Best of LinkedIn: ICT & Tech Insights CW 11/ 12

00:00:00: This episode is provided by Thomas Allgaier and Frennis, based on the most relevant LinkedIn posts about ICT and tech insights from CW-Eleven & Twelve.

00:00:08: Frennis supports ICT enterprises in the form of delivering precise ICT market and pricing intelligence that analyst subscriptions and existing databases cannot provide.

00:00:17: you can find more info in the description.

00:00:20: Welcome to The Deep Dive everyone.

00:00:21: Yeah

00:00:22: we are so glad your here.

00:00:23: We've got a lot ground to cover today.

00:00:27: heavily curated tech and ICT insights from calendar weeks, eleven and twelve of twenty-twenty six.

00:00:33: Right?

00:00:33: And if there is one overarching theme across the market right now it's a massive urgent pivot

00:00:39: Exactly!

00:00:39: The era just broad hyped up.

00:00:42: ambition especially around AI is completely over.

00:00:45: Oh

00:00:45: totally over.

00:00:46: people are tired at the hype.

00:00:47: Yeah...the focus has completely shifted to deployable operating models.

00:00:51: It all about execution resilience and rock solid architecture

00:00:55: And we're going to unpack that across a few different clusters today.

00:00:58: We're talking cyber resilience, the maturation of AI security digital sovereignty and quantum computing finally becoming practical

00:01:07: which is wild.

00:01:08: but let's start with Cyber Resilience because the baseline is shifting so fast

00:01:12: it Is.

00:01:13: I saw a post from Brad Fraser That just perfectly captured this.

00:01:16: he argued that The absolute most expensive word in cybersecurity Today is the word assume

00:01:22: oh man Assume, that is so true.

00:01:24: Wait like assuming your backups work or assuming Your staff won't click that one highly targeted phishing link.

00:01:30: He says it's a massive business

00:01:32: trap.

00:01:32: It really does.

00:01:33: I mean verification Is completely changing the defensive playbook before we even hit Q to

00:01:37: yeah and Laura Vaughn actually expanded on That exact failure mode specifically looking at compliance.

00:01:43: okay What did she say?

00:01:44: She pointed out that organizations routinely fail because they just treat A cybersecurity framework as The finish line.

00:01:50: ah yes the classic checkbox compliance.

00:01:54: Exactly!

00:01:55: They get their green scores, they finalize their perfect documentation and then just put it on a shelf until next audit.

00:02:01: But an audit doesn't actually test if your multi-factor authentication is genuinely enforced across your legacy systems right?

00:02:10: Bingo.

00:02:11: Or If you're backups can restore active database while actively under pressure.

00:02:17: It creates this really dangerous illusion of security.

00:02:20: Well, it makes me think about how companies are trying to solve this.

00:02:24: Like I always look at this through the lens of performance engineering.

00:02:27: How do you mean?

00:02:28: well a lot organizations try to solve these foundational gaps by just going out and buying an AI tool.

00:02:33: but Think of AI like a massive supercharged formula engine.

00:02:38: Okay

00:02:38: i like this analogy

00:02:39: if You take that f-one engine And drop It into A car with The rusted Out chassis you know Crack Steering Column and Literally No brakes!

00:02:48: You're not wheeling the race.

00:02:49: no You're just going to crash into a wall at two hundred miles an hour.

00:02:52: Yeah, Marcel Velika actually pointed this out in his recent analysis.

00:02:55: he said AI will absolutely not fix a weak security architecture.

00:02:59: Right it just makes the weakness execute faster.

00:03:02: Exactly real capability requires the strict non-negotiable sequence.

00:03:07: first you have to build the architecture Then you establish visibility, detection response recovery and automation.

00:03:15: And then only after all of that is functioning seamlessly.

00:03:18: do you layer in the AI?

00:03:20: because otherwise if your underlying detection logic is flawed adding a I just generates false positives at machine speed.

00:03:27: yeah it Just completely buries Your security team an alert noise.

00:03:31: and speaking of noise Sarah Flutch highlighted A really fascinating point from Bryson Bort's recent session at S four by twenty six

00:03:39: about operational technology.

00:03:40: Yeah, OT visibility.

00:03:42: so think of manufacturing floors power grids water treatment plants that kind of stuff.

00:03:46: right board argues that aiming for one hundred percent asset visibility in ot environments is actually vastly overrated.

00:03:53: wait really i feel like everyone is always pushing for total visibility.

00:03:56: I know it's totally counterintuitive but his point is that visibility is useless if it's not actionable.

00:04:02: okay that makes sense.

00:04:03: Knowing a vulnerable, obscure programmable logic controller exists on your factory floor doesn't help you if you physically lack the operational capability to patch it or isolate.

00:04:15: So what's the alternative then?

00:04:17: He suggests flipping the script entirely.

00:04:19: focus on one hundred percent visibility in your IT network instead

00:04:23: because that's The Gateway

00:04:24: exactly.

00:04:25: That is almost always how attackers reach the OT environment in the first place.

00:04:29: so You locked down the IT side.

00:04:31: What about the Factory Floor itself?

00:04:33: Instead of mapping every single asset, you establish strategic control points.

00:04:37: You build level three perimeters basically tripwires.

00:04:41: I see.

00:04:42: yeah so even if a perimeter firewall eventually fails the attacker is forced to interact with that tripwire which creates a highly actionable alert

00:04:49: Which gives you the exact signal?

00:04:51: You need to respond and we need those trip wires more than ever right now

00:04:54: because it's silent threats.

00:04:56: Yeah Threat actors are moving away from that noisy smash and grab ransomware.

00:05:01: They're moving towards silent pre-positioning.

00:05:04: Christopher Clark shared a deeply concerning report recently about the Iranian threat group Seedworm

00:05:09: Also known as Muddy Water, right?

00:05:10: Yes!

00:05:11: Muddy water.

00:05:12: they Are quietly embedding this malware called Dindor inside critical infrastructure across The US & Israel.

00:05:20: Just waiting

00:05:21: just waiting but the mechanism they used to hide is what makes it so wild.

00:05:25: They are running this malware inside the Dino JavaScript runtime.

00:05:30: Oh wow!

00:05:31: For anyone listening who isn't familiar, Dino is normally a highly secure totally legitimate environment.

00:05:37: Right developers use it to execute javascript outside of a web browser.

00:05:41: So because its a trusted tool security platforms just ignore

00:05:44: exactly Most endpoint detection and response platforms, the EDRs.

00:05:49: they basically just whitelisted by default.

00:05:51: They don't monitor the processes happening inside it Man.

00:05:54: so the attackers blend perfectly into normal administrative traffic.

00:05:57: Yeah!

00:05:57: They are practically invisible.

00:05:59: And when you look at your own organization's vendor list You really have to consider the implications of these silent threats

00:06:05: Because you inherit their vulnerabilities.

00:06:07: Yep

00:06:08: Luke Irwin noted recently that you inherently adopt your vendors blast radius.

00:06:12: That

00:06:12: is a great term.

00:06:13: It IS Thread.

00:06:15: actors know that breaching a massive well-defended enterprise is hard, but breaching their midsize logistics vendor.

00:06:21: The vendor with the stretch IT department running legacy software?

00:06:25: Exactly!

00:06:26: It's incredibly easy.

00:06:27: so if you are not actively verifying your supply chain architecture You're literally just outsourcing your risk.

00:06:33: And in some sectors That risk isn't just financial anymore.

00:06:37: Robby Munga made this really stark observation regarding health care.

00:06:41: What did

00:06:41: he say?

00:06:42: He said cyberrisk and hospital is now, quite literally a patient safety risk.

00:06:48: It's a continuity of care problem?

00:06:49: Wow!

00:06:50: Yeah that's entirely true.

00:06:52: So he is advocating for what he calls a minimum viable hospital mindset.

00:06:57: Minimum viable hospital?

00:06:59: Okay What does it look like?

00:07:00: It means fundamentally re-architecting your workflows.

00:07:03: to answer one question What are the absolute minimum offline capabilities required to keep patients alive when the digital systems are completely compromised?

00:07:12: That is terrifying, but it's the exact conversation boardrooms need to be having right now.

00:07:17: Absolutely

00:07:18: because the challenge is human defenders just cannot scale fast enough To counter these attacks anymore.

00:07:24: no especially Because the attackers are super charging their efforts with AI automation.

00:07:29: Yeah Let's transition into that.

00:07:30: theme.

00:07:31: two a I security matures

00:07:33: bright.

00:07:34: Matthew Rosenquist recently shared this Interpol report, and the numbers are just staggering.

00:07:40: AI-enhanced fraud is now four hundred fifty percent more effective than traditional methods.

00:07:46: Four hundred fifty per cent?

00:07:48: That's an epidemic!

00:07:49: It

00:07:49: is—and the sheer scale of that increase really comes down to the adaptive learning loop

00:07:54: Right —the AI learning from its mistakes

00:07:55: Exactly!

00:07:56: Criminals are utilizing massive computing scales.

00:07:59: every single failed scam serves as training data.

00:08:03: So if a deep fake voice clone fails... Or, If

00:08:05: a spearfishing email doesn't bypass the target's skepticism.

00:08:08: The AI instantly analyzes why it failed It refines its tone It adjusts timing and generates more persuasive variant for next ten thousand targets.

00:08:18: It is evolving social engineering at machine speed.

00:08:22: How do you even fight an adversary that iterates quickly?

00:08:25: Human reaction times are basically useless.

00:08:27: You have to fight machines with machines There no other way.

00:08:30: Harpreet Sidhu announced that Accenture is heavily expanding their agentic AI-powered managed extended detection and response, they're MXDR for Microsoft.

00:08:40: Okay so autonomous defense?

00:08:41: Yeah the objective is to deploy defensive AI agents that autonomously handle routine threat scenarios and actually execute proactive remediation without

00:08:51: waiting for a human to click approve

00:08:52: exactly.

00:08:53: Vasu Jackal at RSAC reinforced this too stating autonomous.

00:09:00: But wait,

00:09:01: handing the keys of your enterprise security over to Autonomous AI agents that requires an airtight framework of trust?

00:09:08: Oh

00:09:08: massive governance reality check!

00:09:10: Yeah because deploying these large language models is no longer a localized experimental free-for all

00:09:15: not at all.

00:09:15: Christopher Apolla highlighted a huge shift in public sector deployment recently

00:09:19: with USAI platform.

00:09:20: right yep NIST and the GSA are partnering to evaluate AI tools through this USI Platform

00:09:26: which fundamentally changes the compliance landscape.

00:09:30: It really does, because now before an AI tool can touch federal operations it must be systematically measured for security reliability and bias.

00:09:39: It's essentially an authority to operate in ATO specifically tailored for AI systems

00:09:46: Exactly And look regardless of the shifting political currents or whatever recent executive orders are driving tech policy right Now.

00:09:54: The pure governance risk and compliance impact is absolute

00:09:58: Right, you can't just plug in off-the-shelf AI model into a sensitive workflow anymore without rigorous standardized vetting.

00:10:04: And that rigorous vetting is becoming mandatory everywhere because AI's embedding itself to the very core of business operations too?

00:10:11: Yeah Sandra Veller pointed out we are officially entering an era of agentic ERP with systems like SAP Egentic

00:10:18: ERP, that's a huge shift.

00:10:20: It

00:10:20: is!

00:10:20: AI is transitioning from being just this helpful little chatbot on the periphery to The actual operating layer of the enterprise.

00:10:27: it's actively guiding supply chains and financial decisions.

00:10:30: right but she points out That when these integrations fail they rarely fail because the underlying algorithm Is bad.

00:10:36: why do they fail them?

00:10:38: They fail because the organization's data is siloed.

00:10:41: Ownership is ambiguous, internal processes are disconnected... You basically have to fix your operating model before AI can optimize

00:10:49: it.

00:10:49: That makes perfect sense.

00:10:50: Yeah

00:10:51: And you know if AI agents act as a literal operating system for core business and government functions It raises an urgent strategic question

00:11:00: Which is?

00:11:01: Who

00:11:01: actually governs that data feeding those agents?

00:11:04: Yes.

00:11:05: This operational reality is driving a massive shift in the boardroom regarding digital sovereignty, which is our third theme today.

00:11:11: and it's not just about data localization anymore?

00:11:13: Is it

00:11:14: no?

00:11:14: Andy Lane noted that European leaders have moved way past Just asking where my data physically located.

00:11:19: It's about control

00:11:20: exactly.

00:11:21: The demands are now about governance.

00:11:24: who controls access?

00:11:25: How does a nation adopt hyper scale AI without creating an unbreakable dependency on a foreign vendor?

00:11:31: Sovereignty is no longer about geographic isolation.

00:11:34: It's about transparency and operational control

00:11:37: And we're seeing two drastically different approaches to executing that control on a national level right now.

00:11:43: Yeah, let's talk about Estonia first because hofford elfson recently analyzed their approach through peak Their health in information systems center.

00:11:51: the stony is always so ahead of the curve On this stuff.

00:11:54: they really are.

00:11:55: and what is absolutely wild?

00:11:57: About those?

00:11:57: strategy deliberately employs zero in-house developers.

00:12:03: Wait, really?

00:12:04: Zero for a national digital health system.

00:12:06: Zero, they only employ architects product owners and data quality specialists.

00:12:10: That is fascinating.

00:12:11: their

00:12:12: entire System Is built on procuring thin while They retain strict absolute control over the architecture And The Data Standards

00:12:19: so they achieve Sovereignty Through Radical Transparency Rather Than Building A walled Garden.

00:12:23: Exactly

00:12:24: Citizens Can log into the system and see a Clear Immutable Log of exactly who has access Their Medical Data when They Access it and why

00:12:32: And because that trust architecture is so robust, the buy-in is incredible.

00:12:37: Only what?

00:12:38: Zero point zero.

00:12:39: two percent of Estonians have chosen to opt out of data sharing.

00:12:42: Yep,

00:12:42: zero point zero.

00:12:43: Two percent.

00:12:44: they built trust by proving The citizen holds the ultimate access controls.

00:12:47: okay now contrast That architectural approach with the heavy Regulatory approach we are seeing unfold in Brazil right Now.

00:12:54: oh...the new ECA digital law.

00:12:58: Renda Mathias Fernandez shared some great insights on this.

00:13:01: Yeah, Brazil is effectively trying to end the digital Wild West for minors.

00:13:05: They are treating digital platforms as a literal public health issue which

00:13:10: has huge paradigm shift.

00:13:12: what do they actually banning?

00:13:13: They're legally banning The Addiction Engine Wow!

00:13:16: Meaning infinite scrolling and default autoplay Are completely prohibited from miners.

00:13:21: There also outlawing behavioral profiling For targeted advertising aimed at children.

00:13:26: That's

00:13:26: massive But how did you enforce that?

00:13:29: You have know who was a miner.

00:13:30: That is the most consequential part of legislation.

00:13:33: It's end-of self declared age verification.

00:13:36: Platforms must now implement reliable, auditable methods to prove a user s age.

00:13:41: And that has ignited profound debate between protection and privacy?

00:13:46: A huge debate!

00:13:47: Because to reliably verify age online systems generally require government ID or biometric scan

00:13:55: And parents and child safety advocates are saying, look this is a necessary step to defang predatory algorithms.

00:14:01: Exactly.

00:14:02: but on the flip side privacy advocates argue that effectively ends online anonymity.

00:14:07: Yeah

00:14:07: they argue it forces every single user into surveillance architecture.

00:14:11: just browse internet.

00:14:12: It really is defining clash over what digital sovereignty actually costs individual.

00:14:17: But while those massive policy debates play out, the technical standards required to actually operationalize data sovereignty are quietly falling into place.

00:14:25: You're talking about the new EU standard?

00:14:27: Yeah.

00:14:28: Stefan Schwalhm highlighted this major milestone—the publication of the new CENTS-OneEtwoSixFour Standard for Ida's Qualified Ledger Trust Services.

00:14:38: That is a mouthful!

00:14:39: What does it do?

00:14:40: Prior to this standard, if you used a blockchain or distributed ledger... ...to track a sensitive supply chain across European borders.

00:14:46: Which

00:14:46: a lot of companies want to do!

00:14:48: Right but it was incredibly difficult to prove the legal validity.. ..of those transactions under EU law.

00:14:54: Ah I see This standard bridges that gap.

00:14:57: It makes blockchain legally binding and usable in highly regulated European environments.

00:15:02: So it paves the way for innovations like digital product passport where you need absolute sovereign trust in decentralized data exactly.

00:15:11: but you know protecting our sovereign data today relies entirely on the mathematical complexity of modern cryptography.

00:15:17: yes and that brings us back to the threat we discussed at the very beginning of this deep dive

00:15:22: quantum.

00:15:23: Yes, theme four The rapidly accelerating timeline.

00:15:29: Dennis E. Lieber issued a really stark warning about this, he said.

00:15:32: quantum computing is not future problem.

00:15:34: it's present day security deadline

00:15:36: Because of the store now decrypt later strategy?

00:15:39: Exactly Threat actors are harvesting encrypted proprietary data financial records state secrets today just scooping all up

00:15:47: Just putting in cold storage.

00:15:48: so if you have data that must remain confidential for next ten to fifteen years your clock has effectively already run out.

00:15:54: The infrastructure keeping its safe is living on borrowed time.

00:15:57: And that inflection point is arriving so much faster than most people anticipated?

00:16:02: Yeah, Mayor Pellani pointed to twenty-twenty six as the year.

00:16:05: quantum is expected to demonstrably beat classical supercomputers in live production environments

00:16:11: specifically for challenges like optimizing global supply chains in real time, or simulating molecular structures for drug discovery.

00:16:19: Right

00:16:20: the hard science is officially transitioning out of the laboratory

00:16:23: I met Othmani and Scott Crowder shared this breakthrough from IBM.

00:16:26: that just blew my mind.

00:16:28: The magnetic material simulation?

00:16:29: Yes!

00:16:30: IBM successfully ran a quantum simulation Of A Real Complex Magnetic Material Known as KCUF-III.

00:16:37: Okay For the listener put into perspective why simulating a magnetic material actually matters

00:16:42: Sure.

00:16:43: so Trying to simulate complex molecular interactions on a classical computer is basically like trying to map the exact position of every single grain of sand on a beach using a pocket calculator.

00:16:54: Right,

00:16:54: variables are just too vast

00:16:55: Exactly, but IBM's quantum simulation perfectly matched the data from highly expensive real-world physical neutron scattering experiments.

00:17:05: Wow We are officially moving past the phase of running theoretical toy problems.

00:17:10: we're actually replacing physical material science testing with Quantum calculation.

00:17:16: that is incredible and The hardware race to support these calculations is expanding so dramatically right now.

00:17:22: Yeah, Yossi Matias announced that Google Quantum AI is running a dual-track hardware strategy now.

00:17:28: Right!

00:17:28: Historically they focused really heavily on superconducting quivits which

00:17:32: they note scale incredibly well in time meaning They can execute millions of operations at microsecond speeds.

00:17:37: but Now they are aggressively expanding into neutral atom quivots Which scale incredibly?

00:17:42: Well and space

00:17:43: okay?

00:17:43: explain That to me scaling in space.

00:17:45: the traditional microchips even quantum ones Are limited by physical wiring and cooling constraints.

00:17:50: right with neutral atoms you are literally using lasers to hold individual atoms in place within a three-dimensional grid, in a vacuum.

00:17:59: That sounds like science fiction!

00:18:00: I know... but you can pack thousands of these quibbets together with highly flexible connectivity completely bypassing the traditional wiring bottlenecks.

00:18:10: So by running both superconducting and neutral atom tracks, Google is cross-pollinating the engineering to overcome physical limitations of scaling.

00:18:18: Exactly!

00:18:20: And the broader ecosystem is gearing up for this scale too.

00:18:23: Resonage Body & Philip Brown highlighted that Cisco was partnering with Atom Computing...

00:18:27: To architect actual networking infrastructure right?

00:18:30: Yeah

00:18:30: The Networking required to connect distributed heterogeneous quantum data centers

00:18:35: Okay But we do need to pause here and inject a hard reality check into this momentum.

00:18:39: Always good idea!

00:18:40: As incredible as these breakthroughs are, David Lindthicom offered very sobering perspective for enterprise leaders.

00:18:47: For the vast majority of companies measurable bottom line business value from quantum is still years away.

00:18:52: Ah

00:18:53: yeah because of error rates

00:18:54: The error rate in quantum calculations remain massive shortle And there's severe physical limits.

00:19:00: scaling systems reliably

00:19:02: Not mention talent shortage

00:19:04: Exactly, Amit Singhi made a similar point regarding India's quantum ambitions.

00:19:09: A nation or company might have the strategic desire to lead in quantum but you cannot simply hire a deployment-ready quantum engineer off the street.

00:19:19: No!

00:19:19: The workforce required to scale this just does not exist.

00:19:22: yet

00:19:22: It really doesn't.

00:19:23: But I will say...the bridge between theoretical power of quantum and practical reality lies in integration.

00:19:31: Right, Mauritian Mijakovic highlighted IBM's new blueprint for this.

00:19:35: The quantum-centric supercomputing, or QCSC?

00:19:38: Yeah

00:19:39: the future architecture is not a standalone quantum computer sitting in his siloed freezing basement.

00:19:44: no it's a seamless tight integration between quantum processors and classical high performance computing.

00:19:51: .The classical computers orchestrate the broader workflow they manage the data pipelines only the impossible, highly complex mathematical variables to the quantum processor.

00:20:01: Exactly it's a hybrid approach and looking at the entire landscape we've covered today The through line is actually really clear.

00:20:07: It is We are moving from world of assumed security into reality of verified resilience

00:20:16: from a peripheral tool into the autonomous operating layer of the enterprise.

00:20:20: We're seeing nations redefine sovereignty around data governance, and

00:20:24: we are witnessing quantum computing transition from theoretical physics in to deployable engineering.

00:20:30: It's massive massive shift

00:20:31: it really is.

00:20:33: And as you listener process these shifts I want you consider this final thought regarding architecture trust currently built

00:20:40: on

00:20:40: We are rushing to deploy agentic AI that autonomously manages our core enterprise systems.

00:20:46: Right?

00:20:47: Simultaneously, we are integrating quantum computers into our data centers to handle mathematical variables.

00:20:53: classical systems cannot process What happens in the near future when those autonomous AI agents are tasked with orchestrating and optimizing those quantum workflows.

00:21:03: Oh wow Who audits the AIs decision-making process When the underlying quanta math that relies on is quite literally beyond Classical human comprehension?

00:21:13: That's a chilling thought.

00:21:15: We are automating the future, but we may soon not even understand the math.

00:21:19: We're trusting something to chew on

00:21:22: definitely something a chew-on.

00:21:24: Well that is all the time we have for today.

00:21:26: if you enjoyed this episode new episodes drop every two weeks.

00:21:29: Also check out our other editions on cloud defense tech digital products and services artificial intelligence sustainability in green ICT Defense Tech and

00:21:39: HealthTech.

00:21:39: Thank you so much for joining us on this deep dive.

00:21:42: Stay curious, question your assumptions and we will

00:21:47: see.