Tag Archives: ai

The Art of Strategy: Sun Tzu and Kautilya’s Relevance Today

Sometimes it is great to look into the past to see how leaders back then dealt with the changing times. Oddly enough, some of their learnings still resonate even today. I had a chance to reread Sun Tzu’s The Art of War and the Arthashastra from Kautilya. In a world of constant competition between nations, businesses, or algorithms, these two ancient texts continue to define how leaders think about power, conflict, and decision-making. The blog this week takes a more philosophical lens to analyze strategies from the years before and their relevance in today’s world.

Separated by geography but united in purpose, both these works of literature are more than just military manuals; they are frameworks for leadership and strategy that remain stunningly relevant today.

The Philosophical Core

ThemeArthashastra (Kautilya)The Art of War (Sun Tzu)
Objective Build, secure, and sustain the state’s prosperityWin conflicts with minimum destruction
PhilosophyRealpolitik—power is maintained through strategy, wealth, and intelligenceDao of War—harmony between purpose, timing, and terrain
Moral LensPragmatism anchored in moral orderPragmatism anchored in balance and perception
Definition of VictoryStability, order, and prosperity of the realm Winning without fighting; subduing the enemy’s will

Both leaders agree: victory is not about destruction, and it is more about preservation of advantage.

Leadership and Governance

  • Kautilya: The leader, as the chief architect of the state, city, organization, or department, is obligated to prioritize the welfare of the people. Leadership represents both a moral and economic contract; thus, a leader’s fulfillment is intrinsically linked to the happiness of their direct reports.
  • Sun Tzu: The leader is the embodiment of wisdom, courage, and discipline, whose clarity of judgment determines the fate of armies

In modern times, in the context of Kautiliya, the leader represents the CEO/statesman, designing systems of governance, incentives, and intelligence; Sun Tzu represents the COO, optimizing execution and adapting dynamically.

Power, information, and intelligence

Information in both books is seen as a strategic asset. This includes gathering information and then acting upon the given information; it does emphasize more acting on it versus just gathering.

AspectKautilya Sun Tzu
Intelligence System Elaborate network of informants: agents disguised as monks, traders, asceticsEmphasis on reconnaissance, deception and surprise
Goal of Data Gathering Internal vigilance and monitor external influence Tactical advantage and surprise
Philosophical viewInformants are the eyes of the leaderAll warfare is based on deception and having leverage

In the age of data and AI, the lesson is clear: those who control information and stories will succeed in the long run.

War, Diplomacy, and the Circle of Power

  • Kautilya’s Mandala Theory: Every neighboring state is a potential enemy; the neighbor’s neighbor is a natural ally. The world is a circle of competing interests, requiring constant calibration of peace, war, neutrality, and alliance.
  • Sun Tzu’s Doctrine: War is a last resort; the wise commander wins through timing, positioning, and perception.

Modern parallel:

Global supply chains, tech alliances, and regulatory blocs function exactly like Kautilya’s mandala: interdependent, fluid, and shaped by mutual deterrence.

Economics as a strategy

In the Art of War focuses on conflict, while the Arthashastra expands into economics as the engine of statecraft. Kautilya views wealth as the foundation of power, with taxation, trade, and public welfare as strategic levers.

The state’s strength lies not in the sword, but in the prosperity of its people.”

In business terms, this is all platform economics; power arises from resource control, efficient networks, and sustainable growth, not endless confrontation.

Ethics, Pragmatism and the Moral Dilemma

Both authors are deeply pragmatic but neither amoral.

  • Kautilya: Ends justify means only when serving public welfare. Ethics are flexible but purpose-driven.
  • Sun Tzu: Advocates balance, ruthless efficiency tempered by compassion, and self-discipline.

For modern leaders, this balance is critical: strategic ruthlessness without moral erosion.

Enduring Lesson for Today

Timeless Principle Modern interpretation
Know yourself, and your adversary Data, market, and competitive intelligence
Control information, and perceptionOwn the narrative, brand, and customer psychology
Adapt to the terrain Agility in shifting markets and technologies
Economy of effort Lean operations, precision focus
Moral LegitimacyTrust, Transparency, and long-term brand equity

Both texts converge on the following point:

Leadership is the art of aligning intelligence, timing, and purpose, not merely commanding resources.

Fusion Mindset

If Sun Tzu teaches how to win battles, Kautilya teaches how to build empires. Combined, they offer a 360-degree view of power:

  • Sun Tzu = Operational mastery: speed, tactical advantage, and timing.
  • Kautilya = Structural mastery: governance, economics, and intelligence.

Together they form a dual playbook for today’s complex systems, from nation-states to digital ecosystems.

Conclusion

Both The Art of War and Arthashastra remind us that strategy is timeless because human behavior is timeless.

Whether you lead a nation, a company, or a team, the challenges are the same: limited resources, competing interests, and the need to act with clarity under uncertainty

In the end, wisdom isn’t knowing when to fight; it’s knowing when to build, when to adapt, and when to walk away.

Cybersecurity in Industrial systems with AI

AI is transforming not only digital platforms but also industrial systems. As AI intersects with cybersecurity, how do we protect our infrastructure while adapting to technological changes? This rapid evolution brings both new opportunities and risks, increasing the need for robust security strategies. Balancing innovation with critical safeguards will be essential as organizations navigate this complex landscape.

Information Technology and Operational Technology

When working with industrial systems, it is important to distinguish between two key areas:

  • Information Technology
  • Operational Technology

Information Technology: This area focuses on data, information, and communication. Key aspects include data storage, transmission, and analysis. In terms of cybersecurity, the primary concerns are:

  • Confidentiality (protecting data)
  • Integrity (ensuring accuracy)
  • Availability (keeping systems operational)

Examples of solutions in this category include productivity suites, ERP applications, cloud services, databases, and CRM systems.

Operational Technology: These technologies are designed to monitor and control physical processes, devices, and infrastructure. The main objectives are: real-time monitoring, control, automation, and ensuring the safety and reliability of operations. Priority areas include:

  • Safety (preventing harm to people, environment, and equipment)
  • Availability (maintaining continuous system operation)
  • Determinism (achieving predictable outcomes)

Examples of operational technology solutions include:

  • Programmable Logic Controller (PLC): Computers used to automate industrial processes, such as assembly line robots
  • Supervisory Control and Data Acquisition (SCADA): Systems for remote monitoring and control of industrial processes
  • Distributed Control System (DCS): Control systems where elements are distributed across the system rather than centralized, often used in chemical plants and refineries (e.g., carbon capture systems)

Where does AI add value to Operational Technologies?

Industrial Systems

Most of the industrial systems use legacy protocols (e.g., Modbus, DNP3, etc.); these were designed for availability and determinism, not for security. This is where AI can add value.

  • Anomaly detection and Predictive Maintenance: AI models can learn “normal” patterns of sensors, actuators, and control data and flag deviations that indicate equipment wear, sensor drift, or cyber manipulation
  • Cyber Intrusion Detection for OT Networks: AI can profile normal Modbus and DNP3 traffic and flag malicious commands such as replay attacks or unauthorized writes to PLCs. As many of these protocols lack authentication or basic identity management
  • Process optimization: Reinforcement learning agents can continuously optimize SCADA-controlled processes (e.g., water treatment plants) for throughput, yield, or energy efficiency
  • Human-in-the-Loop decision support: Agents that can interpret signals and alarms and recommend operator actions that reduce “alarm fatigue”

Driverless cars

The development of robotaxis is a major advance in autonomous transportation. These driverless vehicles function as multi-agent industrial systems, where addressing security concerns is important to prevent potential issues.

  • Perception and Sensor Fusion: AI combines information from cameras, LIDAR, radar, and V2X to construct an environmental model, such as proximity maps used in vehicles like Tesla.
  • Real-time Anomaly Detection and Intrusion: Systems are designed to identify LIDAR spoofing or harmful V2X messages, with agents monitoring Ethernet frames for irregularities.
  • Risk Forecasting and Path Planning: Driving policies are automatically adapted based on the predicted movements of vehicles and pedestrians.
  • Self-Diagnostics and Predictive Maintenance: Onboard agents monitor for sensor and board failures, enabling proactive recalls to reduce operational expenses.
  • Over-the-Air (OTA) Update Security: AI assists in verifying firmware integrity and identifying any supply-chain tampering.

Protocol security gaps

Many industrial and automotive controls lack built-in security, so AI can help compensate for vulnerabilities in legacy protocols.

  • AI-driven intrusion detection: Identifies and contains unusual or malicious traffic by analyzing patterns.
  • Device behavioral fingerprinting: Uses electrical and timing signatures to reliably distinguish devices, preventing impersonation.
  • Zero-trust enforcement: Dynamically assesses communication trust for insecure protocols using AI.

Conclusion

In summary, the integration of AI into automotive and industrial systems significantly enhances security, operational reliability, and adaptability. By leveraging advanced perception, real-time anomaly detection, predictive maintenance, and dynamic trust enforcement, AI fills gaps in legacy protocols and sets a new standard for proactive threat mitigation and system resilience. As these technologies continue to evolve, their role in safeguarding critical infrastructure will become increasingly indispensable for the future of connected and autonomous systems.

AI as the Next Strategic Inflection Point: Why Hybrid Growth Models Will Define the Future

Now that I have changed jobs, I engage in my regular ritual of reading “Only the Paranoid Survive” by Andy Grove. Although dated and the fact that it beats up on Steve Jobs and Apple, there are several nuggets of wisdom I take from it every time I reread it. I decided to use the framework in the book to assess AI. Andy Grove once wrote that a strategic inflection point is the moment when the balance of forces shifts so dramatically that an organization must adapt or risk irrelevance. We’ve seen such changes with the internet, cloud, and mobile. Each time, companies either leaned into the shift or slid into irrelevance.

Today, we confront the same question: Is AI the next turning point for businesses?

My position is clear: it is.

Why AI Is Different ?

AI doesn’t just digitize processes. It reshapes how we engage, learn, and deliver value. The promise of AI is hyper-personalization at scale, understanding customer intent in real time, adapting product experiences dynamically, and embedding intelligence into every workflow.

For businesses, such intelligence is non-negotiable. Customers no longer tolerate generic experiences. They expect platforms to anticipate their needs. Those who move slowly are not just lagging; they’re drifting toward irrelevance.

Applying Andy Grove’s Six Forces



Grove argued that strategic inflection points become visible when all six forces in business begin to shift simultaneously. Artificial intelligence provides a textbook example:

  • Competitors: New entrants leverage AI-native strategies to outpace incumbents in personalization, cost, and speed. Startups move faster; established players must retool.
  • Customers: Expectations are rising. Hyper-personalization is now a fundamental requirement. AI reshapes the definition of value.
  • Suppliers: Model providers (OpenAI, Anthropic, Google, etc.) become critical suppliers, introducing new dependencies and risks. Shifts in licensing, pricing, or access can alter your strategy overnight.
  • Complementors: Ecosystems of AI plugins, agents, and integrations redefine how products interoperate. Companies that fail to integrate risk isolation.
  • New Entrants: Barriers to entry collapse as AI lowers the cost to build sophisticated products. A two-person startup can now challenge incumbents.
  • Substitutes: Traditional processes and workflows are displaced by AI-native alternatives. Automation replaces previously required human effort, transforming value chains across various industries.

    When all six forces are in motion, you don’t just face incremental change—you’re at an inflection point.

Product-led growth vs. customer-led growth in the age of AI

The situation raises a critical question: how does AI reshape growth models?

  • Product-Led Growth (PLG) thrives on self-serve adoption. AI strengthens this by embedding intelligence into onboarding and analytics. However, PLG has a blind spot: despite being data-driven, it frequently overlooks the competitive Cassandras within your organization—those voices that warn about competitors moving faster or shifts in the market.

  • Customer-Led Growth (CLG) relies on deep engagement. AI enhances this by giving customer-facing teams foresight into risks and opportunities across accounts.

Individually, both are powerful. Alone, both are incomplete.

The case of Hybrid-led growth

Hybrid-led growth is the winning model, similar to the case I made in my earlier blog post about each of the growth models.

  • From PLG, you inherit scale: products that adapt to millions of users in real time.
  • From CLG, you inherit resilience: trusted, high-touch relationships informed by AI insights.
  • By combining them, you overcome PLG’s blind spots and amplify CLG’s reach.

Hybrid growth reframes Product-Market Fit (PMF). PMF is no longer static. With AI, it becomes dynamic, continuously tuned by customer data, competitive signals, and organizational foresight.

What Leaders Must Do

  1. Reframe strategy through AI lenses: re-evaluate product roadmaps, customer journeys, and GTM motions with AI in mind.
  2. Invest in data and trust: transparency and security are preconditions for customer willingness to share.
  3. Listen to your Cassandra’s: Don’t dismiss internal voices warning of competitive threats. They’re often early signals of market shifts.
  4. Adopt hybrid growth mindsets: stop debating PLG vs. CLG. The future belongs to companies that can blend them.

The Inflection Point Is Here

Strategic inflection points emerge in the present, not in retrospect. Grove’s six forces are shifting, simultaneously, under the weight of AI.

Companies today stand at the fork Grove described: grow exponentially or risk irrelevance.

AI is that fork. The winners will not simply adopt AI; they will reimagine growth itself, blending PLG and CLG into a hybrid model that adapts dynamically to both customers and competition.

Beyond Benchmarks: Future of AI depends on Mesh Architectures and Human-in-Loop Oversight

When Grok-4 and ChatGPT launched, headlines praised their high scores on benchmarks like Massive Multitask Language Understanding (MMLU), better pass rates on HumanEval, and improved reasoning on GSM8k. Impressive? Yes! However, as a product leader, I worry we are focusing on the wrong things.

Benchmarks are similar to academic entrance exams; they assess readiness but not real-world results. Customers, teams, and industries operate in the complex reality of delivering software, treating patients, securing systems, or managing supply chains. Focusing only on benchmarks may lead to models that perform well in tests but struggle in real-life situations.

Overfitting to the Test

The danger here is overfitting. Models are trained to optimize benchmark scores, yet they perform poorly on actual outcomes. We have seen it in other industries: students who test well but cannot apply knowledge, or autonomous systems that perform perfectly in simulation but fail in the field.

AI is at risk of repeating the same mistake if we confuse benchmark leadership with product leadership.

The Case for Human-in-the-Loop

Human oversight is not an optional safety net. It is the core of effective AI deployment. Whether it is a software engineer reviewing AI-generated code, a security analyst validating an alert, or a doctor confirming a recommendation, humans provide context, judgment, and accountability that machines can’t.

My blog last week about Toyota and automation offers a useful analogy. In its factories, even the robots can pull the andon cord. The andon cord is a mechanism to stop the assembly line if something seems off. The point of the matter is not to distrust automation; it is about embedding responsibility and oversight into the system itself. AI needs its own version of the andon cord.

From Monoliths to Meshes

Patterns that we thought we solved with distributed computing seem to be new again. The industry has chased monolithic, general-purpose models: bigger, denser, and more universal. But in practice, most enterprises need something different:

  • Small, specialized models tuned for their domain context (finance, healthcare, manufacturing)
  • These models collaborate, distribute tasks, and pool their strengths in mesh architectures.
  • The retrieval and orchestration layers provide grounding, context, and control.

The mesh model is both more sustainable and more aligned with enterprise outcomes. It reduces compute costs, improves transparency, and accelerates adaptation to new regulations or customer needs.

The Real Benchmark: Outcomes

As product leaders, our job isn’t to chase leaderboard scores; it is to deliver outcomes that matter.

  • Did the security breach get prevented?
  • Did the patient get safer diagnosis?
  • Did the software deploy without incident?

The future of AI will belong not to the biggest models, but to the smartest systems:

  • Those designed around human oversight
  • Specialized collaboration,
  • Outcome-driven measurement

Benchmarks are transient. Trust, reliability, and impact will endure!

Who watches the Automated Watcher?

There is an old Latin phrase: Quis custodiet ipsos custodes? Simply put: Who watches the watchmen?

It was a question of power and oversight. If those entrusted with guarding society become corrupt, who ensures they are accountable? In today’s world, that same question applies not to presidents and law enforcement but to algorithms, automation, and artificial intelligence, especially in the case of agentic AI.

The Rise of the Automated Watchers

Modern systems are too vast and complex for humans to monitor alone. These complexities range from

  • Microservices sprawl across Kubernetes clusters, spawning thousands of interactions per second.
  • Observability tools like Datadog, New Relic, and OpenTelemetry stream terabytes of logs, traces, and metrics to surface anomalies.
  • AI guardrails in platforms like LangChain, GuardrailsAI, and Azure’s Responsible AI toolkits catch unsafe or biased model outputs before they get to customers.

These systems watch everything: performance, security, compliance, and fairness. They are our first line of defense against outages, breaches, and reputational risk.

This idea came to me when I was writing a program for my robot using ROS2: What happens when the watcher itself fails, drifts, or is compromised?

The Accountability Gap

We assume watchers are infallible, but history says otherwise:

  • A metrics pipeline silently dropped alerts during a network partition, and no one noticed until the customer SLA was breached.
  • An intrusion detection system was itself bypassed in a supply chain attack, leaving a false sense of security
  • An AI safety layer failed to catch adversarial prompts, exposing users to harmful outputs or expose a company’s sensitive data

In each case, the system built to guarantee trust became the single point of failure. The absence of alerts was misread as the absence of problems.

This is the accountability gap:Who verifies the automated verifier?

Lessons from Toyota: Jidoka and the Andon Cord

Early in my career, I had the privilege of working with Toyota as a customer, and my counterpart shared a history lesson with me. The auto industry wrestled with this decades ago. Toyota, the pioneer of lean manufacturing, introduced robots to improve efficiency. But they quickly discovered a hard truth: robots can make the same mistake perfectly, at scale.

Every incorrect weld resulted from a robotic arm’s miscalibration. If a sensor failed, the defect affected thousands of cars. Automation didn’t correct errors; if it didn’t, it made them worse.

Toyota’s solution was jidoka: “automation with a human touch.” Rather than relying solely on machines, they included human oversight in the process:

  • The Andon Cord: Any worker could pull a literal cord to stop the entire assembly line if a defect was spotted.
  • Layered Verification: Human inspectors and visual systems checked robotic output continuously.
  • Kaizen (Continuous Improvement): Every failure was treated as a learning loop, improving both robots and oversight systems.

The lesson is timeless: automation increases both efficiency and risk. A single defect in a manual process is localized; a defect in an automated process is systemic.

The software world is no different. Observability dashboards are our Andon cords. SREs are our jidoka. And post-incident reviews are our kaizen.

Strategies for Watching the Watcher

Just as Toyota built layered accountability into its manufacturing system, we need to design resilience into our agentic AI systems. Four key strategies stand out:

  1. Meta-Monitoring for Microservices
    • Observability tools should watch each other, not just the services.
    • Example: Prometheus scrapes are validated by synthetic transactions running through the service mesh, the digital equivalent of a second inspector checking a robot’s welds.
  2. Audits for Observability
    • Periodic “reality checks” involve comparing raw logs and traces against dashboards.
    • Independent tools like Honeycomb validating a Datadog pipeline are today’s equivalent of a Toyota team double-checking machine outputs.
  3. Guardrails for Guardrails in AI
    • Safety layers need redundancy: pre-training filters, real-time classifiers, and post-response moderation.
    • Think of this as multiple Andon cords for LLMs such as OpenAI’s Evals, Anthropic’s Constitutional AI, and Microsoft’s Responsible AI dashboards, which can all act as independent cords waiting to be pulled.
  4. Human-in-the-Loop Escalation (Digital Jidoka)
    • Automation can reduce noise, but critical thresholds must escalate to humans.
    • Just as Toyota trusted line workers to stop the factory floor, we need to empower SREs, red teams, and ethics boards as the final circuit breaker.

Why It Matters

My experience with Toyota taught me, and Toyota taught the world, that automation doesn’t eliminate human judgment; it amplifies the need for it. The philosophy of jidoka, the practice of pulling the Andon cord, and the discipline of kaizen created not just efficient factories, but resilient ones.

Agentic AI needs the same mindset:

  • Jidoka: Design automation with human judgment built in.
  • Andon Cord: Give humans the power to halt systems when trust is in doubt.
  • Kaizen: Treat every monitoring failure as a learning loop, not a one-time solution.

Juvenal’s warning still holds: unchecked power, whether in presidents, robots, or algorithms, breeds complacency.

👉 The real question for software leaders is this: will we embed jidoka for Agentic AI systems, or will we continue to trust the watchers blindly until they fail at scale?

The future of resilient software, trustworthy AI, and reliable observability depends on whether we pull the cord in time.

Identity in a Multi-Agentic world

Overview

As artificial intelligence and automation evolve, we are entering a multi-agentic world. Multi-agentic implies a distributed environment where autonomous software agents, APIs, machine learning models, and human users act in concert. Identity is no longer a technical detail; it is a core requirement for system integrity, trust, and control.

Agents today write code, deploy infrastructure, triage support tickets, summarize meetings, and in some cases make decisions. How do you know who made the decision and what liability your organization faces when agents collaborate, orchestrate, and reason?

You can’t coordinate a system that you cannot trust, and trust starts with a core capability: identity!

Identity is not for users only

Single sign-on, multi-factor authentication, and directory sync are basic requirements for user identity. With hundreds or even thousands of non-human agents like retrieval bots, security assessments, AI code reviewers, and autonomous workflows active at any given time, these measures are essential.

In large organizations, understanding the workflow, accountability, and permissible actions is crucial. Identity plays a fundamental role in these situations.

The issue affects everyone. It represents a change in control systems. Identity isn’t just about who logs in; it’s about making secure, transparent decisions and taking actions on a large scale.

Why is identity core to multi-agentic systems?

Identity is crucial to multi-agent systems. Here are six important reasons why.

🔐 Trust and Authentication

In a decentralized agent ecosystem, it’s important for us to understand who or what we are interacting with.

Is this code review coming from an approved AI agent or a spoofed script? Is it a rogue bot or an authorized user that initiates the workflow?

We can’t rely on IP addresses or client secrets anymore. We need signed, verifiable agent identities that persist across time and context.

🧾 Auditability and Accountability

Without identity, there’s no provenance.

When agents approve purchases, modify infrastructure, or triage incidents, it is essential to maintain a complete and tamper-proof record of the actions taken:

  • Who acted
  • On whose behalf
  • Under what authorization
  • With what outcome

This isn’t just good practice. It is essential for security, compliance, and debugging in enterprise systems.

Remember the old Abbott and Costello routine on “Who’s on first?” Who knew that comedy routine was so prescient!

👥 3. Delegation and Agent Chaining

In human teams, we delegate work to others. In multi-agent systems, delegation becomes the norm.

For example:

  • A user asks their assistant to generate a report
  • The assistant calls a forecasting agent
  • The forecasting agent queries a data governance agent to ensure compliance

At every step, the original identity and permissions need to be preserved. We must know who initiated the action and whether each agent is authorized to act on their behalf.


🔐 4. Fine-Grained Authorization

Multi-agent systems don’t work if every agent has God mode.

Each agent needs just enough access to do its job and no more.

This means:

  • Identity-linked roles and scopes
  • Time-boxed or task-limited permissions
  • Attribute-based access policies that adjust dynamically

Without strong identity-linked authorization, we’re just building smarter ways to breach ourselves.


🧠 5. Personalization and Adaptation

Good agents don’t just act; they learn.

But learning requires context:

  • What team is this user on?
  • What systems do they interact with?
  • What are their preferences?

Identity is the gateway to this context. It allows agents to personalize their behavior, become more useful over time, and avoid making dumb, default assumptions.


🌐 6. Interoperability Across Ecosystems

As agents start to collaborate across platforms, e.g., your Jira assistant talking to a GitHub bot or a Salesforce AI; the need for interoperable identity becomes critical.

That’s where standards like OIDC, SCIM, and even emerging ideas like Decentralized Identity (DID) and Verifiable Credentials (VCs) come into play.

Imagine an agent from Microsoft Graph collaborating with one from Atlassian Forge is only possible if identity flows freely but securely between them.


What Happens When You Don’t Prioritize Identity?

Without a strong identity layer, you get:

  • Shadow agents making untraceable decisions
  • Permission creep where every agent can do everything
  • Cross-system silos that break orchestration
  • Unverifiable outputs from unknown actors

It’s a recipe for disaster in regulated, security-sensitive, or high-trust environments.


Identity Is the New Control Plane

In human organizations, identity governs org charts, responsibilities, and roles.

In a multi-agent system, identity governs logic, execution, and autonomy.

Here’s where we need to invest:

  • Agent Identity Lifecycle – Issue, rotate, revoke agent credentials
  • Delegation Frameworks – Secure “on-behalf-of” interactions
  • Observability Tied to Identity – Logs, metrics, and decision trees with clear attribution
  • Policy-as-Code for Access – Role and attribute-based access enforcement
  • Cross-Domain Trust – Federated or decentralized identity for external agent collaboration

Closing Thoughts

We’re moving toward a world where autonomous agents are as common as microservices—and far more powerful. But without a robust identity layer, these systems will be fragile, opaque, and untrustworthy.

As a product leader, I see it clearly: identity is no longer a backend feature. It’s an architectural foundation for the next generation of intelligent systems.

If you’re building for the future, start by asking:

“Can I trust the agents in my system?”

And then:

“Can I prove it?”

In a multi-agent world, identity serves as the foundation for all trust.


Let’s connect: If you’re working on agent frameworks, trust layers, or identity models, I’d love to trade notes. The agentic future is here, let’s build it right.

Deductive Reasoning: Humanity’s Edge on the Age of AI

Introduction: Fear and the Fallacy

There are many stories about AI taking over human jobs. Each time technology advances, like with steam power, assembly lines, or automation, people worry about losing their jobs. AI, especially large language models, has brought back those fears. However, it’s crucial to recognize that while AI offers many benefits, it also brings big challenges. At a deeper level, deductive reasoning continues to be a lasting strength of humans.

The Three Types Reasoning and AI has challenges

To understand why, let us start with the basics of human reasoning:

Reasoning Type DescriptionExample AI Proficiency
Deductive From general rules to specific conclusionsAll planets orbit stars. Earth is a planet → Earth orbits the SunWeak (needs Symbolic systems)
Inductive From specific observations to general rulesEarth, Mars, and Jupiter orbit the Sun → All planets orbit stars ✔️ Strong (Pattern Learning)
AbductiveBest explanation given incomplete dataThe ground is wet → It probably rained ✔️ Strong (Probabilistic modeling)


AI excels at inductive and abductive reasoning because its architecture is probabilistic and data-driven. But deductive reasoning, which underpins scientific discovery, legal frameworks, and mathematical proofs, remains deeply challenging for AI.

Why deductive Reasoning is Hard for AI

them based on training data. That’s fundamentally different from how humans deduce facts from axioms.

Key Limitations of AI in Deductive Reasoning:

  • Non-determinism: Outputs vary even with the same input due to probabilistic sampling.
  • No grounding: LLMs lack a symbolic understanding of truth or causality.
  • Memory bottlenecks: Deduction requires sustained multi-step reasoning, often exceeding token windows.
  • Computational complexity: Symbolic logic engines require significant memory and computational resources, making them unsuitable for the current transformer-first AI infrastructure.

In essence, LLMs can mimic deduction, but they cannot construct or verify deductive truths unless tightly coupled with external logic engines.

Historical Parallel: Kepler and the limits of today’s AI

Consider how Johannes Kepler derived the laws of planetary motion. He didn’t just observe planets; he deduced laws from data, noticing elliptical orbits and harmonic relationships others overlooked.

Today’s AI could ingest the same data, classify it, and perhaps fit a regression curve. But could it infer a universal law from physical patterns?

AI cannot infer a universal law from physical patterns without external symbolic tools, and it cannot do so instinctively either.

This is the crux: humans don’t just learn from labeled data; we synthesize, infer, and challenge. These are traits AI lacks.

The path to Artificial General Intelligence (AGI) requires Symbolic Intelligence

To transition from Narrow AI to General AI (AGI), our models must establish a connection between statistical learning and symbolic logic.

Emerging models that might enable deductive AGI:

  • Symbolic Logic Engines: e.g., SAT solvers, Prolog, Z3 – already used in theorem proving.
  • Neuro-Symbolic Systems: e.g., DeepProbLog, Logic Tensor Networks – fuse neural nets with logic.
  • Probabilistic Logic Models: e.g., Markov Logic Networks, Bayesian Logic – approximate deduction under uncertainty.

These frameworks begin to touch the nuance humans process instinctively. But they remain research-heavy and highly compute-intensive, limiting their real-world scalability today.

AI is a tool: It raises the floor and the roof

Yes, AI will eliminate certain types of entry-level cognitive work, much like robots replaced repetitive tasks on factory floors. But just as factory workers evolved into process engineers, robot maintenance technicians, and quality optimization experts, so too will today’s workforce evolve to supervise, audit, and extend intelligent systems.

The issue is not about job loss but job transformation.

  • Raising the floor: Automating routine tasks, freeing humans from grunt work.
  • Involves the creation of new domains, such as reasoning over AI outputs, validating symbolic inferences, or designing new logic-based systems.

Just as programming evolved from assembly to C++ to Rust, AI evolves the way we interact with computation. But it doesn’t replace our capacity to reason. It extends it.

The real jobs of the future: Observation, Inference, and oversight

As AI improves, our role will change to:

  • Monitoring outputs for bias, hallucination, and logical consistency
  • Observing systems and inferring gaps in their logic
  • Scaling knowledge across domains that require deductive precision
  • Securing systems where probabilistic behavior may lead to unpredictable or adversarial outcomes

These are not “basic tasks.” They’re deeply human responsibilities.

Conclusion: Our future is not post-human, it is Post-redundancy

AI won’t replace us; it will make us more essential. By handling repetitive tasks, we can concentrate on our unique ability, the capacity to think critically.

Deductive reasoning is more than a method; it’s a way of thinking. It has supported scientific advancements, philosophical ideas, and legal systems. Even in the age of AI, it remains our greatest competitive advantage.

Crossing the Chasm with AI: Why Security, Privacy, and Transparency Will Drive Mainstream Adoption

Artificial intelligence (AI) dominates headlines and boardroom conversations. From chatbots to copilots, AI feels everywhere. But if we apply Geoffrey Moore’s classic “Technology Adoption Lifecycle,” we see a different story: despite the hype, AI still sits with Innovators and Early Adopters. The Early Majority, the pragmatic users who drive true mainstream adoption, remain cautious. Why? They demand trust, and trust in AI hinges on three pillars: security, privacy, and transparency.

Security First: The Foundation of Trust

AI changes the security landscape. Traditional software already faces a barrage of attacks, but AI introduces new risks. Imagine an AI agent with the power to automate tasks across a business. If attackers exploit a vulnerability or misconfiguration, the consequences could be catastrophic: privilege escalation, data exfiltration, or even manipulation of business decisions.


Security must come first. Enterprises, especially in regulated industries, will not trust AI until it proves resilient against both old and new attack vectors. AI systems must defend against prompt injection, adversarial attacks, and unauthorized data access. Companies need robust controls, continuous monitoring, and clear incident response plans.

Pros of investing in AI securityCons and challenges
Reduces the risk of breaches and attacksSecurity investments can slow down deployment and innovation
Builds trust with enterprise and regulated customersIncreased complexity and cost
Protects against new AI-specific threats Overly restrictive controls may limit AI’s capabilities
Extra security measures can introduce friction for end users


The bottom line: Without strong security, AI will never cross the chasm to the Early Majority.

Privacy: The Competitive Edge

Organizations and individuals hold deep concerns about privacy. Companies hesitate to use proprietary data to train public models, fearing they’ll lose their competitive edge. Consider a manufacturer with unique processes or a retailer with exclusive customer insight; these are valuable assets, not mere inputs for public AI models.


On the personal side, AI blurs the boundaries of privacy. In the past, searching Google for symptoms allowed you to maintain a certain sense of anonymity. Now, if you share health information with an AI chatbot, that data might reinforce the model’s learning. Suddenly, your private details could influence future predictions, raising the specter of data misuse, just as search engines and social platforms have long monetized our data.


AI must respect privacy. Curated, local, or federated models that do not leak sensitive information will win trust. Privacy-preserving techniques, such as differential privacy, data minimization, and on-device processing, will become essential.

Pros of prioritizing privacyCons and trade-offs
Protects user and organizational data Inadequate data may reduce the accuracy of the model.
Preserves Competitive Advantage Limits the scope of AI learning and generalizing.
Reduces the risk of regulatory penalties Can complicate data management and integration
Builds user trust and willingness to adoptIncreased privacy controls may require more resources to implement

If we want the Early Majority to embrace AI, we must treat privacy as a feature, not an afterthought.

Transparency: The Art of Questioning

AI models, particularly large language models, function as opaque entities. They generate answers by calculating probabilities based on weights, biases, and vast training data. As users, we risk outsourcing our thinking to these systems unless we demand transparency.

Transparency empowers users. When AI provides clear reasoning or explanations, we can evaluate, question, and challenge its outputs. This art of questioning keeps us in control and prevents blind trust in machine-generated answers.
But transparency has its limits. Too much openness can reveal proprietary methods or make it easier for bad actors to manipulate the system. We must strike a balance: enough transparency to foster trust and accountability, but not so much that we expose the system to new risks.

Pros of transparencyCons and risks
Increases user trust and understandingMay expose proprietary methods or intellectual property
Facilitates regulatory compliance and auditingCould be exploited by adversaries to game the system
Encourages responsible and ethical AI useCan overwhelm users with too much information
Enables better debugging and error correctionMay slow down model deployment if explanations are required

How Curated Models will shine!

The next wave of AI adoption will not come from bigger models or more data alone. It will come from curated, secure, and privacy-preserving AI systems. Whether in software or manufacturing supply chains, organizations want to protect their unique value. They will not willingly use their competitive advantage to train public models.
Curated models, trained on carefully selected, private, or domain-specific data, offer a path forward. These models can deliver high performance while respecting privacy and security requirements. They also provide clearer transparency, as their scope and training are well defined

Build Trust: The path to Early Majority

To win over the Early Majority, the AI community should:
• Focus on strong security to combat threats
• Make privacy integral to design, not an add-on
• Ensure transparency so users can understand AI decisions
We also need to educate users: AI is a tool, not a prophet. When an AI provides answers, we should continue asking questions. Does the reasoning add up? Can we follow the logic? Only then can we use AI wisely and with confidence.

Conclusion

AI is close to becoming widely used. The Early Majority is looking for evidence that AI systems are safe, private, and clear. By focusing on these aspects now, we can make the leap and create a strong base for long-lasting, responsible innovation.

Vibe Coding: The unintended consequence

Introduction

AI-assisted software development is growing, and as someone who enjoys empowering people with technology, I find this trend exciting. It involves creating or changing software using clear ideas, natural language prompts, or basic frameworks. It’s quick, impressive, and quite freeing.

And yet, when you look at the bigger picture, something feels off.

Statistical patterns vs grounded in secure practices

While vibe coding is a useful tool for sharing ideas, creating prototypes, exploring, and onboarding, it has weaknesses that technical leaders and engineering teams must address. The foundational models trained on Python, TypeScript, and other programming languages often learn from vast amounts of public code, which may not always represent secure or maintainable engineering practices. Some patterns they derive are simply statistical trends and lack a basis in solid software design principles, such as secure design and zero trust. This dependence on potentially flawed data can lead to misunderstandings about best practices, causing developers to adopt insecure or inefficient coding habits without realizing it. As technology changes quickly, relying on outdated or poorly written examples can stifle innovation and weaken the integrity of software projects.

The illusion of safety in noise reduction

Auto-complete features and noise reduction methods in AI coding depend on making patterns in the training data look smoother instead of being based on proven engineering principles. The purpose of these coding solutions is to mitigate friction in the realization of ideas rather than to impose constraints. An unfortunate consequence of this approach is the semblance of correctness: the code appears polished, and the functions seemingly operate as intended; yet, the foundational logic may be flawed, insecure, or incompatible with operational requirements. I draw upon my experience with large enterprises in guiding them toward low-code solutions, and this was a common concern expressed by many of them.

Is the code maintainable?

Although it is improving, vibe-coded software still lacks explainability and rationale. During service outages, particularly when the outage cascades across microservices, third-party dependencies, or cloud infrastructure, it is essential to have more than just syntactically correct code.

You need to have context, contracts, and traceability. Code that is “vibe-coded” into existence often fails the test of operational readiness. Without proper guardrails, you end up with something far worse than legacy software—there, I said it! Legacy software is an example of live software that no one understands and gets really hard to decompose and do anything meaningful.

We are already seeing early signs of this in open-source projects where AI-generated code has proliferated. There are repositories brimming with redundant logic, ambiguous abstractions, and fragile dependencies. In some cases, contributors can’t explain why a block of code exists or what might break if it changes.

Secure Coding and Zero Trust as guardrails are non-negotiable

Now, I am not saying we need to reject AI-generated code; in fact, far from it. The solution is to ground it in the enterprise secure coding principles and zero trust architectures. These should serve as rails, not brakes, on this new mode of development. Enterprises must invest in tooling, policy, and culture that elevate contextual understanding, threat modeling, and least-privilege execution.

The promise of agentic development is real. We will get to a future where intelligent systems reason about business intent, architectural constraints, and security posture before generating code. But we are not there yet. Until then, vibe coding without governance is a fast lane to spaghetti code. Code that looks modern but behaves like legacy.

Let us celebrate the creativity this new medium offers, but let us not confuse vibes with validation!


The layers of Artificial Intelligence

I have started blogging again, and it feels great to be back! It’s an exciting time to jump in, especially with all the developments in AI (Artificial Intelligence). I am really excited because I believe that during our lives, we will be able to find a cure for cancer and tackle climate change globally with AI.

So, what makes AI systems, like chatbots, recommendation tools, or even autonomous vehicles work? The answer is layers. What do I mean by layers? To make AI work, there are many layers involved. These layers are the hidden heroes behind all the amazing things we can achieve with Artificial Intelligence. Let’s explore what makes them brilliant!

1. The Infrastructure Layer

The infrastructure layer is essential for any AI system, providing the computing power and storage to manage large data and complex tasks. Think of it as the oven and tools needed for baking a cake. Key components include cloud platforms, GPUs, and powerful servers. Without this layer, AI systems lack the strength to operate. Besides the main infrastructure, there are also important aspects like security, compliance, identity, scaling, and backup and recovery timelines.

2. The Data Layer 

Data is the raw ingredient for AI—like the flour, sugar, and eggs for your cake. The data layer involves collecting, storing, and processing data. It ensures that the data is clean, organized, and accessible for further use. Databases, data lakes, and data pipelines play a crucial role in this layer, ensuring your AI system has a steady supply of high-quality “ingredients.” 

3. The Model Layer 

Moving on, the model layer is where the real magic happens. This layer involves training and fine-tuning AI models to perform specific tasks, such as recognizing images, understanding speech, or predicting trends. Think of this as mixing and baking your ingredients into a delicious cake. Machine learning algorithms and frameworks like TensorFlow or PyTorch are the key tools in this layer. 

4. The Orchestration Layer 

This is the conductor of the AI symphony. The orchestration layer ensures that all the other layers work in harmony. It manages workflows, integrates components, and ensures scalability and efficiency. Imagine this as the recipe book and timer that guide you through the baking process. Without orchestration, the entire system can become chaotic and inefficient. 

5. The Application Layer 

Finally, the application layer is where AI meets the real world. This is the beautifully decorated cake that everyone gets to enjoy. It includes user interfaces, APIs, and AI-powered applications, such as chatbots, recommendation systems, or autonomous vehicles. This layer ensures that the end-user can interact with and benefit from the AI system effortlessly. 

Conclusion 

In summary, the layers of AI work together like a well-baked cake, with the infrastructure, data, model, orchestration, and application layers playing their distinct roles. As the orchestration layer brings harmony to the entire stack, it ensures that all components collaborate seamlessly to deliver intelligent and efficient solutions. Understanding these layers is the first step toward appreciating the brilliance behind AI systems!