most recently, Case served as EVP and CIO at WOW! Internet, Cable & Phone, where he helped drive improvements across customer experience, product development, and overall company operations. Earlier in his career, he served as managing partner and CEO of Wheelhouse Consulting Group, and COO, EVP, and chief development officer at ProNerve. Case holds BS and MS degrees from CU Boulder, and an MBA from the Kellogg School of Management at Northwestern University.
Diversified is a global company that designs and delivers AV technology solutions. Before joining, Tripathi served as CIO of C1, leading enterprise IT transformation. Before that, he was CTO and then global CIO at Ascendion where he enabled revenue growth via tech modernization and data-driven insights. He holds a BSc from Gujarat University, an MCS from Datapro Information Technology, and an MBA from the University of Cambridge.
Founded in 1995, Consumer Cellular is the first wireless provider built for Americans over 50, and is an approved wireless partner of AARP. Before joining, Alagappan served as CTO at Circles, where he helped to successfully build and scale an AI-native full-stack SaaS platform, and migrate tens of millions of customers replacing legacy telco stacks. He also worked at Dish Network as the CTO and led modernization of their tech stack. Alagappan has an MS from the University of Arkansas.