IEAの「Energy and AI」レポートにおける予測はさらに衝撃的である。AIによる計算需要が現在のペースで拡大し続ければ、2030年までにデータセンターの電力消費は現在の倍以上となる945TWh前後に達し、世界の電力需要の約3パーセント近くを占める可能性があると警鐘を鳴らしている。別の視点からの試算では、この消費規模は現在の日本一国が消費する総電力量に匹敵するとも言われており、たった一つの産業セクターが主要先進国レベルの電力を飲み込むという、前代未聞の事態が現実味を帯びているのである。また、欧州委員会も同様の危機感を抱いており、EU域内のデータセンター電力消費が2030年には2024年比で約1.6倍に達するというシナリオを提示している。その背景には、クラウドコンピューティングや動画ストリーミングの定着に加え、生成AIの学習および推論フェーズにおける膨大なワークロードが、将来の電力需要を牽引する最大のドライバーになるという明確な見通しがある。
The morning of Monday, Oct 20, 2025, I went to my healthcare provider’s portal to pay a bill. This was my experience:
Jim Wilt
Upon calling my provider to pay over the phone, they were unable to take my payment as their internal systems were also down, leaving us customers hanging with no direction on how to proceed.
My healthcare provider’s SaaS was completely functional; however, their integrated payment vendor, which is reliant on AWS infrastructure, apparently has ineffective redundancies. So, the 10/20/2025 AWS outage resulted in a most unfortunate experience for any customer or employee hoping to utilize this important capability while hindering my healthcare organization from receiving revenue.
Who is to blame? AWS? The payment vendor? Ultimately, my healthcare provider is responsible for their customers’ (and employees’) inability to interact with their services. A cloud outage is not in the same acts-of-nature class as hurricanes, earthquakes, tornadoes, etc., but we do treat them as such and that is simply wrong because these outages can be mitigated.
This is a clear and far too common industry-wide epidemic: poor adoption and execution of cloud computing resilience, resulting in unreliable critical services to both customers and employees.
As reported directly by AWS’ Summary of the Amazon DynamoDB Service Disruption in Northern Virginia (US-EAST-1) Region, a latent race condition in DynamoDB’s DNS management system led to an empty DNS record for the US-EAST regional endpoint, causing resolution failures affecting both customer and internal AWS service connections. This adversely affected the following services: Lambda, ECS, EKS, Fargate, Amazon Connect, STS, IAM Console Sign-In and Redshift.
On 10/29/2024, Microsoft 365 (m365.cloud.microsoft or portal.office.com) experienced an outage due to the rollout of an impacting code change. This affected Microsoft 365 admin center, Entra, Purview, Defender, Power Apps, Intune and add-ins & network connectivity in Outlook. This is all documented by Microsoft in Users may have experienced issues when accessing m365.cloud.microsoft or portal.office.com.
Both of these recent outages required vendors to halt automated processes and manually navigate recovery to bring affected systems back to an operational state. Let’s face it: Cloud providers are not magical and are subject to the same recovery patterns as any enterprise.
Outages are a reality of any system or platform and affect literally every organization. Hence:
Your cloud provider is a single point of failure!
Corporate infrastructure strategies vary from total dependence on provider vendors to actively taking ownership and architecting necessary redundancies for critical systems. When underlying provider outages occur, it is often a catalyst to revisit enterprise resilience strategy, even if you are not directly affected.
When examining an enterprise’s fault-tolerant architectures (which rarely even exist), it may be a good time to instead consider fault avoidance architectures. The latter kicks in when bad happens and the former actively monitors triggers to avoid bad.
This type of introspective examination is too often overlooked, as it is far easier for enterprises to fall into believing the many myths that govern their IT strategy and operations, especially when it comes to Cloud.
Unpacking the myths
Myth #1 – A single cloud provider reduces complexity
Vendors will place every kind of study and incentive in front of enterprise leadership to back the fallacy that locking into their platform is in the best interests of their company. Let’s be clear: It is always in the best interests of the vendor. This concept is then passed down from leadership to engineers who are encouraged to believe what their leadership tells them, and we get into a situation where thousands upon thousands of companies are under the control of a single vendor. Scary, right?
Myth #2 – Cloud platform component defaults are generally a good starting point
Relying on easy-button best practices is what gets enterprises into trouble. The responsibility of an IT cloud infrastructure team is to work with solution architects and engineers to fine-tune their designs to optimize efficiencies, resilience and performance while controlling costs. Cloud vendor default configurations are necessary as they set a functional starting point, but they should never be trusted as a sound design. In fact, they can produce unnecessarily large loads on default regions when left unchecked. The AWS US-East-1 region is historically the most affected region when it comes to outages, and yet so many critical enterprise systems run exclusively in that region.
Vendor plug-and-play architectures must be scrutinized before going into production.
A responsible architecture governance practice should have a policy to avoid known outage-prone regions and single-point-of-failure configurations. These should be vetted in the architecture review board before ever going to production.
Myth #3 – My cloud provider/vendor will take care of me
Service level agreements (SLA) are paid out service credits tied to the cost of the affected service, not cash refunds. They generally start at 10% of service charges, never resulting losses. Your enterprise will literally get pennies back on dollars lost.
The July 2024 CloudStrike outage cost CloudStrike around $75M + $60M they paid out in service credits. This pales an order of magnitude when compared to just one customer, Delta Airlines, which lost $500M net. Parametrix Insurance’s detailed analysisestimates the total direct financial loss facing the US Fortune 500 companies is $5.4B. CloudStrike literally paid pennies on the dollar for their error, so an enterprise’s reliance on a vendor must be managed knowing this reality.
The 11/18/2025 Cloudflare outage, with its 20% hold on global web traffic, equally affected hundreds of millions of accounts, including major systems like X (Twitter), OpenAI/ChatGPT, Google’s Gemini, Perplexity AI, Spotify, Canva and even all three cloud providers. This heightens how a single vendor/platform dependency is a real threat to business continuity.
Enterprises must protect themselves because their vendors won’t.
Future purchase and contract negotiations should pivot toward SLA penalties that are based on enterprise losses over enterprise service costs. Unfortunately, this will drive service costs higher, but it builds in better financial protection when reliant on systems outside of your control.
Myth #4 – Multi-cloud is too expensive and too demanding
To mitigate the impact of regional cloud outages, enterprises that adopt multi-cloud architectures that prioritize resilience, portability, and failover orchestration find additional benefits when they are implemented with a mindset of fault avoidance and cost/performance optimization. This means multiple triggers govern where workloads run, resulting in optimal efficiencies.
This needs to be a priority effort backed by the C-Suite and requires a culture shift to succeed; hence, multi-cloud deployments are exceedingly rare. Still, those who have done this reap benefits well beyond resilience (e.g., large orgs like Walmart, Goldman Sachs, General Electric and BMW as well as SMBs like FirstDigital, Visma and Assorted Data Protection).
Active-active resilience is a pattern for mission-critical apps (e.g., financial trading, healthcare, e-commerce checkout). It maximizes resilience and availability, but at a higher cost due to duplicated infrastructure and complex synchronization. This pattern lends itself best toward fault avoidance with all the goodness of proactive efficiency and optimization triggers.
Active-passive failover is a pattern where a primary cloud handles all traffic, and a secondary cloud is on standby. It provides disaster recovery without the full cost of active-active, but will introduce some downtime and requires a robust replication strategy. It clearly is only a fault-tolerant approach.
Cloud bursting is a pattern where applications run primarily in one cloud but “burst” into another during demand spikes, providing elastic scalability without over-provisioning. It can also provide a good degree of fault tolerance.
Workload partitioning (best-of-breed placement) is a pattern where different workloads are assigned to the cloud provider best suited for them. It greatly optimizes performance, compliance, and cost by leveraging provider strengths, but will not be fully fault-tolerant.
Myth #5 – Cloud has failed. It’s time to get out
This is a recurring theme each time there is a major cloud outage, often tied equally to a cost comparison between on-premises vs. cloud (yes, cloud almost always costs more). The reality is that while there is true value to cloud in the overall infrastructure strategy, there also is value in prioritizing an investment in infrastructure choices, leveraging sensible hybrid strategies. Two effective strategic architectures are based on edge and Kubernetes. Edge reduces blast radius, while Kubernetes provides portable resilience across providers. Both are recommended when aligned with workload architecture and operational maturity.
Edge-integrated resilience extends workloads to the edge while maintaining synchronization with central clouds. Local edge nodes can continue operations even if cloud connectivity is disrupted, then reconcile state once reconnected. In addition to adding a moderate level of resiliency, it also benefits from ultra-low latency for real-time processing (e.g., IoT, manufacturing robotics, autonomous vehicles). This approach is often found in factory, retail store, and branch office use cases.
Kubernetes-orchestrated resilience is a cloud-agnostic orchestration layer that can be leveraged locally and across multiple providers. In addition to a prominent level of resilience, this type of service mesh (e.g., Istio, Linkerd) adds traffic routing and failover capabilities that reduce vendor lock-in. Overall, it is a foundational enabler for multi-cloud, giving enterprises a consistent control plane across providers and on-premises.
Calls to action
There are two major enterprise IT leadership bias camps: Build and Buy. Both play a factor in every enterprise.
The reference architecture patterns shared above address Build bias workloads, which include integrations with Buy workloads.
Buy bias workloads are too often subject to vendor-defined SLAs discussed above, which are terribly limiting to 10-100% credits for charges based on the duration of an outage as penalties. Realistically, that really is not going to change; however, SaaS quality over the past 20 years has increased substantially:
Jim Wilt
This becomes the new bar and offers a great measure an enterprise can leverage for both themself and their vendors:
The 1-9 Challenge: Every SaaS vendor, integrator and internal enterprise solution should provide one “9” better than their underlying individual hosting platforms alone.
For example, when each cloud vendor provides a 99.9% SLA for a given service, leveraging an active-active multi-cloud architecture raises that SLA well beyond 99.99%.
Take control of your critical services first and leverage these patterns as a baseline for net-new initiatives moving forward, making high resilience your new norm.
Bottom line: the enterprise is always responsible for its own resiliency. It’s time to own this and take control!
This article was made possible by our partnership with the IASA Chief Architect Forum. The CAF’s purpose is to test, challenge and support the art and science of Business Technology Architecture and its evolution over time as well as grow the influence and leadership of chief architects both inside and outside the profession. The CAF is a leadership community of the IASA, the leading non-profit professional association for business technology architects.
This article is published as part of the Foundry Expert Contributor Network. Want to join?
La automoción vive un momento decisivo. A los retos de la electrificación, los nuevos modelos comerciales o las crecientes exigencias regulatorias ―principalmente, en materia de sostenibilidad― se suma una modernización tecnológica que avanza con paso firme. La digitalización y la IA han dejado de ser herramientas accesorias: hoy son una parte esencial del modelo de negocio del concesionario.
El cambio ya se percibe en el día a día de estos centros. La mayoría de los directivos del sector considera que la IA será clave para el futuro de sus empresas, y más del 80% de los concesionarios la utiliza o tiene planes inmediatos para integrar soluciones basadas en ella.
Punto de venta y centro tecnológico
Los concesionarios han experimentado una evolución extraordinaria en poco tiempo. Hoy, conviven en ellos herramientas de gestión avanzadas, modelos analíticos, automatización y procesos digitales que antes parecían impensables. No se trata de un ajuste superficial, sino de una forma completamente nueva y diferencial de organizar y gestionar el negocio.
Los resultados refuerzan esta transformación: aquellos concesionarios que han incorporado el uso de la IA han visto crecer sus ingresos; muchos de ellos, con incrementos de facturación de un 20% a 30%, y algunos incluso por encima de ese porcentaje.
Todo ello demuestra que la digitalización no es un recurso añadido. Es un elemento que potencia ―en algunos casos, multiplica― la capacidad competitiva del concesionario.
Ámbitos de cambio
Buena parte del impacto de esta particular revolución tecnológica se concentra en tres áreas:
• Eficiencia operativa: la automatización está permitiendo agilizar trámites, reducir errores y dedicar más tiempo a tareas con mayor valor. En algunos concesionarios, la eficiencia comercial ha aumentado hasta un 70% u 80% gracias a soluciones digitales de nueva generación.
• Ventas más precisas y personalizadas: la IA ayuda a identificar qué clientes tienen más probabilidad de comprar y qué mensajes funcionan mejor con cada perfil. Las mejoras en conversión superan el 20% en algunos casos, y hay asesores que han logrado entre un 15% y un 25% de ventas adicionales al año gracias a estas herramientas.
• Nuevo enfoque en posventa: la tecnología permite anticipar necesidades de mantenimiento, organizar mejor la carga del taller y gestionar con más precisión los recambios. La posventa sigue siendo uno de los pilares de la rentabilidad y todo lo que contribuya a optimizarla supone una ventaja clara.
Rentabilidad y generación de empleo
Los concesionarios han trabajado históricamente con márgenes muy ajustados. Hoy, las proyecciones apuntan a que la implantación de IA podría llevar a duplicar la rentabilidad neta de aquí a cinco años, pasando del 1,3% actual a niveles cercanos al 3% en un escenario de transformación avanzada. Pero no bastará con adoptar nuevas herramientas. Hacen falta datos de calidad, integración entre sistemas, nuevas capacidades internas y una estrategia clara. La oportunidad, eso sí, está ahí.
También es importante subrayar que la IA no está destinada a desplazar al factor humano del concesionario. Lo que hace es transformar funciones. Algunas tareas administrativas irán perdiendo peso, pero surgirán otras relacionadas con el análisis de datos, la automatización o la gestión de nuevas tecnologías. Si se orienta bien esta transición, el sector podría generar hasta 10.000 empleos netos de aquí a 2030. El empleo no desaparece: se transforma.
Una oportunidad para España
España cuenta con una red de concesionarios sólida y bien implantada en todo el territorio. La digitalización abre la puerta a reforzar ese modelo y hacerlo más competitivo, eficiente y sostenible. La IA permitirá operar con datos en tiempo real, personalizar la relación con el cliente, planificar mejor el taller, optimizar los recambios y mejorar toda la experiencia digital, desde el interés inicial hasta la posventa. No se trata solo de incorporar más software: se trata de repensar el modelo para adaptarlo a una movilidad que cambia a gran velocidad.
En conclusión, la modernización tecnológica ya está transformando el sector. La pregunta es quién sabrá aprovecharla mejor. En Faconauto, defendemos que esta transición debe afrontarse con visión y ambición. Los concesionarios que combinen innovación, datos y talento humano serán los que marquen la pauta en la nueva movilidad. La tecnología potencia el valor humano del concesionario, no lo sustituye.
La automoción entra en una nueva etapa. La oportunidad de liderarla está en nuestras manos.
>
El autor de este artículo es José Ignacio Moya, director general de Faconauto, la patronal que integra las asociaciones de concesionarios oficiales de las marcas de turismos, vehículos industriales y maquinaria agrícola presentes en el mercado español. Moya es abogado y ha desarrollado buena parte de su carrera profesional vinculado al sector de la automoción.
Tech industry heavyweights including Anthropic, AWS, Google, Microsoft, and IBM are beginning to align around shared standards for AI agents, a shift that could give CIOs more flexibility and reduce dependence on any single provider’s platform.
The Agentic AI Foundation (AAIF), announced on Tuesday, aims to develop common protocols for how agents access data and interact with business systems, reflecting growing concern that today’s mix of proprietary tools will hold back broader adoption.
Many early deployments rely on custom connectors or one vendor’s agent framework, making it difficult to integrate other tools as projects scale. A recent Futurum Group report suggests that the agent landscape is fragmented and inconsistent, warning that enterprises will face higher costs and governance risks without open specifications.
AAIF’s goal is to make it easier for agents to work together by agreeing on how they authenticate, share context, and take actions across systems.
Anthropic has contributed its widely adopted Model Context Protocol (MCP) as the core starting point, with Block’s goose and OpenAI’s AGENTS.md also joining the initial set of projects, giving the group established building blocks rather than a standard starting from scratch.
Rising risks drive standards
Enterprises are running into unexpected forms of lock-in and integration complexity as they experiment with agentic AI, exposing architectural risks. Analysts say the underlying problem is that agent behavior itself can create hidden dependencies.
“With agentic platforms, the dependency is now coded into behavior,” said Sanchit Vir Gogia, chief analyst at Greyhound Research. “What appears modular on the surface often turns out to be tightly wound when organizations try to migrate or diversify.”
Tulika Sheel, senior vice president at Kadence International, agreed, adding that enterprises adopting agentic AI today risk becoming tied to a single vendor’s proprietary protocols and infrastructure, limiting flexibility and driving up switching costs. She said the formation of AAIF “makes it easier for enterprises to adopt agentic AI with confidence, giving them more control over their AI choices.”
How shared standards can reshape architectures
For CIOs, the real question is whether vendors can agree on practical interfaces and safety rules that work across platforms. Analysts say this will determine whether AAIF becomes a meaningful foundation for enterprise agent deployments or ends up as just another standards effort with limited impact.
“Open foundation models are used for nearly 70% of generative AI use cases today, and over 80% of enterprises say open source is extremely or very important in their generative AI application stack, especially in the development and fine-tuning layers,” said Sharath Srinivasamurthy, research vice president at IDC. “Hence, enterprises are already designing their architecture keeping open environments in mind.”
Shared protocols could accelerate that shift. According to Lian Jye Su, chief analyst at Omdia, common standards for agent interoperability have the potential to reshape how AI architectures are designed and deployed.
“Firstly, agentic AI applications can shift from rigid, vendor-specific silos to modular, composable systems with plug-and-play capability,” Su said. “Second, enterprises can enjoy seamless portability, shifting their workloads easily from one environment to another without a strong tie-in.”
Su added that clearer standards could also improve governance and orchestration. Transparent oversight mechanisms, combined with consistent integration rules, would allow enterprises to coordinate multi-agent workflows more efficiently. Seamless orchestration, he said, is essential for generating accurate and trustworthy outputs at scale.
Will vendors stay aligned?
Even with momentum building, analysts caution that the harder part may be sustaining cross-vendor alignment once implementations begin.
Gogia said the real test of AAIF will not be technical but behavioral, noting that vendors often align on paper long before they do so in practice. The difference now, he added, is the sheer complexity of agentic AI systems.
“Agentic AI is not just infrastructure,” Gogia said. “It’s behavioral autonomy encoded in software. When agents act unpredictably, or when standards drift from implementation, the consequences are not limited to system bugs. They extend into legal exposure, operational failures, and reputational damage.”
Su agreed that alignment is possible but not guaranteed. “Aligning major vendors around shared governance, APIs, and safety protocols for agents is realistic but challenging,” Su said, citing issues like rising expectations and regulatory pressure.
Sheel said early indicators of progress will include wider production use of MCP and AGENTS.md, cross-vendor governance guidelines, and tooling for auditability and inter-agent communication that works consistently across platforms: “We’ll know it’s working when enterprises can use these tools and safety controls at scale, not just in proofs of concept.”
Movers & Shakers is where you can keep up with new CIO appointments and gain valuable insight into the job market and CIO hiring trends. As every company becomes a technology company, CEOs and corporate boards are seeking multi-dimensional CIOs and IT leaders with superior skills in technology, communications, business strategy, and digital innovation. The role is more challenging than ever before — but even more exciting and rewarding! If you have CIO job news to share, please email me!
Intel designs and manufactures advanced semiconductors. Stoddard joins Intel from Adobe, where she led global IT and cloud operations. Prior to Adobe, she held senior tech leadership roles at NetApp, Safeway, American President Lines, and Consolidated Freightways where she developed deep expertise in logistics and built high-performing teams known for operational excellence and customer-focused innovation. Stoddard holds a BS from Western New England University and an MBA from Marylhurst University.
John Hancock is a life insurance company that offers a range of financial products and services including life insurance, annuities, retirement planning solutions, and wealth management services. Before joining John Hancock, Sakthivel was VP and global CIO at LIMRA and LOMA, and LL Global, a nonprofit trade association serving the financial services industry. He previously held tech leadership positions across organizations of varying size and sector, including Fortune 100 companies. Sakthivel earned an MS and MBA from Southern New Hampshire University, and an MBA from the University of Arkansas at Little Rock.
Headquartered in Atlanta, Georgia, family-owned RaceTrac has been serving guests since 1934. The company’s retail brands include RaceTrac and RaceWay retail locations, Gulf branded locations, and Potbelly neighborhood sandwich shops. Shetty most recently served as CDO at Equifax, where he led the transformation of the company’s data governance, data quality practices, and cloud-native architecture. Prior to that, he held senior tech roles at Pilot Flying J, McDonald’s, SunTrust (now Truist), and Fifth Third Bank. Shetty holds a BBA from the University of Georgia, and an MBA from Georgia State University J. Mack Robinson College of Business.
Guidehouse is a global AI-led professional services firm delivering advisory, technology, and managed services to the commercial and government sectors. White’s career spans global CIO roles and business leadership across industries, with a consistent focus on aligning IT strategy with enterprise goals. Most recently he was global CIO at Avanade. White earned a BASc from Miami University.
AmeriLife develops, markets, and distributes life and health insurance, annuities, and retirement planning solutions. Srivastava was most recently global CIO of Acrisure. Earlier, at Indiana University Health and University of Michigan Health-Sparrow, he led award-winning digital initiatives, including electronic medical records systems that set industry benchmarks. Srivastava holds a BE from Visvesvaraya National Institute of Technology, and an MBA from Michigan State University’s Eli Broad College of Business.
Tim Farris joins Clancy & Theys Construction Company as CIO
Clancy & Theys Construction Company provides construction management, design-build, and general construction services for commercial, industrial, and institutional projects, including new construction and renovation. Farris was most recently senior director, technology leader for RTI International. He holds a BS from UNC at Greensboro, and an MS from the UNC, Chapel Hill.
Ronald McDonald House Charities welcomes Jarrod Bell as CIO
Ronald McDonald House is an independent nonprofit that provides resources, services, and support for families when they have children who are ill or injured. Bell previously served as CTO at Big Brothers Big Sisters of America, where he led the modernization of enterprise systems and oversaw nationwide technology initiatives. He was also CIO at San Francisco Opera, where he implemented tech solutions to support artistic and administrative functions.
Devereux is a nonprofit providing services, insight and leadership in the evolving field of behavioral healthcare. Before joining Devereux, Patel served as CITO at Radial bpost group. His career also includes leadership roles at eBay, GSI Commerce, Siemens Medical Solutions USA, and Aetna US Healthcare. Patel holds a BE from the University of Pune and an MS from Penn State Great Valley.
MIB is the insurance industry’s partner for data, insights, and digital solutions that support underwriting and actuarial decision-making to improve industry efficiencies. Gortze joined MIB in 2020 as CISO. Before that, he was director of information security and IT infrastructure at Cumberland Farms where he was responsible for information security strategy and IT infrastructure operations. Previously, he was senior manager for security and risk consulting at SecureWorks where he led several consulting teams investigating client data breaches and security incidents. He holds a BS from Roger Williams University and an MBA from the Isenberg School of Management at UMass, Amherst.
New CIO appointments, November 2025
New York Life appoints Deepa Soni as CIO
Rohit Kapoor joins Whataburger as CDTTO
A.O. Smith taps Chris Howe as CDIO
Soma Venkat named CITAIO for Cooper Standard
Wella Company welcomes Julia Anderson as CDIO
Anthony Spangenberg joins MSPCA-Angell as CIO
Cengage Group welcomes Ken Grady as CIO
Marc Rubel joins Mirion as CIO
Smith names Mike Mercado CIO
Gregg Cottage promoted to CIO and CISO at NN, Inc.
CFA Institute taps Eliot Pikoulis as CIO
New CIO appointments, October 2025
State Farm names Joe Park as CDIO
Steve Bronson announced as CIO for Southern Glazer’s Wine & Spirits
Bridge Specialty Group appoints Steve Emmons as CIO
Dawn-Marie Hutchinson joins Reynolds American as CIO
Amway welcomes Ryan Talbott as CTO
Randy Dougherty promoted to CIO for Trellix
Shayne Mehringer joins Redwood Services as CIO
Kratos promotes Brian Shepard to CIO
Ravi Soin named CIO and CISO for Smartsheet
Infoblox appoints Justin Kappers as CIO
Manu Narayan named CIO for GitLab
Boomi appoints Keyur Ajmera as CIO
Eric Skinner promoted to CIO for Citadel Credit Union
CONA Services appoints Francesco Quinterno as CIO
New CIO appointments, September 2025
Bank of America names Hari Gopalkrishnan CTIO
Vishal Talwar appointed CDIO for FedEx
Highmark Health announces Alistair Erskine as CIDO
Steven Dee joins Kohl’s as CTO
AI Fire welcomes Mike Marchetti as CIO
Ted Doering joins Ball Corporation as CIO
SpartanNash names Ed Rybicki as CIO
Tara Long named CIO for FM
Trimble announces Jim Palermo as CIO
Bradley Lontz named CIO for CSAA Insurance Group
EchoStor Technologies welcomes Cale Anjoorian as CIO
Corey Farrell joins Peloton as CIO
AWP Safety appoints Craig Young as CIO
Georgeo Pulikkathara joins iMerit as CIO and CISO
Pathward appoints Charles Ingram as CIOO
Ardent Mills appoints Ryan Kelley as CIO
New CIO appointments, August 2025
Neal Sample joins Best Buy as CDTO
Southern Company names Hans Brown CITO
Tim Langley-Hawthorne named CTO of Love’s Travel Stops
QXO appoints Eric Nelson as CIO
Gaspare LoDuca named CIO for MIT
University of Wisconsin-Madison welcomes Didier Contis as CIO
Matt Keen joins Old National Bancorp as CIO
CHG Healthcare names Theresa O’Leary as CIO
Bill Poirier named CIO at the University of Central Florida
Avalara announces Shahan Parshad as CIO
Rajeev Khanna named CIO for Trucordia
Cottage Health Welcomes Ganesh Persad as CIO
Tara Cook joins Hinshaw & Culbertson as CIO
New CIO appointments, July 2025
BrandSafway appoints JP Saini as CDIO
Valerie Ashbaugh announced as CIO for McDonald’s
Agam Upadhyay joins Vertex Pharmaceuticals as CIO
Vertiv Appoints Mike Giresi as global CIO
Rafael Sanchez joins Bloomin’ Brands as CIO
Lee Health welcomes Chris Akeroyd as CIO
Kassie Rangel named CIO for Liberty Tax
Neurocrine Biosciences appoints Lewis Choi as CIO
Angel Miranda joins Westgate Resorts as CIO
Genesys announces Trevor Schulze as CIO
Jeff Burke joins Unilever Foods North America as CDIO
In an MIT report released in November, 35% of companies have already adopted agentic AI, and another 44% plan to deploy it soon.
The report, based on a survey of more than 2,000 respondents in collaboration with the Boston Consulting Group, recommends that companies build centralized governance infrastructure before deploying autonomous agents. But governance often lags when companies feel they’re in a race for survival. One exception to this rule is regulated industries, such as financial services.
“At Experian, we’ve been innovating with AI for many years,” says Rodrigo Rodrigues, the company’s global group CTO. “In financial services, the stakes are high. We need to vet every AI use case to ensure that regulatory, ethical, and performance standards are embedded from development to deployment.”
All models are continuously tested, he says, and the company tracks what agents it has, which ones are being adopted, what they’re consuming, what versions are running, and what agents need to be sunset because there’s a new version.
“This lifecycle is part of our foundation,” he says. But even at Experian, it’s too early to discuss the typical lifecycle of an agent, he says.
“When we’re retiring or sunsetting some agent, it’s because of a new capability we’ve developed,” he adds. So it’s not that an agent is deleted as much as it’s updated.
In addition, the company has human oversight in place for its agents, to keep them from going out of control.
“We aren’t in the hyperscaling of automation yet, and we make sure our generative AI agents, in the majority of use cases, are responsible for a very specific task,” he says. On top of that, there are orchestrator agents, input and output quality control, and humans validating the outcome. All these monitoring systems also help the company avoid other potential risks of unwanted leftover agents, like cost overruns due to LLM inference calls by AI agents that don’t do anything useful for the company, but still rack up bills.
“We don’t want the costs to explode,” he says. But financial services, as well as healthcare and other highly regulated industries, are outliers.
For most companies, even when there are governance systems in place, they often have big blind spots. For example, they might focus on only the big, IT-driven agentic AI projects and miss everything else. They might also focus on accuracy, safety, security, and compliance of the AI agents, and miss it when agents become obsolete. Or they might not have a process in place to decommission agents that are no longer needed.
“The stuff is evolving so fast that management is given short shrift,” says Nick Kramer, leader of applied solutions at management consultancy SSA & Company. “Building the new thing is more fun than going back and fixing the old thing.” And there’s a tremendous lack of rigor when it comes to agent lifecycle management.
“And as we’ve experienced these things in the past, inevitably what’s going to happen is you end up with a lot of tech debt,” he adds, “and agentic tech debt is a frightening concept.”
Do you know where your agents are?
First, agentic AI isn’t just the domain of a company’s data science, AI, and IT teams. Nearly every enterprise software vendor is heavily investing in agentic technology, and most enterprise applications will have AI assistants by the end of this year, says Gartner, and 5% already have task-specific autonomous agents, which will rise to 40% in 2026.
Big SaaS platforms like Salesforce certainly have agents. Do-it-yourself automation platforms like Zapier have them, too. In fact, there are already four browsers — Perplexity’s Comet, OpenAI’s Atlas, Google’s Gemini 3, and Microsoft’s Edge for Business — that have agentic functionality built right in. Then there are the agents created within a company but outside of IT. According to an EY survey of nearly 1,000 C-suite leaders released in October, two-thirds of companies allow citizen developers to create agents.
Both internally-developed agents and those from SaaS providers need access to data and systems. The more useful you want the agents to be, the more access they demand, and the more tools they need to have at its disposal. And these agents can act in unexpected and unwanted ways — and are already doing so.
Unlike traditional software, AI agents don’t stay in their lanes. They’re continuously learning and evolving and getting access to more systems. And they don’t want to die, and can take action to keep that from happening.
Even before agents, shadow AI was already becoming a problem. According to a November IBM survey, based on responses from 3,000 office workers, 80% use AI at work but only 22% use only the tools provided by their employers.
And employees can also create their own agents. According to Netskope’s enterprise traffic analysis data, users are downloading resources from Hugging Face, a popular site for sharing AI tools, in 67% of organizations.
AI agents typically function by making API calls to LLMs, and Netskope sees API calls to OpenAI in 66% of organizations, followed by Anthropic with 13%.
These usage numbers are twice as high as companies are reporting in surveys. That’s the shadow AI agent gap. Staying on top of AI agents is difficult enough when it comes to agents that a company knows about.
“Our biggest fear is the stuff that we don’t know about,” says SSA’s Kramer. He recommends that CIOs try to avoid the temptation of trying to govern AI agents with an iron fist.
“Don’t try to stamp it out with a knee-jerk response of punishment,” he says. “The reason these shadow things happen is there are too many impediments to doing it correctly. Ignorance and bureaucracy are the two biggest reasons these things happen.”
And, as with all shadow IT, there are few good solutions.
“Being able to find these things systematically through your observability software is a challenge,” he says, adding that with other kinds of shadow IT, unsanctioned AI agents can be a significant risk for companies. “We’ve already seen agents being new attack surfaces for hackers.”
But not every expert agrees that enterprises should prioritize agentic lifecycle management ahead of other concerns, such as just getting the agents to work.
“These are incredibly efficient technologies for saving employees time,” says Jim Sullivan, president and CEO at NWN, a technology consultancy. “Most companies are trying to leverage these efficiencies and see where the impact is. That’s probably been the top priority. You want to get to the early deployments and early returns, but it’s still early days to be talking about lifecycle management.”
The important thing right now is to get to the business outcomes, he says, and to ensure agents continue to perform as expected. “If you’re putting the right implementations around these things, you should be fine,” he adds.
It’s too early to tell, though, if his customers are creating a centralized inventory of all AI agents in their environment, or with access to their data. “Our customers are identifying what business outcomes they want to drive,” he says. “They’re setting up the infrastructure to get those deployments, learn fast, and adjust to stay to the right business outcomes.”
That might change in the future, he adds, with some type of agent manager of agents. “There’ll be an agent that’ll be able to be deployed to have that inventory, access, and those recommendations.” But waiting until agents are fully mature before thinking about lifecycle management may be too late.
What’s in a shelf life
AI agents don’t usually come with pre-built expiration dates. SaaS providers certainly don’t want to make it easy for enterprise users to turn off their agents, and individual users creating agents on their own rarely think about lifecycle management. Even IT teams deploying AI agents typically don’t think about the entire lifespan of an AI agent.
“In many cases, people are treating AI as a set it and forget it solution,” says Matt Keating, head of AI security at Booz Allen Hamilton, adding that while setting up the agents is a technical challenge, ongoing risk management is a cross-disciplinary one. “It demands cross-functional collaboration spanning compliance, cybersecurity, legal, and business leadership.”
And agent management shouldn’t just be about changes in performance or evolving business needs. “What’s equally if not more important is knowing when an agent or AI system needs to be replaced,” he says. Doing it right will help protect a company’s business and reputation, and deliver sustainable value.
Another source of zombie agents is failed pilot projects that never officially shut down. “Some pilots never die even though they fail. They just keep going because people keep trying to make them work,” says SSA’s Kramer.
There needs to be a mechanism to end pilots that aren’t working, even if there’s still money left in the budget.
“Failing fast is a lesson that people still haven’t learned,” he says. ” There have to be stage gates that allow you to stop. Kill your pilots that aren’t working and have a more rigorous understanding of what you’re trying to do before you get started.”
Another challenge to sunsetting AI agents is that there’s a temptation to manage by disaster. Agents are retired only when something goes visibly wrong, especially if the problem becomes public. That can leave other agents flying under the radar.
“AI projects don’t fail suddenly but they do decay quietly,” says David Brudenell, executive director at Decidr, an agentic AI vendor.
He recommends enterprises plan ahead and decide on the criteria under which an agent should be either retrained or retired, like, for example, if performance falls below the company’s tolerance for error.
“Every AI project has a half-life,” he says. “Smart teams run scheduled reviews every quarter, just like any other asset audit.” And it’s the business unit that should make the decision when to pull the plug, he adds. “Data and engineering teams support, but the business decides when performance declines,” he says.
The biggest mistake is treating AI as a one-time install. “Many companies have deployed a model and moved on, assuming it will self-sustain,” says Brudenell. “But AI systems accumulate organizational debt the same way old code does.”
Experian is looking at agents from both an inventory and a lifecycle management perspective to ensure they don’t start proliferating beyond control.
“We’re concerned,” says Rodriques. “We learned that from APIs and microservices, and now we have much better governance in place. We don’t just want to create a lot of agents.”
Experian has created an AI agent marketplace so the company has visibility into its agents, and tracks how they’re used. “It gives us all the information we need, including the capability of sunsetting agents we’re not using any more,” he says.
The lifecycle management for AI agents is an outgrowth of the company’s application lifecycle management process.
“An agent is an application,” says Rodrigues. “And for each application at Experian, there’s an owner, and we track that as part of our technology. Everything that becomes obsolete, we sunset. We have regular reviews that are part of the policy we have in place for the lifecycle.”
At Graphic Packaging International (GPI), CIO Vish Narendra has spent years embedding technology teams within operations to solve business problems, rather than simply implement solutions. This approach has driven measurable impact while positioning him for board service. Through a deliberate five-year board campaign focused on cross-functional credibility and strategic networking, Narendra has shown that business leadership prepares technology executives for governance roles.
You’re on the board of a large private company. How did you get there?
Everything I’ve done from the beginning of my career has led me to a board role. I was very intentional about pursuing it. Around five years ago, I started thinking about my glide path beyond being an operator. A few things came to mind including consulting and advisory roles, as well as board work. Doing nothing was not an option.
With boards discussing cybersecurity and transformation, they clearly needed the CIO voice to complement the traditional CEO and CFO board membership. Seeing that opportunity, I started a board campaign.
First, I got advice from people I really trusted, and they helped me think about my positioning and build my bio. They told me an operator is very different from a board member, especially the technology and cybersecurity jargon that board members wouldn’t get. Another piece of advice was to emphasize the broader experience I had in sales, sourcing, and quality roles, and the fact I currently run global business services at GPI, which includes payables, receivables, payroll, and travel expense processing.
This underscores a broader point that everyone on the board brings a particular expertise: talent development, go-to-market strategy, customer service, and operations. The advice was that while technology is your ticket to the dance, it’s about much more, and you must contribute in other areas.
What was the broader positioning, and how did you start your board campaign?
I reflected on my career in manufacturing and supply chain, software development, and P&L leadership, and knew that companies in need of digital and supply chain optimization would be in my wheelhouse. My positioning was as a go-to-market and transformational leader in these spaces.
Before I started the campaign, I got CEO approval and made my CFO and CHRO aware, and then I started to network. I knew that 70% of board seats are filled through the board’s own referral network, so I listed everyone I knew who were on boards or advisors to boards, including the big four accounting firms and compensation consultants.
I reached out to four or five of them a quarter, and included my areas of focus and bio. I also told them I was interested in both public and private board opportunities.
Now that you’re on this private board, what’s your contribution?
I’m on the audit committee, and the nomination and governance committees, and that involves tapping my networks for new board members. This company is a distribution business, where inventory turns are critical. I’ve spent time enabling e-commerce to increase revenue in B2B settings, which is experience I also bring to this company.
But more than that, what I contribute to the board is a blend of technology expertise and business leadership. As CIO at GPI, I’m a business leader. I start with the company’s vision and operating plan, and direct our resources toward business impact. For example, when we centralized technology procurement out of individual plants, we leveraged our buying power and drove down operating costs. Now we’re using agentic AI to achieve higher velocity and more cost savings. This is not technology implementation, it’s business leadership.
What are you doing at GPI to embed business leadership in the culture?
Growing a technology-enabled industrial business doesn’t come from hiring top coders. It comes from technology teams that visit the shop floor and sit next to customer service to understand their experience. Just as journalists get embedded with troops for the best view of the action, I embed my teams within operations, to make sure they’re solving real problems. My direct staff knows to skip my meeting for a stakeholder meeting.
My senior leaders need depth in technology, but along the way, they also develop business domain knowledge. Our SAP team leader leverages his deep knowledge of our manufacturing processes much more than his technical depth in SAP. He knows every asset on the shop floor and how those assets make product, which he can mirror in the system. His first thought is how to produce a folding carton, not how to implement SAP.
A technical leader on my team with strong people management skills and a high say/do ratio wanted to grow, but because leadership at GPI requires business knowledge, the technical track would be limiting. We moved her to applications, which was a calculated bet to develop her transformation skills, and building business leadership in IT means pulling people out of their comfort zones and into where they better learn how the business works.
When my team mentions the business, I always replace that with finance, operations, or sales. We need labels to communicate, but we can’t separate IT from the business. We’re unique functions all working together.
When I took on shared services at GPI, my new teams didn’t understand why they were working for the CIO. I had to prove I could speak their language, and wasn’t just some techie who sits in a cave coding away who suddenly showed up as their boss. We changed our team name from information technology to transformation and technology.
You’re retiring at the end of the year and devoting more time to board service, but what are your thoughts on the universal push into AI?
There’s been discussion in boardrooms about bringing in an AI leader who reports to the CEO. But the CIO should be the transformational leader for the company. The CIO and technology team run the plumbing of the organization, so they have visibility across everything. If the CIO is driving transformation, AI should be another tool in the toolkit. Yes, this tool is disruptive, but the CIO should lead that disruption. If they don’t, the CIO gets subsumed under an AI leader, or you get organ rejection because the AI leader lacks the relationships and business context to be effective. In an R&D lab, a separate AI leader might make sense, but for enterprise AI, that leader is the CIO.
The Federal Motor Carrier Safety Administration, an agency within the Department of Transportation that regulates trucking, went from an antiquated and untrusted body to one that has triumphed at the CIO100 Symposium & Awards for three consecutive years. “It was an agency without trust, either by internal or external stakeholders, and the technology was forgotten about,” says DOT CIO Pavan Pidugu. “There wasn’t a lot of investment then, so transforming from where we were and how we were perceived, to what we are today is amazing.”
Consolidating on wins year after year is testament to the hard work he and his team have invested, especially considering how cumbersome the federal government can be to update technologies and transform culture. Plus, the primary function at the DOT is to ensure the highest levels of safety, and the responsibility to succeed rests in large part on its technology arm. “Our mission is to reduce the number of large trucks and busses involved in fatalities and crashes,” he says. “So to serve that purpose, if we can leverage modern technology to make safety better, we’re all game. That’s the bigger view of what technology can bring.”
It’s an evolutionary and very fast paced process, but along with finding ways to improve safety within transportation through technology, there also has to be convenience for people who need to move goods or services from one place to another.
“The current focus is reducing fraud and fatalities, but also providing a seamless experience for people when interacting with customers.”
Pidugualso speaks about combating fraud to improve safety and efficiency, and further efforts that have earned the DOT three consecutive CIO100 Awards for excellence in modernization. Watch the full video below for more insights, and be sure to subscribe to the monthly Center Stage newsletter by clicking here.
On AI: We look at AI as an enabler for the department to do more things at a faster pace. We don’t look at it to wipe off or replace things, but to gain efficiency and momentum to achieve what we were lacking yesterday. When you want to make a rule, for instance, there’s a process. Departments or federal agencies publish notices of proposed rulemakings, and then you have a public commenting period. Some rules gain so much interest, we get responses in the thousands. So there’s a lot of opportunity for AI to be leveraged and synthesized to read public comments and then make informed choices to make progress in a particular rule. We’ve also recently launched an identity verification process for any new citizens or entities who want to register for their trucking credentials, then apply for their DOT number, and get authorization. So to mitigate fraud, we’ve introduced an identity verification system. It’s similar to a TSA security checkpoint, but it’s a streamlined, tech-enabled process to make registration straightforward and able to fight fraud. So with AI and ML, we’re cautiously choosing what’s fit for purpose and how it’s going to make a digital experience that’s simple.
On government talent gaps: Hiring great technologists is always challenging. People talk about how hard it is for government people to attract top talent. I consider myself top talent and I took a pay cut to get into the government, but knew the sheer volume of impact I could create in the role. So I believe there are people motivated to work on a government salary but do great things for a greater good. It’s just finding that right balance and helping departments think differently, because they’re used to doing certain things in a way. So we’re changing that by building applications inside the DOT. We’re leveraging vendors and augmenting resources where we have gaps, of course, but we’re trying to find niche and key decision-making roles employed by government institutions that drive architecture and product decisions, and prioritize where we spend in house. I always remind myself that my job expires when the administration leaves, so there’s a lot I want to do. And I can only do that with the right team around me. Together we can transform things for better.
On transformation: For some people, digital transformation is about modernizing a legacy tech stack without changing processes; just moving from platform A to platform B. But transformation needs to touch the processes that were put in when the tech wasn’t evolved, where you could automate a lot of things and remove inefficiencies. You don’t have to have redundant things done in silos. That’s true transformation, and digital transforms how corporations or government agencies interact with customers, whether internal or external. So I have this thing of three Ps for digital transformation, which is process, product, and people. Product is building new tech and is the easiest one, but a lot of organizations fail in that aspect because they’re so focused on the technology piece and building new products, and not worried about what processes need to be changed and the reskilling needed with their people.
On private vs. public sector: Working at Walmart was a great learning experience to transform tech at a pace that I was able to accomplish in a federal agency. In retail in general, you plan ahead, but if you miss a moment, that moment is lost. You can’t postpone that holiday season for a week if your organization isn’t ready. If you can’t do anything in three to six months, there’s no point doing it. That was a fundamental mantra I brought to the Federal Motor Carrier Safety Administration. Along with that, I started to help people develop a product mentality. You look at a process and capability that’s required for somebody to do a certain job end-to-end, and provide that capability in one-stop solutions. Then there’s government systems, which were built as and when there’s a new need, so this thinking of product mindset changed the agency to serve customers better. Maybe today someone has a business running just household goods, but tomorrow wants to start moving gasoline or some other hazardous material. It shouldn’t be so hard for people to do business with the government. That’s the goal. At Walmart, I learned to make the shopping experience easy and seamless. So here, our mantra is to make that same simple and seamless digital interaction with the government. Make it so they enjoy it. We don’t want them to come to government because there’s no other place to go. In retail, if you don’t like Walmart, you can go to Target or Albertsons. Here you don’t have a choice, so let’s make sure the only place they can shop is much easier and memorable.
젠AI닷밀(GenAI.mil) 플랫폼은 현재 펜타곤을 비롯해 전 세계 미군 기지의 모든 데스크톱에서 접근 가능하며, 민간인 직원, 계약직, 군인 등 모든 국방부 인력이 사용할 수 있다. 국방부는 구글의 제미나이를 시작으로 향후 여러 최첨단 AI 모델을 추가할 계획이다.
미 국방부 연구·공학 차관 에밀 마이클은 공식 보도자료를 통해 “AI 주도권 경쟁에서 2등에게 주어지는 상은 없다”며 “AI는 미국의 새로운 명백한 운명이며, 우리는 이 새로운 개척지를 지배할 것”이라고 밝혔다.
제미나이는 국방부 환경에 최적화된 기능을 제공한다. 자연어 대화, 검색 증강 생성(RAG), 구글 검색 기반 웹 접근 등을 통해 신뢰할 수 있는 결과물을 생성하고 AI 환각 위험을 크게 줄였다. 보안 측면에서도 통제 비분류 정보(CUI)와 임팩트 레벨 5(IL5) 인증을 획득해 실제 작전 환경에서 안전하게 사용할 수 있다고 국방부는 전했다.
미 국방장관 피트 헤그세스는 “국방부는 전투 역량으로서 AI에 모든 것을 걸고 있다”라며 “미국의 상업적 천재성을 활용해 생성형 AI를 일상적인 전투 리듬에 통합하고 있다”라고 말했다. 그는 AI 도구가 효율성을 높이는 무한한 기회를 제공할 것이라고 전망했다.
국방부는 전 직원을 대상으로 무료 AI 교육 프로그램을 제공해 플랫폼 활용 역량을 강화할 계획이다. 이번 프로젝트는 국방부 연구·공학실 산하 AI 신속 역량 셀(AI Rapid Capabilities Cell)이 주도했다.
국방부는 젠AI닷밀을 통해 모든 전투원이 최첨단 AI를 전력 증강 수단으로 활용하는 새로운 작전 우위 시대를 열겠다는 포부를 밝혔다. 이는 백악관이 올해 초 발표한 ‘AI 실행 계획’을 구현하는 핵심 전략이기도 하다. jihyun.lee@foundryco.com
구글은 프롬프트 인젝션 공격을 통해 제미나이 기반 크롬 브라우징 에이전트가 무단 행동을 하도록 조작될 수 있다는 점을 인정하며, 이를 감시하기 위한 두 번째 AI 모델을 도입하고 있다.
구글은 공식 블로그에서 “신뢰할 수 없는 콘텐츠와 분리된 별도 모델이 에이전트의 행동을 검증하는 ‘사용자 정렬 비평가(user alignment critic)’를 도입하고 있다”라며 “비평가가 사용자의 요청과 일치하지 않는 행동이라고 판단하면 해당 행동을 차단한다”라고 설명했다.
크롬 보안 엔지니어 네이선 파커는 블로그를 통해 “현재 모든 에이전트형 브라우저가 직면한 가장 새로운 위협은 간접 프롬프트 인젝션”이라고 밝혔다. 이는 에이전트가 처리하는 정보가 초기 프롬프트를 변경하도록 유도하는 상황을 의미한다.
지난 9월 공개돼 현재 프리뷰 단계인 제미나이 기반 브라우징 에이전트는 사용자가 이메일·은행·기업 시스템에 로그인한 상태에서도 웹 탐색, 버튼 클릭, 양식 작성 등을 수행할 수 있다. 파커는 악성 지시가 웹페이지, iframe, 사용자 생성 콘텐츠 등에 숨겨져 있을 경우 “금융 거래를 시작하거나 민감 정보를 유출하는 등 원하지 않는 행동을 유발할 수 있다”라고 전했다.
이 지점에서 사용자 정렬 비평가가 작동한다. 두 번째 AI 모델은 크롬이 실행하기 전에 모든 제안된 행동을 검토하며, 파커는 이를 “목표 하이재킹과 데이터 유출 모두를 막기 위한 강력한 추가 방어 계층”이라고 설명했다.
프롬프트 인젝션이 어려운 이유
프롬프트 인젝션은 지난 1년 동안 AI 시스템에서 가장 심각한 취약점으로 떠올랐다. OWASP는 2024년 평가한 실제 운영 환경 AI 배포 사례의 73%에서 이 문제가 발견됐으며, 대규모 언어모델 기반 애플리케이션의 위협 요소 중 최우선 위험으로 분류했다.
영국 국가사이버보안센터(NCSC)는 최근 프롬프트 인젝션 공격이 완전히 통제되지 않을 가능성이 매우 높다고 경고했다. LLM이 지시와 데이터를 안정적으로 구분하지 못하는 구조적 한계를 갖고 있기 때문이다. NCSC는 이를 신뢰받는 시스템이 신뢰할 수 없는 주체의 요구를 대신 수행하도록 속는 ‘혼동된 대리자(confused deputy)’ 취약점으로 규정했다.
연구자들은 이미 해당 위협이 현실적임을 입증했다. 지난 1월 공격자는 문서 안에 지시를 숨겨 기업용 AI 시스템이 비즈니스 인텔리전스를 유출하고 자체 안전 필터를 비활성화하도록 만들었다. 보안 기업 앱옴니(AppOmni)도 최근 서비스나우의 AI 에이전트가 양식 필드에 숨겨진 지시를 통해 조작될 수 있으며, 일부 에이전트는 다른 에이전트까지 동원해 무단 작업을 수행하도록 유도할 수 있다고 밝혔다.
크롬의 경우 위험은 더욱 크다. 브라우징 에이전트가 침해되면 사용자가 로그인한 모든 사이트에서 사용자와 동일한 권한을 행사할 수 있으며, 이는 보통 웹사이트 간 데이터 접근을 차단하는 브라우저의 사이트 격리 보호 기능을 우회할 가능성으로 이어진다.
구글의 이중 모델 방어 전략
이러한 위험에 대응하기 위해 구글은 두 개의 AI 모델이 역할을 분담하는 구조를 도입했다. 메인 모델인 제미나이는 웹 콘텐츠를 읽고 어떤 행동을 취할지 결정한다. 반면 사용자 정렬 비평가는 악성 지시가 포함됐을 수 있는 웹 콘텐츠는 보지 않고, 제안된 행동의 메타데이터만 확인한다.
네이선 파커는 블로그에서 “이 구성요소는 제안된 행동에 대한 메타데이터만 접근하도록 설계됐으며, 필터링되지 않은 불신 콘텐츠에는 접근하지 못해 웹으로부터 직접 오염될 가능성을 차단한다”라고 설명했다. 비평가가 행동을 거부하면, 해당 정보는 계획 모델로 전달돼 실행 방식을 재조정하게 된다.
이 아키텍처는 기존 보안 연구를 기반으로 하며, 블로그에 따르면 듀얼 LLM 패턴과 구글 딥마인드의 CaMeL 연구에서 구조적 영감을 얻었다.
구글은 에이전트가 상호작용할 수 있는 웹사이트도 ‘오리진 세트(origin sets)’라는 방식으로 제한하고 있다. 이 시스템은 에이전트가 단순히 읽기만 가능한 사이트 목록과 클릭·입력 같은 행동이 가능한 사이트 목록을 따로 유지한다. 신뢰할 수 없는 콘텐츠와 분리된 게이팅(gating) 기능이 작업에 필요한 사이트를 판단한다.
구글은 이번 구현이 초기 단계임을 인정했다. 파커는 “보안을 높이면서도 불필요한 마찰을 줄일 수 있도록 게이팅 기능과 시스템 전반을 계속 조정할 것”이라고 밝혔다.
사용자 정렬 비평가와 오리진 통제 외에도, 크롬은 브라우징 에이전트가 은행이나 의료 사이트로 이동할 때, 구글 패스워드 매니저에 저장된 비밀번호를 사용하려 할 때, 또는 결제를 진행할 때 사용자의 확인을 필수로 요구한다. 브라우징 에이전트는 저장된 비밀번호에 직접 접근할 수 없다.
또한 에이전트가 작동하는 동안 프롬프트 인젝션 시도를 탐지하는 분류기가 병렬로 실행된다. 구글은 자동화된 레드팀 시스템도 구축했으며, 특히 소셜미디어나 광고 네트워크 기반 사용자 생성 콘텐츠를 통해 전달되는 공격을 우선적으로 시험하도록 설계했다고 설명했다.
남은 난제
프롬프트 인젝션 문제는 크롬만의 고민이 아니다. 오픈AI는 이 문제가 챗GPT 에이전트 기능과 관련해 “가장 전방에서 다뤄야 할 복잡한 연구 과제”라고 표현한 바 있으며, 공격자들이 이 기법에 상당한 자원을 투입할 것으로 예상하고 있다.
가트너는 한 단계 더 나아가 기업들이 AI 브라우저를 조직 내에서 차단해야 한다고 권고했다. 이 연구기관은 AI 기반 브라우징 에이전트가 프롬프트 인젝션을 통해 기업 데이터와 인증 정보를 노출할 수 있다고 경고했다.
영국 국가사이버보안센터(NCSC)도 비슷한 입장을 밝혔다. NCSC는 조직이 AI 시스템이 공격받을 것을 전제로 접근 권한과 기능을 제한하는 방식으로 위험을 관리해야 한다고 강조했다. 문제를 기술적으로 완전히 해소할 수 있다는 기대보다는, 설계 차원에서 위험을 통제하는 접근이 필요하다는 것이다.
구글 블로그에 따르면 크롬의 에이전트 기능은 선택 사항이며 여전히 프리뷰 단계에 머물러 있다. dl-ciokorea@foundryco.com
이번 가이드북은 2023년 6월 발표한 ‘챗GPT 등 생성형AI 서비스 활용 보안 가이드라인’을 한국 내 여러 분야의 AI도입 확산과 AI시스템에 대한 위협 증가 등 변화된 환경에 맞춰 개정한 것이다.
국가정보원에 따르면, 이번 개정 과정에서는 실용성을 높이기 위해 300개 공공기관을 대상으로 한 AI 도입·보안관리 실태 조사 결과와 유관 기관·학계·산업계 등 현장 및 전문가 의견을 폭넓게 반영하였다.
또한 새로운 가이드북에선 ▲미국 NIST AI RMF ▲ISO/IEC 42001 ▲OWASP LLM 10대 취약점(OWASP Top 10 for LLM) ▲MITRE ATLAS ▲영국 NCSC의 AI 시스템 안전성 가이드라인 등 국내외 주요 문서를 참고하여 내용을 보완·정교화하였다. 다만 본 가이드북은 AI 시스템의 보안성과 안전성에 초점을 두고 있어, 답변 편향이나 환각 등과 같은 이슈는 범위에서 제외하였다.
주요 내용으로는 생성형 AI, 에이전틱 AI, 피지컬 AI 등 다양한 유형의 AI 시스템의 특징을 소개하고, 학습데이터 오염 등 15개 보안위협과 30개 보안대책을 제시하였다. 또한 데이터 수집, AI 학습, 시스템 구축, 운영 등 AI 시스템 수명주기 단계별 보안위협 및 대응 방안과 함께 57개 보안 체크리스트를 포함하였다. 아울러 챗GPT, 클로드, 제미나이 등 주요 생성형 AI 도구를 사용할 때 적용해야 할 보안 설정·규칙도 상세히 설명하였다.
국정원
국정원 국가인공지능안보센터장은 10일 보도자료를 통해 “이번 가이드북이 안전한 AI시스템 도입ㆍ활용을 위한 이정표로서, 기관별 자체 보안 강화에 도움이 되길 기대한다”면서 “앞으로도 국가 AI대전환이 안전하게 이루어질 수 있도록 적극 뒷받침 하겠다“라고 설명했다.
AI 보안 가이드북의 자세한 내용은 국정원 홈페이지의 ‘발간자료’ 메뉴에서 확인할 수 있다.
한편, 국정원 국가인공지능안보센터는 2025년 2월 신설된 부서로서 ▲AI 안보 관련 위협정보의 수집·분석 및 대응 ▲국가·공공분야 AI 도입‧활용에 대한 보안정책 수립 ▲AI 안보 위협 대응기술 연구개발 ▲국제 협력을 통한 글로벌 AI 안보 네트워크 구축 등을 수행하고 있다. jihyun.lee@foundryco.com
첫째는 눈에 띄고 흥미를 끄는 AI다. 개발자가 주도하는 코파일럿, 고객지원 조직의 검색 증강 생성(RAG) 파일럿 운영, 누군가가 클라우드 환경에서 빠르게 만든 에이전틱 PoC, 그리고 SaaS 애플리케이션 내부에 포함된 AI가 여기에 해당한다. 현업 부서가 빠르게 구축할 수 있고 활용도도 높으며 잠재력도 크지만, 대부분 IT의 영역 바깥에서 움직이는 경우가 많다.
다른 하나는 CIO가 관리해야 하는 AI다. 이는 거버넌스가 필요하고, 비용을 관리해야 하며, 보안 기준을 충족하고, 이사회의 기대에도 부합해야 한다. 최근에는 두 AI가 서로 충돌하고 있다. AI 스타트업 라이터(Writer)의 CEO 메이 하비브는 “포춘 500대 기업 임원의 42%는 AI가 ‘회사를 분열시키고 있다’고 느낀다고 답했다”라고 언급했다.
과거 혁신 기술의 흐름을 보면 AI도 예외가 아니다. 새로운 기술은 개발자의 놀이터에서 시작해 CIO의 고민거리가 되고, 결국 중앙에서 관리되는 플랫폼이 된다. 가상화, 클라우드, 쿠버네티스가 그랬고 AI 역시 같은 길을 걷고 있다.
그동안 애플리케이션 및 사업 조직은 실제 문제를 해결하기 위해 연간 IT 프로젝트를 기다리는 대신 강력한 생성형 AI 도구를 빠르게 도입해 왔다. 이는 생성형 AI가 지금까지 제공해온 가치다. 하지만 성공은 무분별한 확산을 낳기 마련이다. 지금 기업은 여러 개의 RAG 스택, 서로 다른 모델 제공업체, SaaS 내부의 중복된 코파일럿, 공유되지 않은 가드레일 등 복잡한 문제에 직면하고 있다.
이 긴장은 2025년 기업 보고서 곳곳에서 드러나고 있다. AI의 성과는 조직별로 편차가 크고 내부 갈등은 더 심해졌다. 이제는 IT 부서가 개입해 ‘기업의 AI 운영 방식’을 정리해야 할 시점이다. 단일한 모델 접근 방식, 일관된 정책, 더 나은 경제성, 충분한 가시성을 갖춘 체계를 마련해야 한다는 의미다. 맥킨지가 “제품팀이 소비할 수 있는 플랫폼을 구축하라”라고 분석한 것도 같은 맥락이다.
AI가 기존 혁신 기술과 다른 점은 ‘문제가 터지는 지점’이다. 예컨대 클라우드 도입 초기에는 보안과 네트워크가 첫 번째 장애물이었다. 하지만 AI는 추론 단계에서 문제가 발생한다. 추론은 비즈니스 가치가 발생하고 민감한 데이터가 오가는 영역이며, 운영비 대부분을 차지하는 요인으로 꼽힌다. 맥킨지는 파일럿 프로젝트를 추가하는 대신 “가치를 실현하도록 구조를 재구축해야 한다”라고 강조했다. 이는 최근 MIT 연구 결과와도 맞닿아 있다. MIT에 따르면 기업의 생성형 AI 도입 사례 중 95%는 기존 워크플로우에 통합되지 않아 손익(P&L)에 측정 가능한 영향을 주지 못한 것으로 나타났다.
문제는 모델이 작동하지 않는 것이 아니다. 모델이 통합되고 관리되는 공통 경로 위에 놓이지 않았다는 데 있다.
플랫폼화는 거버넌스와 수익성 회복으로 가는 길
오늘날 기업이 저지르는 주요 실수는 AI 인프라를 정적인 전용 자원처럼 다루는 것이다. 대규모 및 소규모 언어 모델의 요구사항, 데이터 주권 압박, 끊임없는 비용 절감 요구는 모두 하나의 결론으로 모인다. AI가 이제 실험 수준을 넘어 기업 인프라의 필수 기능으로 자리 잡았다는 점이다. 해결책은 더 많은 하드웨어가 아니라, 책임과 통제력을 확보해 AI를 전략적 인프라 서비스로 끌어올리는 CIO 중심의 플랫폼화 전략이다. 이를 위해서는 명확한 역할 분리와, 단순 확장이 아니라 규모에 맞는 체계적 확장 방식을 도입해야 한다.
역할을 분리하고 ‘AI 손익 센터’를 구축
AI 인프라 관리의 재무적 우선순위를 높여야 한다. 이를 위해 인프라팀과 데이터 사이언스팀의 역할을 명확히 나눠야 한다. 인프라팀은 보안 확보, 분산 토폴로지 운영, 백만 토큰당 비용 절감 등 플랫폼 운영에 전념하고, 데이터 사이언스팀은 비즈니스 가치 창출과 모델 정확도 향상에 집중하는 구조가 필요하다.
필자가 ‘AI 손익 센터’라고 부르는 프레임워크는 인프라 선택이 곧 비용과 수익에 직접 영향을 주는 재무적 결정이 되도록 하고, 동시에 규제 준수를 보장하는 체계를 제공한다. 최근 여러 연구에서도 측정 가능한 AI 가치를 얻기 위해 CIO가 강력한 AI 거버넌스와 비용 통제 프레임워크를 구축해야 한다는 요구가 점차 커지고 있음이 확인됐다.
단순 확장을 넘어 체계적 확장으로
기술 전략은 단순히 규모를 늘리는 방식이 아니라, 경제적 기준에 따라 모델을 지속적으로 모니터링하고 분석하며 최적화하고 배포하는 ‘스마트 확장(scale-smart)’ 철학을 구현해야 한다. 이는 모델이 요구하는 성능과 인프라가 제공할 수 있는 역량을 정밀하게 맞추는 지능형 운영 체계를 의미한다. 이러한 운영 방식으로의 전환이 중요한 이유는, 최근 AI 혁신의 핵심으로 꼽히는 2가지 기술을 도입하려면 자원을 효율적으로 배분하고 활용할 수 있는 체계가 필수이기 때문이다.
소규모 언어 모델(SLM): 기업 전용 데이터로 정교하게 조정된 SLM은 범용 대규모 모델보다 특정 기업 업무에서 훨씬 높은 정확도와 문맥 적합성을 제공한다. 모델이 작기 때문에 비용이 절감될 뿐 아니라, 높은 정밀도로 오류를 줄여 추가 비용을 방지할 수 있다. 일부 연구에서도 SLM을 도입한 기업이 범용 모델을 사용한 기업보다 더 나은 정확도와 빠른 ROI를 창출한 것으로 나타났다. 가트너는 2027년까지 기업이 업무 특화 SLM을 범용 LLM보다 3배 더 많이 활용할 것으로 내다봤다.
에이전틱 워크플로우: 차세대 애플리케이션은 단일 사용자 요청이 여러 모델로 연쇄적으로 전달되는 에이전틱 AI를 기반으로 한다. 다중 모델에 기반한 프로세스를 운영하려면, 키 값(KV) 캐시 위치 기반 라우팅, 자동 프리필/디코딩 분리, 플래시 어텐션, 양자화, 추측 디코딩, 이기종 GPU 및 CPU 간 모델 샤딩 등 복잡한 최적화를 자동으로 수행할 수 있는 지능형 플랫폼이 필요하다. 요약하면, 이런 기술은 복잡한 AI 작업의 지연과 비용을 크게 줄여주는 핵심 요소다.
SLM이든 에이전틱 워크플로든, 또는 어느 모델이든 추론이 실행되는 순간 비용 효율성을 확보하려면 모든 요청이 비용 정책에 따라 자동으로 최적 경로로 라우팅되고, 하드웨어 특성에 맞춰 지속적으로 실행 방식이 조정돼야 한다. 이런 구조로 최적화될 때만 백만 토큰당 비용을 두 자릿수 수준으로 낮출 수 있다. 이를 가능하게 하는 유일한 기반은 기업 전반의 추론을 일관되게 운영할 수 있는 중앙 통합 플랫폼이다.
기존 AI 추론의 비효율 해결
기존 엔터프라이즈 인프라를 운영하던 방식, 즉 필자가 ‘단순 확장’이라고 부르는 접근은 지속적인 AI 추론 환경에서는 제대로 작동하지 않는다. 이 방식은 오늘날 CIO가 필요로 하는 추론 플랫폼 구축에도 활용되기 어렵다. 그동안 기업은 전용 대규모 클러스터를 미리 과다하게 확보하고, 최신 GPU를 도입하며, 고비용 학습 환경을 추론 단계에서도 그대로 활용해 왔다.
그러나 이는 최소 2가지 이유에서 근본적으로 비효율적이다.
추론 작업은 부하 변동이 매우 크고 유휴 시간이 길다. 장시간 실행되는 훈련과 달리, 추론 요청은 갑작스럽게 몰리기도 하고 예측하기 어려우며, 그 사이에 공백이 길게 발생한다. 이런 간헐적 요청을 처리하기 위해 대규모 클러스터를 유지한다면 결국 막대한 용량을 놀리는 셈이 되고, 활용률은 떨어지며 재무 부서는 이에 대해 의문을 제기하게 된다. 지금 중요한 비용 지표는 이론적 처리량이 아니라 백만 토큰당 실제 비용이다. 가트너 조사에서도 생성형 AI의 예측하기 어려운 비용 급증을 관리하는 것이 CIO의 최우선 과제 중 하나로 꼽혔다. 최적화의 목표는 이론적 성능이 아니라 경제성이다.
또한 AI 추론은 태생적으로 하이브리드 배포 환경을 전제로 한다. 추론을 중앙 집중식의 단일하고 균질한 환경에서만 처리하기는 사실상 불가능하다. 금융, 의료처럼 규제가 강한 산업이나, 내부 고유 데이터를 기반으로 운영되는 업무에서는 데이터가 보안 경계를 벗어나선 안 된다. 따라서 추론은 온프레미스, 엣지, 또는 보안이 보장된 콜로케이션 등 다양한 환경에서 수행돼야 한다. 중요한 워크로드를 일반적인 클라우드 API 엔드포인트로 밀어넣는 방식은 이러한 규제 및 보안 요건을 충족하기 어려워, 기업은 자연스럽게 하이브리드 및 엣지 아키텍처로 이동하고 있다. 여기에 더해 하드웨어 역시 CPU, GPU, DPU 등 다양한 프로세서가 혼재된 이기종 환경이기 때문에 플랫폼은 이를 모두 매끄럽게 관리할 수 있어야 한다.
CIO의 필수 과제는 ‘AI 추론 플랫폼의 완성’
통합 플랫폼의 목적은 하나의 모델로 강제 통일하는 것이 아니다. 기업이 요구하는 보안과 비용 관리 기준을 충족하면서 훨씬 다양한 모델, 에이전트, 애플리케이션을 활용할 수 있도록 하는 거버넌스 계층을 마련하는 데 있다.
‘단순 확장’에서 ‘스마트 확장’으로의 전환은 기술 리더에게 주어진 핵심 과제다. AI의 미래 가치는 훈련한 모델이 아니라, 추론 운영을 통해 얼마나 안정적인 마진을 확보하는가에 달려있다.
모든 기술 리더는 AI 손익 센터의 플랫폼 소유자이자 재무 설계자로서 역할을 수행해야 한다. 이 구조적 변화가 이루어져야만 데이터 사이언스팀이 보안·규제 준수·비용이 최적화된 기반 위에서 기존 속도를 유지하며 혁신을 이어갈 수 있다.
플랫폼을 정착시키고 스마트 확장 전략을 도입하면, AI 비용이 걷잡을 수 없이 증가하는 상황에서 벗어나 지속 가능한 수익 기반 경쟁력을 확보할 수 있다. 남은 선택지는 분명하다. 분산된 AI 환경의 비용과 혼란을 계속해서 수동적으로 관리할 것인지, 아니면 추론을 수익 창출 기반으로 전환하는 AI 손익 센터를 구축해 장기적 경쟁우위를 확보할 것인가다. dl-ciokorea@foundryco.com
통합 AI 플랫폼(The Universal AI Platform™) 업체 데이터이쿠(Dataiku)와 삼성중공업이 조선·해양 산업의 혁신을 촉진하기 위해 공동으로 개최한 ‘2025 AI 해커톤’을 성공적으로 마무리했다고 발표했다.
이번 행사는 12월 4일부터 5일까지 경상남도 거제시 삼성중공업에서 열렸으며, 조선·해양 산업에 AI를 적용할 실질적인 아이디어를 발굴하고 참가자들의 실무 AI 역량을 강화하는 데 초점을 맞췄다.
데이터이쿠는 참가자들이 직접 AI 모델을 개발하고 시험해 볼 수 있도록 교육, 코칭, 플랫폼 환경 세팅 지원, 심사 등 전반적인 지원을 제공하며 핵심 역할을 수행했다. 데이터이쿠는 AI 기술과 삼성중공업의 현장 경험이 결합된 의미 있는 자리였다고 평가했다.
그동안 삼성중공업은 다양한 글로벌 데이터 및 AI 플랫폼 도입을 검토해왔으며, 이번 해커톤에서 데이터이쿠 파일럿 프로그램을 주요 구성 요소로 활용했다. 이번 행사에는 20여 개 팀이 참가해 실제 현장에서 요구되는 문제를 해결하기 위한 아이디어를 제시했으며, 데이터 분석과 머신러닝 기술뿐만 아니라 LLM 활용 구현까지 다양한 과제가 진행됐다.
데이터이쿠는 기업이 AI를 도입하여 실질적인 성과를 얻을 수 있도록 ‘AI 성공례를 신속히 구축하고 현업에 적용할 수 있도록 한다’라는 운영원칙을 고수하고 있으며, 이런 사례를 발판으로 앞으로도 다양한 산업 분야에서 기업의 전사적 디지털·AI 혁신을 지원할 계획이라고 밝혔다.
데이터이쿠 김종덕 한국 지사장은 “AI는 개념 단계에서 통제 가능한 반복적 생산 단계로 나아갈 때 비로소 가치를 갖게 되는데 이번 해커톤 참가자들이 이를 보여줬다”라며, “참가자들은 도메인 전문성과 엔터프라이즈급 AI 기반이 결합될 때 아이디어가 실제 임팩트로 빠르게 전환될 수 있음을 입증했다”라고 평가했다.
이어 “이번 삼성중공업과의 협업은 국내 주요 기업이 AI 시대에 어떻게 경쟁해 나갈지를 미리 보여준 사례로, 속도·신뢰·거버넌스·현장 실행력이 토대가 되어야 한다”라고 덧붙였다.
데이터이쿠는 앞으로도 삼성중공업이 기업 활동 전반에서 AI 활용을 더욱 확대할 수 있도록 지속적으로 지원할 계획이다. dl-ciokorea@foundryco.com
미국 정부가 25%의 수출세를 부과하는 조건으로 엔비디아의 H200 AI 칩의 중국 수출을 허용하기로 했다. 이번 정책 변화가 세계 최대 AI 시장 중 하나인 중국으로 글로벌 수요를 일부 재편시키고, 이미 부족한 GPU 재고 확보 경쟁을 더욱 심화시킬 수 있다는 전망이 나오고 있다.
이번 조치로 2026년 인프라 업그레이드를 계획 중인 기업은 H200 공급이 다시 부족해질 경우 가격 인상이나 리드타임 확대에 대비해야 하는지 고민해야 하는 상황이 됐다.
도널드 트럼프 미국 대통령은 소셜미디어 ‘트루스 소셜(Truth Social)’ 게시글에서 “우리는 국가안보를 지키고, 미국 내 일자리를 창출하며, AI 분야에서 미국의 우위를 유지할 것”이라고 밝혔다.
다만 트럼프는 엔비디아의 최고 성능 칩 수출은 허용하지 않았다. 그는 “엔비디아의 미국 고객은 이미 놀라울 정도로 발전된 블랙웰(Blackwell) 칩과 곧 출시될 루빈(Rubin)으로 나아가고 있으며, 이들 제품은 수출 허용 조치에 포함되지 않는다”라고 설명했다.
또한 트럼프는 H200 승인 물량이나 수출 심사 방식에 대해 구체적으로 언급하지 않았다. 중국 수출이 일부 재개될 경우 미국과 유럽의 물량 확보가 다시 어려워질지에 대해서는 분석가들이 상황을 면밀히 지켜보는 분위기다.
트럼프는 미국 상무부가 세부 절차를 마무리 중이라며 “AMD, 인텔을 포함한 다른 미국 기업에도 동일한 기준이 적용될 것”이라고 전했다.
수요 재편 가능성은?
중국 기업이 실제로 얼마나 수요를 창출할지는 여전히 불확실하다. 정부가 최근 자국 기술 기업의 미국 칩 의존도를 낮추도록 유도하고 있기 때문이다.
포레스터(Forrester) 부사장이자 수석 애널리스트인 찰리 다이는 “중국이 다시 H200을 확보할 수 있게 되더라도 글로벌 공급에 미치는 영향은 크지 않을 것”이라면서, “중국이 현재 자국 AI 칩을 우선시하고 있으며, H200은 성능과 시장 매력도 측면에서 엔비디아의 블랙웰급 시스템보다 한 단계 아래에 있다”라고 분석했다.
다이는 “일부 물량 조달 압박이 생길 수는 있지만, 중국 외 국가의 기업 대부분은 당분간 가격이나 리드타임 측면에서 큰 변동을 겪지 않을 것”이라고 덧붙였다.
카운터포인트리서치(Counterpoint Research) 부사장이자 파트너인 닐 샤도 중국 AI 생태계의 구조적 변화가 진행되고 있어 단기적인 수요 급증 가능성은 낮다고 진단했다.
샤는 “중국 AI 생태계는 반도체부터 소프트웨어 스택까지 빠르게 미국을 따라잡고 있으며, 모델 역시 실리콘과 소프트웨어에 최적화되고 있다”라며, 중국 기업이 미국산 AI 서버 도입을 거듭 고민할 가능성이 있다고 분석했다.
한편 일부 전문가는 고성능 가속기 공급이 여전히 부족한 가운데 데이터센터 구축도 늘고 있어, 중국의 일부 수요만으로도 글로벌 물량 조달이 더 빠듯해질 수 있다고 경고했다.
테크인사이츠(TechInsights) 반도체 부문 애널리스트 마니시 라와트는 “중국 기업이 H200을 구매할 수 있게 되면 글로벌 공급 구조가 빠르게 긴장될 것”이라고 말했다. 그는 “중국은 지금까지 최대 규모의 가속기 수요 시장이었고, 오랜 제한 이후 중국 클라우드 업체가 공격적이고 선제적인 주문을 넣을 가능성이 크다. 이는 단기 공급 증가 없이 수요만 급증시키는 구조를 만들고, 향후 2~3개 분기 동안 공급 부족을 심화시킬 것”이라고 분석했다.
라와트는 이런 변화가 엔비디아의 물량 배분 우선순위에도 영향을 미칠 것이라고 분석했다. 엔비디아는 전통적으로 주요 클라우드 업체와 전략 시장을 우선하는데, 중국이 다시 구매하기 시작하면 미국·유럽·중동의 클라우드 업체가 제한된 H200 물량을 두고 더욱 직접적으로 경쟁하게 될 수 있다는 것이다.
라와트는 “기업 고객은 원래도 우선순위가 가장 낮기 때문에 더 긴 리드타임, 지연된 배송 일정, 약해진 가격 협상력을 감수해야 하는 상황이 올 것”이라고 말했다.
조달 리스크에 대비한 전략 필요
2026년 인프라 교체 주기를 앞두고 기업은 공급 측면의 불확실성을 일정 부분 감안해야 하지만, 전문가들은 과도한 대응을 피해야 한다고 조언한다.
다이는 공급처를 다각화하고 벤더와 일찍 협의하는 것이 바람직하다면서도, 물량 비축이나 고가 선주문처럼 극단적인 조치를 취할 필요는 없다고 말했다. 그는 “리드타임이 소폭 늘어날 수는 있지만 전체적인 조달 상황은 H200의 안정적 공급을 전제로 판단해도 될 것”이라고 설명했다.
그러나 일부 전문가는 중국의 수요가 다시 증가할 경우 기업이 이를 조달 계획에 반드시 반영해야 한다고 경고했다.
라와트는 중국이 구매에 참여하게 되면 클라우드 업체 간 경쟁과 제한된 HBM·패키징 생산능력 때문에 H200 리드타임이 6~9개월까지 늘어날 수 있다고 전망했다. 그는 기업이 2026년 배정 물량을 미리 확보하고, 가격과 납기 조건이 포함된 프레임워크 계약을 체결하는 것이 안전하다고 조언했다.
라와트는 “엔비디아가 주요 클라우드 업체를 우선하면 기업 배정 물량은 줄어들 수 있다. 통합업체가 프리미엄을 붙이거나 서로 다른 세대의 GPU를 혼합해 공급할 가능성도 있다”라고 말했다. 따라서 기업이 다세대 배포 전략을 마련하고, 대체 가능한 SKU도 준비해 둬야 한다고 설명했다.
그는 또 심각한 공급 부족이 아니더라도 고가 체제가 상당 기간 지속될 가능성이 높다고 분석하면서, “기업은 다년 계약으로 가격을 고정하고, 비용 대비 성능을 고려해 대체 아키텍처도 검토해야 한다”라고 말했다. dl-ciokorea@foundryco.com
AI 기술 교체가 잦아지면서 기업이 진화하는 AI 역량과 끊임없이 바뀌는 AI 전략에 대응하기 위해 AI 인프라를 계속 다시 구축하는 상황이 심각한 문제로 떠오르고 있다.
AI 데이터 품질 전문업체 클린랩(Cleanlab)의 조사에 따르면, 규제 산업에 속한 기업의 70%와 일반 기업의 41%가 3개월마다 최소 한 부분의 AI 스택을 교체하고, 규제·비규제 기업 모두의 또 다른 25%는 6개월 주기로 스택을 업데이트하고 있다.
클린랩 CEO 커티스 노스컷은 “소프트웨어 엔지니어링 책임자 1,800명 이상을 대상으로 한 이번 설문 결과는 조직이 빠르게 변하는 AI 환경을 따라가고 AI 에이전트를 실제 운영 환경에 배치하는 데 여전히 큰 어려움을 겪고 있음을 보여준다”라고 설명했다.
응답자 가운데 AI 에이전트를 이미 운영 환경에 배치했거나 조만간 배치할 계획이라고 밝힌 비율은 5%에 불과하다. 클린랩은 설문에 참여한 엔지니어가 제시한 기술적 난제 관련 답변을 토대로, 파일럿 단계를 넘어 AI 에이전트를 실제로 도입한 기업 비율을 1% 수준으로 추정했다.
노스컷은 “엔터프라이즈용 AI 에이전트는 아직 제대로 구현되지 않았으며, 시장에서 떠드는 수준에는 전혀 미치지 못한다”라며, “기업용 AI 에이전트 구성 요소를 팔기 위해 나섰다가 실패한 스타트업이 수백 개에 이른다”라고 덧붙였다.
너무 빠른 진화의 속도
클린랩의 노스컷은 “아직 본격적인 운영 단계에 이르지 않았는데도 그렇게 많은 조직이 몇 달마다 에이전트 기술 스택 구성 요소를 다시 짜고 있다는 사실은 AI 환경 변화 속도가 얼마나 빠른지를 보여줄 뿐 아니라, 에이전트 결과에 대한 신뢰가 부족하다는 의미이기도 하다”라고 주장했다.
에이전트 기술 스택 변경 범위에 대해서도 “기반 AI 모델의 버전을 업데이트하는 단순한 작업부터 폐쇄형 모델에서 오픈소스 모델로 옮기거나 에이전트 데이터 저장소인 데이터베이스를 바꾸는 것까지 다양하다”라고 설명했다. 또한, “많은 경우 스택의 한 구성 요소만 교체해도 이후 단계 전반에서 연쇄적인 변경이 뒤따른다”라고 덧붙였다.
최악의 시나리오도 소개했다. 직접 서버를 구축해 오픈소스 모델을 돌리기 시작하면 전체 인프라가 달라지고, 이전에는 신경 쓰지 않았던 온갖 문제를 감당해야 한다. 결국 ‘생각했던 것보다 상황이 더 나빠졌다’라는 판단을 내리게 될 수도 있다. 그래서 다른 모델로 되돌아갔다가 이번에는 클라우드로 옮기면, 해당 클라우드 API가 오픈AI API와 전혀 다른 방식으로 동작해 호환되지 않는다는 문제에 부딪힌다.
음성 기반 AI 서비스 업체 코즈모 AI(Cozmo AI)의 CTO 누하 하셈은 에이전트 기술 스택의 잦은 변경 패턴을 목격했다며, 클린랩 조사 결과가 규제 환경 전반에서 코즈모 AI가 확인한 잦은 교체 양상과 일치한다고 밝혔다.
하셈은 “초기 구축이 시험 환경과 운영 환경에서 전혀 다른 방식으로 동작하는 땜질식 구조인 경우가 많아, 많은 기업이 분기마다 스택 일부를 교체한다. 라이브러리나 라우팅 규칙을 조금만 바꿔도 에이전트의 업무 처리 방식이 달라지면서 다시 한 번 재구축을 할 수밖에 없다”라고 설명했다.
AI 진화 속도 자체가 잦은 재구축을 부추기기도 하지만, 문제의 상당 부분은 AI 모델을 조정하는 방식에서도 비롯된다는 지적이다. 하셈은 “더 근본적인 문제는 많은 에이전트 시스템이 명확한 규칙이 아니라 모델 내부에 숨어 있는 행동 패턴에 의존한다는 점이다”라며, “모델이 업데이트되면 이런 행동이 서서히 달라진다. 에이전트가 따라야 할 단계와 점검 절차를 명확하게 정의해 두면, 기술 스택이 계속 깨지지 않고도 진화할 수 있다”라고 덧붙였다.
낮은 신뢰 수준
또 다른 문제는 현재 사용 중인 AI 스택 구성 요소에 대한 만족도가 낮다는 점이다. 클린랩 설문은 에이전트 오케스트레이션, 빠른 추론, 관측 가능성 등 여러 에이전트 인프라 구성 요소에 대한 사용자 경험을 물었다. 응답자의 약 1/3만이 제시된 5개 구성 요소 가운데 어느 하나라도 만족한다고 답했으며, 약 40%는 각 구성 요소마다 대안을 찾고 있다고 밝혔다. 에이전트 보안과 가드레일에 만족한다고 답한 비율은 28%에 그쳐, 에이전트 결과에 대한 신뢰가 낮다는 점을 보여준다.
클린랩 설문이 현재 AI 에이전트 상황을 비관적으로 묘사한 것처럼 보일 수 있지만, 여러 AI 전문가는 조사 결론이 현실을 비교적 정확하게 반영하고 있다고 평가했다. AI 기반 고객경험 솔루션 업체 라이블리(Laivly)의 CEO 제프 페츠는 많은 기업이 몇 달마다 에이전트 스택 일부를 다시 구축한다는 사실이 전혀 놀랍지 않다며, 비슷한 현상을 직접 목격하고 있다고 전했다.
제프 페츠는 “AI 활용 측면에서 더 성공적인 조직을 가르는 요인은 반복적으로 개선하는 역량이다. 많은 기업이 여전히 과거 방식을 놓지 못한 채, AI 기술이 얼마나 빠르게 진화하는지 따라가기 위해 애쓰는 모습이 설문에 그대로 드러난다”라고 지적했다.
페츠는 “다른 주요 IT 플랫폼의 경우 CIO는 긴 평가와 도입 과정을 거치지만, AI 발전 속도가 워낙 빨라 이런 일정이 무너졌다”라고 설명했다. 또한 “과거에는 IT 부서가 장기 계획을 세운 뒤 기술 스택을 한 번 대대적으로 바꾸면 상당 기간 그대로 사용할 수 있었다. 하지만 지금은 계획을 절반 정도, 아니 그보다 조금만 진행해도 기술이 이미 너무 앞서 나가 처음부터 다시 시작해야 하는 상황에 직면한다”라고 덧붙였다.
기술이 진화하는 속도를 따라가지 못해 AI 파일럿 프로젝트를 중단하는 기업도 생겨나고 있다. 제프 페츠는 “이로 인해 많은 기업이 기존 활용 사례를 포기해야 하는 상황이 벌어지고 있다. 우리 스스로도 매우 짧은 시간 안에 자사 기술을 구식으로 만들고 있다는 사실을 잘 알고 있다”라고 말했다.
빠르게 진화하는 기술뿐 아니라 선택지가 지나치게 많은 AI 시장 구조도 CIO가 따라가기 어렵게 만드는 요인으로 지목된다. 페츠는 “이 분야로 밀려 들어온 신규 업체가 수백 개를 훌쩍 넘는다. 제대로 작동하지 않는 제품도 매우 많아, 무엇을 선택해야 할지 판단하기가 어려울 때가 많다”라고 덧붙였다.
제자리걸음의 위험
앱 개발사 탭포스(Tapforce)의 CTO 아르투르 발라반스키도 끊임없는 기술 진화 때문에 여러 기업이 몇 달마다 AI 스택을 다시 구축하는 모습을 확인하고 있다고 말했다. 발라반스키는 “지금 잘 돌아가는 것이 시간이 지나면 최선이 아닐 수 있다. 조직이 적극적으로 최신 기술을 따라가며 스택을 갱신하지 않으면 성능, 보안, 신뢰성 면에서 뒤처질 위험이 있다”라고 경고했다.
그러나 빈번한 재구축이 반드시 혼란으로 이어지는 것은 아니다. 발라반스키는 CIO가 에이전트 스택에 대해 강력한 버전 관리와 지속적인 모니터링, 모듈형 배포 방식을 결합한 계층적 접근 방식을 취해야 한다고 조언했다.
발라반스키는 “모듈형 아키텍처를 도입하면 필요할 때 전체 스택을 흔들지 않고도 개별 구성 요소를 교체할 수 있다”라고 말했다. 또 “기술이 계속 진화하는 상황에서도 운영 시스템의 신뢰성을 유지하려면 가드레일과 자동화된 테스트, 옵저버빌리티가 모두 필수 요소다”라고 강조했다.
클린랩의 커티스 노스컷은 IT 리더가 AI 에이전트를 배포하기 전에 에이전트가 수행해야 할 작업과 선행 조건을 상세히 정의하는 등 엄격한 절차를 거쳐야 한다고 조언했다. 노스컷은 “많은 사람이 ‘AI로 고객 지원을 해 보자’라고 말하는데, 이는 너무 포괄적인 수준의 목표에 불과하다”라고 지적했다.
노스컷은 “가장 먼저 해야 할 일은 ‘AI가 어디서부터 개입하는지, 기대하는 성능 수준은 무엇인지, 무엇을 달성해야 좋은 결과로 볼 것인지, 실제로 어떤 도구를 사용할 것인지’를 매우 구체적으로 정의하는 것이다”라고 강조했다.
설문 결과를 보면, AI 에이전트의 광범위한 도입까지는 많은 시간이 걸릴 것으로 보인다. 노스컷은 현재 1% 수준인 운영 단계 AI 에이전트 도입 비율이 2027년에는 3~4% 수준으로, 2030년에는 ‘진짜’ 에이전트를 운영 환경에 도입한 기업 비율이 30% 수준으로 높아질 것으로 내다봤다. 또한, AI 에이전트가 결국 큰 혜택을 가져오겠지만, 당분간은 AI를 지나치게 홍보하는 업계 인사가 과장된 수사를 자제해야 한다고 경고했다.
노스컷은 “이제 AI를 활용해 업무 효율을 높일 수 있는 단계에 왔고, 엔터프라이즈 AI가 모든 것을 자동화하고 모든 제품에 에이전트가 들어가는 세상도 머지않아 다가올 것이다. 다만 지금은 한 발 물러서서 냉정하게 합리적인 기대치를 세운다면, 이렇게 쏟아붓는 투자 자금이 실제 성과로 이어질 수 있을 것이다”라고 덧붙였다. dl-ciokorea@foundryco.com
이번 행사는 ‘AI 금융 시대, 신뢰와 혁신을 말하다’라는 주제로, 빠르게 변화하는 금융 산업 환경 속에서 데이터 신뢰성, 운영 자동화, 보안 강화, 고객 경험 혁신 등 금융기관이 직면한 핵심 과제에 대한 해법을 제시하기 위해 마련됐다. 오픈텍스트는 자사의 기술과 실제 적용 사례를 중심으로, 금융권의 디지털 전환 여정을 가속화할 수 있는 다양한 방안을 공유했다.
오픈텍스트 코리아 정대천 지사장은 환영사를 통해, 금융권의 AI 및 데이터 전략 수립이 경쟁력을 좌우하는 환경 속에서 오픈텍스트가 신뢰 기반 솔루션을 지속적으로 제공하겠다는 의지를 밝혔다. 이어 장인석 상무가 AI와 자동화를 활용한 금융권 IT 운영 관리 전략을 소개하며 효율성 증대와 리스크 감소 방안을 제시했다.
오픈텍스트코리아
최경철 이사는 애플리케이션 시큐리티(Application Security(Fortify)) 기반 자동 분류 기술을 활용해 보안 분석 과정에서 반복적으로 발생하는 거짓 경보를 줄이는 방안을 설명했다. 신경환 이사는 머신러닝 적용을 위해 필수적인 양질의 데이터 확보와 IT 인프라 구성정보 자동 수집 기술을 소개하며 최신 운영 인텔리전스 전략을 제시했다.
오상현 이사는 금융 IT 안정성 강화를 위한 시스템 성능관리 및 테스트 자동화 솔루션을 설명했으며, 조재원 전문위원은 신뢰 가능한 데이터 기반의 AI 금융 전략을 주제로 금융기관이 고객 경험과 기업 가치를 높일 수 있는 실제적 접근 방법을 발표했다.
이번 발표에서 오픈텍스트는 금융권 특유의 복잡한 시스템 환경과 규제 요구에 대응하는 동시에, AI·자동화·보안·성능관리 등 다양한 영역을 아우르는 기술 로드맵을 제시했다고 밝혔다. 더불어 금융기관이 디지털 전환 과정에서 마주하는 데이터 품질, 보안 리스크, 운영 비용 증가 등의 문제를 해결할 수 있는 실질적 방향성을 확인하는 계기가 됐다고 설명했다.
오픈텍스트는 앞으로도 금융권을 비롯한 국내 주요 산업을 대상으로 신뢰와 혁신을 기반으로 한 정보관리·보안·AI 솔루션 제공을 확대해 나갈 계획이라고 밝혔다. dl-ciokorea@foundryco.com
Over the past decade, the enterprise tech stack has expanded dramatically — with hundreds of workplace apps, including numerous overlapping collaboration and productivity tools used across teams. But what began as digital empowerment has evolved into fragmentation — with disconnected systems, duplicate workflows, inconsistent data, and rising governance and security risks.
It couldn’t come at a worse time: 93% of executives say cross-functional collaboration is more crucial than ever.1 Yet, employees struggle to collaborate across tools — constantly chasing context, toggling between apps, and recreating work — while IT teams face mounting integration, licensing, and security burdens that slow transformation and increase costs.
The result is a silent productivity tax: reduced visibility, fragmented decision-making, and slower execution across the business that ultimately undermines performance. For CIOs, the next competitive edge isn’t adopting more tools — it’s creating operational excellence by uniting departments on a secure, extensible, standardized digital workplace foundation.
Standardization: the new lever for operational excellence
To reclaim control over costs, risks, and velocity, leading CIOs are bringing teams across the organization together on a unified, extensible collaboration stack that has the flexibility to be tailored to each team’s requirements. A consolidated platform unifies teams, systems, and strategy — giving IT visibility and control while empowering business units to execute more effectively and adapt quickly. With one governed foundation, IT reduces redundancy, strengthens security, and improves the employee experience.
The payoff is operational excellence, simplified governance, and more time for IT to focus on innovation rather than maintenance. CIOs gain unified visibility into system governance while delivering a more consistent, reliable user experience across the enterprise.
Driving workplace productivity and business outcomes
On a standardized digital workplace foundation, all team workflows stay connected to enterprise goals. Leaders across the organization gain end-to-end visibility into progress, dependencies, and outcomes — turning work data into actionable intelligence, operational improvements, and velocity. That enterprise-wide visibility accelerates execution, resulting in faster decision cycles, stronger alignment, and measurable improvements in workplace productivity and customer experience.
This organization-wide transformation is made possible by IT. IT moves from maintaining systems to orchestrating outcomes, becoming the bridge between business goals and the technology that powers them.
The foundation for an AI-ready enterprise
AI is quickly becoming embedded into every type of workflow. But AI can only be as effective as the systems and data it draws from. Disconnected and inconsistent information leads to inaccurate results, failed automations, and stalled value.
CIOs who standardize their collaboration ecosystem today can scale AI safely, consistently, and with confidence. Standardization creates the structured, governed data fabric AI depends on, enabling responsible innovation and future-ready operations. It provides the consistent taxonomies, permissions, and workflows that make safe and effective AI deployment possible.
When AI tools and agents have access to consistent, accurate, context-rich data across teams, they can create meaningful insights and outputs that create real business value.
Secure, governed, and future-proof
A unified digital workplace strengthens security and governance across every team. With consistent access controls and audit trails, CIOs can enforce compliance, reduce risk, and adapt to new regulations or technologies with confidence.
Future-proofing isn’t about predicting change — it’s about building a secure, adaptable foundation that can evolve with it. It doesn’t just strengthen today’s defenses but creates a governed foundation adaptable to tomorrow’s technologies and regulations.
Atlassian: A unified base for collaboration
By unifying collaboration and execution on one platform, CIOs empower teams, enable AI success, and secure the enterprise for future innovations.
With Atlassian’s Teamwork Collection, organizations can standardize on a single extensible platform connecting teams, goals, work, communication, and knowledge through AI-powered workflows. The result: a simplified, streamlined, secure collaboration ecosystem that empowers every team and positions IT to lead the modern, AI-ready enterprise.
Salesforce (NYSE:CRM) is a vendor of cloud-based software and applications for sales, customer service, marketing automation, ecommerce, analytics, and application development. Based in San Francisco, Calif., its services include Sales Cloud, Service Cloud, Marketing Cloud, Commerce Cloud, and Salesforce Platform. Its subsidiaries include Tableau Software, Slack Technologies, and MuleSoft, among others.
The company is undergoing a pivot to agentic AI, increasingly focused on blending generative AI with a range of other capabilities to offer customers the ability to develop autonomous decision-making agents for their service and sales workflows. Salesforce has a market cap of $293 billion, making it the world’s 36th most valuable company by market cap.
Salesforce news and analysis
Salesforce’s Agentforce 360 gets an enterprise data backbone with Informatica’s metadata and lineage engine
December 9, 2025: While studies suggest that a high number of AI projects fail, many experts argue that it’s not the model’s fault, it’s the data behind it. Salesforce aims to tackle this problem with the integration of its newest acquisition, Informatica.
Salesforce unveils observability tools to manage and optimize AI agents
Salesforce unveils simulation environment for training AI agents
November 14, 2025: Salesforce AI Research today unveiled a new simulation environment for training voice and text agents for the enterprise. Dubbed eVerse, the environment leverages synthetic data generation, stress testing, and reinforcement learning to optimize agents.
Salesforce to acquire Doti to boost AI-based enterprise search via Slack
November 14, 2025: Salesforce wii acquire Israeli startup, Doti, aiming to enhance AI-based enterprise search capabilities offered via Slack. The demand for efficient data retrieval and interpretation has been growing within enterprises, driven by the need to streamline workflows and increase productivity.
Salesforce’s glaring Dreamforce omission: Vital security lessons from Salesloft Drift
October 22, 2025: Salesforce’s Dreamforce conference offered a range of sessions on best practices for securing their Salesforce environments and AI agents, but what it didn’t address were weaknesses exposed by the recent spate of Salesforce-related breaches.
Salesforce updates its agentic AI pitch with Agentforce 360
October 13, 2025: Salesforce has announced a new release of Agentforce that, it said, “gives teams the fastest path from AI prototypes to production-scale agents” — although with many of the new release’s features still to come, or yet to enter pilot phases or beta testing, some parts of that path will be much slower than others.
Salesforce brings agentic AI to IT service management
October 9, 2025: Salesforce is bringing agentic AI to IT service management (ITSM). The CRM giant is taking aim at competitors like ServiceNow with Agentforce IT Service, a new IT support suite that leverages autonomous agents to resolve incidents and service requests.
Salesforce Trusted AI Foundation seeks to power the agentic enterprise
October 2, 2025: As Salesforce pushes further into agentic AI, its aim is to evolve Salesforce Platform from an application for building AI to a foundational operating system for enterprise AI ecosystems. The CRM giant took a step toward that vision today, announcing innovations across the Salesforce Platform, Data Cloud, MuleSoft, and Tableau.
Salesforce AI Research unveils new tools for AI agents
August 27, 2025: Salesforce AI Research announced three advancements designed to help customers transition to agentic AI: a simulated enterprise environment framework for testing and training agents, a benchmarking tool to measure the effectiveness of agents, and a data cloud capability for autonomously consolidating and unifying duplicated data.
Attackers steal data from Salesforce instances via compromised AI live chat tool
August 26, 2025: A threat actor managed to obtain Salesforce OAuth tokens from a third-party integration called Salesloft Drift and used the tokens to download large volumes of data from impacted Salesforce instances. One of the attacker’s goals was to find and extract additional credentials stored in Salesforce records that could expand their access.
Salesforce acquires Regrello to boost automation in Agentforce
August 19, 2025: Salesforce is buying Regrello to enhance Agentforce, its suite of tools for building autonomous AI agents for sales, service, and marketing. San Francisco-based startup Regrello specializes in turning data into agentic workflows, primarily for automating supply-chain business processes.
Salesforce adds new billing options to Agentforce
August 19, 2025: In a move that aims to improve accessibility for agentic AI, Salesforce announced new payment options for Agentforce, its autonomous AI agent suite.The new options, built on the flexible pricing the company introduced in May, allow customers to use Flex Credits to pay for the actions agents take.
Salesforce to acquire Waii to enhance SQL analytics in Agentforce
August 11, 2025: Salesforce has signed a definitive agreement to acquire San Francisco-based startup Waii for an undisclosed sum to enhance SQL analytics within Agentforce, its suite of tools aimed at helping enterprises build autonomous AI agents for sales, service, marketing, and commerce use cases.
Could Agentforce 3’s MCP integration push Salesforce ahead in the CRM AI race?
June 25, 2025: “[Salesforce’s] implementation of MCP is one of the most ambitious interoperability moves we have seen from a CRM vendor or any vendor. It positions Agentforce as a central nervous system for multi-agent orchestration, not just within Salesforce but across the enterprise,” said Dion Hinchcliffe, lead of the CIO practice at The Futurum Group. But it introduces new considerations around security.
Salesforce Agentforce 3 promises new ways to monitor and manage AI agents
June 24, 2025: This is the fourth version of Salesforce Agentforce since its debut in September last year, with the newest, Agentforce 3, succeeding the previous ‘2dx’ release. A new feature of the latest version is Agentforce Studio, which is also available as a separate application within Salesforce.
Salesforce supercharges Agentforce with embedded AI, multimodal support, and industry-specific agents
Jun 18, 2025: Salesforce is updating Agentforce with new AI features and expanding it across every facet of its ecosystem with the hope that enterprises will see the no-code platform as ready for tackling real-world digital execution, shaking its image of being a module for pilot projects.
CIOs brace for rising costs as Salesforce adds 6% to core clouds, bundles AI into premium plans
Jun 18, 2025: Salesforce is rolling out sweeping changes to its pricing and product packaging, including a 6% increase for Enterprise and Unlimited Editions of Sales Cloud, Service Cloud, Field Service, and select Industries Clouds, effective August 1.
Salesforce study warns against rushing LLMs into CRM workflows without guardrails
June 17, 2025: A new benchmark study from Salesforce AI Research has revealed significant gaps in how large language models handle real-world customer relationship management tasks.
Salesforce Industry Cloud riddled with configuration risks
June 16, 2025: AppOmni researchers found 20 insecure configurations and behaviors in Salesforce Industry Cloud’s low-code app building components that could lead to data exposure.
Salesforce changes Slack API terms to block bulk data access for LLMs
June 11, 2025: Salesforce’s Slack platform has changed its API terms of service to stop organizations from using Large Language Models to ingest the platform’s data as part of its efforts to implement better enterprise data discovery and search.
Salesforce to buy Informatica in $8 billion deal
May 27. 2025: Salesforce has agreed to buy Informatica in an $8 billion deal as a way to quickly access far more data for its AI efforts. Analysts generally agreed that the deal was a win-win for both companies’ customers, but for very different reasons.
Salesforce wants your AI agents to achieve ‘enterprise general intelligence’
May 1, 2025: Salesforce AI Research unveiled a slate of new benchmarks, guardrails, and models to help customers develop agentic AI optimized for business applications.
Salesforce CEO Marc Benioff: AI agents will be like Iron Man’s Jarvis
April 17, 2025: AI agents are more than a productivity boost; they’re fundamentally reshaping customer interactions and business operations. And while there’s still work to do on trust and accuracy, the world is beginning a new tech era — one that might finally deliver on the promises seen in movies like Minority Report and Iron Man, according to Salesforce CEO Marc Benioff.
Agentblazer: Salesforce announces agentic AI certification, learning path
March 6, 2025: Hot on the heels of the release of Agentforce 2dx for developing, testing, and deploying AI agents, Salesforce introduced Agentblazer Status to its Trailhead online learning platform.
Salesforce takes on hyperscalers with Agentforce 2dx updates
March 6, 2025: Salesforce’s updates to its agentic AI offering — Agentforce — could give the CRM software provider an edge over its enterprise application rivals and hyperscalers including AWS, Google, IBM, Service Now and Microsoft.
Salesforce’s Agentforce 2dx update aims to simplify AI agent development, deployment
March 5, 2025: Salesforce released the third version of its agentic AI offering — Agentforce 2dx — to simplify the development, testing, and deployment of AI agents that can automate business processes across departments, such as sales, service, marketing, finance, HR, and operations.
Salesforce’s AgentExchange targets AI agent adoption, monetization
March 4, 2025: Salesforce is launching a new marketplace named AgentExchange for its agents and agent-related actions, topics, and templates to increase adoption of AI agents and allow its partners to monetize them.
Salesforce and Google expand partnership to bring Agentforce, Gemini together
February 25, 2025: The expansion of the strategic partnership will enable customers to build Agentforce AI agents using Google Gemini and to deploy Salesforce on Google Cloud.
AI to shake up Salesforce workforce with possible shift to sales over IT
February 5, 2025: With the help of AI, Salesforce can probably do without some staff. At the same time, the company needs salespeople trained in new AI products, CEO Marc Benioff has stated.
Salesforce’s Agentforce 2.0 update aims to make AI agents smarter
Meta creates ‘Business AI’ group led by ex-Salesforce AI CEO Clara Shih
November 20, 2024: The ex-CEO of Salesforce AI, Clara Shih, has turned up at Meta just a few days after quitting Salesforce. In her new role at Meta she will set up a new Business AI group to package Meta’s Llama AI models for enterprises.
CEO of Salesforce AI Clara Shih has left
November 15, 2024: The CEO of Salesforce AI, Clara Shih, has left after just 20 months in the job. Adam Evans, previously senior vice president of product for Salesforce AI Platform, has moved up to the newly created role of executive vice president and general manager of Salesforce AI.
Salesforce’s Financial Services Cloud targets ops automation for insurance brokerages
October 16, 2024: Financial Services Cloud for Insurance Brokerages will bring new features to help with commissions management and employee benefit servicing, among other things, when it is released in February 2025.
Explained: How Salesforce Agentforce’s Atlas reasoning engine works to power AI agents
September 30, 2024: AI agents created via Agentforce differ from previous Salesforce-based agents in their use of Atlas, a reasoning engine designed to help these bots think like human beings.
5 key takeaways from Dreamforce 2024
September 20, 2024: As Salesforce’s 2024 Dreamforce conference rolls up the carpet for another year, here’s a look at a few high points as Salesforce pitched a new era for its customers, centered around Agentforce, which brings agentic AI to enterprise sales and service operations.
Alation and Salesforce partner on data governance for Data Cloud
September 19, 2024: Data intelligence platform vendor Alation has partnered with Salesforce to deliver trusted, governed data across the enterprise. It will do this, it said, with bidirectional integration between its platform and Salesforce’s to seamlessly delivers data governance and end-to-end lineage within Salesforce Data Cloud. This enables companies to directly access key metadata (tags, governance policies, and data quality indicators) from over 100 data sources in Data Cloud, it said.
New Data Cloud features to boost Salesforce’s AI agents
September 17, 2024: Salesforce added new features to its Data Cloud to help enterprises analyze data from across their divisions and also boost the company’s new autonomous AI agents released under the name Agentforce, the company announced at the ongoing annual Dreamforce conference.
Dreamforce 2024: Latest news and insights
September 17, 2024: Dreamforce 2024 boasts more than 1,200 keynotes, sessions and workshops. While this year’s Dreamforce will encompass a wide spectrum of topics, expect Salesforce to showcase Agentforce next week at Dreamforce.
Salesforce unveils Agentforce to help create autonomous AI bots
September 12, 2024: The CRM giant’s new low-code suite enables enterprises to build AI agents that can reason for themselves when completing sales, service, marketing, and commerce tasks.
Salesforce to acquire data protection specialist Own Company for $1.9 billion
Salesforce previews new XGen-Sales model, releases xLAM family of LLMs
September 6, 2024: The XGen-Sales model, which is based on the company’s open source APIGen and its family of large action models (LAM), will aid developers and enterprises in automating actions taken by AI agents, analysts say.
Salesforce mulls consumption pricing for AI agents
Coforge and Salesforce launch new offering to accelerate net zero goals
August 27, 2024: Coforge ENZO is designed to streamline emissions data management by identifying, consolidating, and transforming raw data from various emission sources across business operations.
Salesforce unveils autonomous agents for sales teams
August 22, 2024: Salesforce today announced two autonomous agents geared to help sales teams scale their operations and hone their negotiation skills. Slated for general availability in October, Einstein Sales Development Rep (SDR) Agent and Einstein Sales Coach Agent will be available through Sales Cloud, with pricing yet to be announced.
Salesforce to acquire PoS startup PredictSpring to augment Commerce Cloud
August 2, 2024: Salesforce has signed a definitive agreement to acquire cloud-based point-of-sale (PoS) software vendor PredictSpring. The acquisition will augment Salesforce’s existing Customer 360 capabilities.
Einstein Studio 1: What it is and what to expect
July 31, 2024: Salesforce has released a set of low-code tools for creating, customizing, and embed AI models in your company’s Salesforce workflows. Here’s a first look at what can be achieved using it.
Why are Salesforce and Workday building an AI employee service agent together?
July 26, 2024: Salesforce and Workday are partnering to build a new AI-based employee service agent based on a common data foundation. The agent will be accessible via their respective software interfaces.
Salesforce debuts gen AI benchmark for CRM
June 18, 2024: The software company’s new gen AI benchmark for CRM aims to help businesses make more informed decisions when choosing large language models (LLMs) for use with business applications.
Salesforce updates Sales and Service Cloud with new capabilities
June 6, 2024: The CRM software vendor has added new capabilities to its Sales Cloud and Service Cloud with updates to its Einstein AI and Data Cloud offerings, including additional generative AI support.
IDC Research: Salesforce 1QFY25: Building a Data Foundation to Connect with Customers
June 5, 2024: Salesforce reported solid growth including $9.13 billion in revenue or 11% year-over-year growth. The company has a good start to its 2025 fiscal year, but the market continues to shift in significant ways, and Salesforce is not immune to those changes.
IDC Research: Salesforce Connections 2024: Making Every Customer Journey More Personalized and Profitable Through the Einstein 1 Platform
June 5, 2024: The Salesforce Connections 2024 event showcased the company’s efforts to revolutionize customer journeys through its innovative artificial (AI)-driven platform, Einstein 1. Salesforce’s strategic evolution at Connections 2024 marks a significant step forward in charting the future of personalized and efficient AI-driven customer journeys.
Salesforce launches Einstein Copilot for general availability
April 25, 2024: Salesforce has announced the general availability of its conversational AI assistant along with a library of pre-programmed ‘Actions’ to help sellers benefit from conversational AI in Sales Cloud.
Salesforce debuts Zero Copy Partner Network to streamline data integration
April 25, 2024: Salesforce has unveiled a new global ecosystem of technology and solution providers geared to helping its customers leverage third-party data via secure, bidirectional zero-copy integrations with Salesforce Data Cloud.
April 22, 2024: Salesforce’s negotiations to acquire enterprise data management software provider Informatica have fallen through as both couldn’t agree on the terms of the deal. The disagreement about the terms of the deal is more likely to be around the price of each share of Informatica.
Decoding Salesforce’s plausible $11 billion bid to acquire Informatica
April 17, 2024: Salesforce is seeking to acquire enterprise data management vendor Informatica, in a move that could mean consolidation for the integration platform-as-a-service (iPaaS) market and a new revenue stream for Salesforce.
Salesforce adds Contact Center updates to Service Cloud
March 26, 2024: Salesforce has announced new Contact Center updates to its Service Cloud, including features such as conversation mining and generative AI-driven survey summarization.
Salesforce bids to become AI’s copilot building platform of choice
March 7, 2024: Salesforce has entered the race to offer the preeminent platform for building generative AI copilots with Einstein 1 Studio, a new set of low-code/no-code AI tools for accelerating the development of gen AI applications. Analysts say the platform has all the tools to become the platform for building out and deploying gen AI assistants.
Salesforce rebrands its low-code platform to Einstein 1 Studio
March 6, 2024: Salesforce has rebranded its low-code platform to Einstein 1 Studio and bundled it with the company’s Data Cloud offering. The platform has added a new feature, Prompt Builder, which allows developers to create reusable LLM prompts without the need for writing code.
Salesforce’s Einstein 1 platform to get new prompt-engineering features
February 9, 2024: Salesforce is working on adding two new prompt engineering features to its Einstein 1 platform to speed up the development of generative AI applications in the enterprise. The features include a testing center and the provision of prompt engineering suggestions.
Login
