Organisations increasingly rely on cloud services to drive innovation and operational efficiency, and as more artificial intelligence (AI) workloads use public cloud-based AI acceleration, organisations’ AI strategies are linked to the security and availability of these services.
However, as John Bruce, chief information security officer (CISO) at Quorum Cyber, points out, CISOs face the persistent challenge of figuring out how to map a cloud provider’s service level agreement (SLA), which does not align with the enterprise’s security and availability requirements (see box: A strategic framework for SLA gap management).
Aditya Sood, vice-president of security engineering and AI strategy at Aryaka, says that while SLAs typically cover metrics like uptime, support response times and service performance, they often overlook critical elements such as data protection, breach response and regulatory compliance.
This, he says, creates a responsibility gap, where assumptions about who is accountable can lead to serious blind spots. For instance, a customer might assume that the cloud provider’s SLA guarantees data protection, only to realise that their own misconfigurations or weak identity management practices have led to a data breach.
“Organisations may mistakenly believe their provider handles more than it does, increasing the risk of non-compliance, security incidents and operational disruptions,” he says.
Sood recommends that IT decision-makers ensure they take into account the nuances between SLA commitments and shared security responsibilities. He believes this is vital for organisations to make the most of cloud services without undermining resilience or regulatory obligations.
In Bruce’s experience, misalignment of an SLA with corporate IT requirements is more common than many leaders realise. “Whether it’s a cutting-edge AI platform from a startup, specialised software as a service (SaaS) with limited security guarantees, or even established cloud providers whose standard SLAs fall short of regulatory requirements, the gap between what providers offer and what enterprises need can be substantial,” he says.
According to Bruce, the modern cloud ecosystem presents a complex landscape. He says: “While major cloud providers like AWS [Amazon Web Services], [Microsoft] Azure and Google Cloud have matured their security offerings and SLAs considerably, the broader ecosystem includes thousands of specialised providers.”
Bruce notes that while many offer innovative capabilities that can provide significant competitive advantages, their SLAs often reflect their size, maturity, or focus areas rather than enterprise security requirements.
For instance, IT decision-makers can face an innovation paradox. This occurs, says Bruce, if a promising AI or machine learning (ML) platform offers breakthrough capabilities but provides only basic security guarantees and 99.5% uptime commitments when the organisation requires 99.99% availability.
While an SLA guarantees the cloud provider’s commitment to “the security of the cloud”, ensuring the underlying infrastructure’s uptime, resilience and core security, in Sood’s experience, it explicitly does not cover the customer’s responsibilities for security in the cloud.
He says that even if a provider’s SLA promises 99.99% uptime for its infrastructure, a customer’s misconfigurations, weak identity management or unpatched applications can still lead to data breaches or service outages, effectively nullifying the perceived security and uptime benefits of the provider’s SLA.
Even if a provider’s SLA promises 99.99% uptime for its infrastructure, a customer’s misconfigurations, weak identity management or unpatched applications can still lead to data breaches or service outages
Another factor to consider is what Bruce calls the “compliance gap”. This is when the SaaS provider offers essential functionality, but its data residency, encryption or audit logging capabilities do not meet the regulatory requirements of the organisation.
Then there is the case of a service provider’s inability to scale to meet certain requirements needed by enterprise IT. This “scale mismatch”, as Bruce calls it, occurs in a situation where the specialised software house provides unique industry-specific tools, but its incident response procedures and security monitoring do not meet enterprise standards.
Sood recommends using a shared responsibility model (SRM), which plays a central role in defining how security and operational duties are split between cloud providers and their customers. The SRM directly impacts the adequate security and availability experienced by the enterprise, making diligent customer-side security practices crucial for realising the full value of any cloud SLA.
Public cloud lock-in
Beyond managing how responsibility for IT security is coordinated, IT leaders should also be wary of the extent to which they use the value-added services provided in a public cloud platform.
For instance, egress fees to transfer data out of a public provider’s datacentre are opaque. McCluggage says that egress fees combined with proprietary application programming interfaces (APIs) and binding enterprise agreements often make the cost of switching public cloud providers too high.
“Beyond just stifling competition, this lock-in also undermines the UK government’s ambition to become an AI powerhouse. With AI workloads increasingly dependent on high-performance cloud infrastructure, continuing to rely on just two dominant hyperscalers risks concentrating capability, control and innovation in the hands of a few,” he says.
According to McCluggage, customers using certain public cloud services can face “economic entrapment”. As an example, Microsoft’s recent Office 365 Personal and Family subscriptions price increase in the UK – from £59.99 to £84.99 – was justified by the addition of AI-powered Copilot features.
“Customers can avoid the hike by choosing the ‘Classic’ subscription,” says McCluggage, pointing out that Microsoft has made this subscription much harder for people to find. “Most individuals – and organisations – won’t know they have a choice until it’s too late. This isn’t value creation,” he adds.
Being realistic about contract terms
The cloud ecosystem will continue to evolve, with new providers offering compelling capabilities alongside varying security guarantees. Quorum Cyber’s Bruce warns that attempting to eliminate all SLA gaps would mean forgoing potentially transformative technologies. Instead, he says, successful CISOs need to develop frameworks for making informed risk decisions that enable innovation while maintaining appropriate controls.
“By taking a structured approach to SLA gap management, organisations can access innovative cloud services while maintaining strong security postures and regulatory compliance,” says Bruce, for whom the key is moving beyond simple accept/reject decisions to sophisticated risk management that enables business objectives while protecting against genuine threats.
Organisations that develop mature approaches to SLA gap management will be best positioned to take advantage of these innovations while maintaining appropriate risk management standards.
Every technology decision involves risk trade-offs. Should IT make the most of new cloud and AI innovation, even if it may not fully meet corporate IT standards, or go with established public cloud providers where there is the potential of being locked in and facing the opaque egress fees that McCluggage refers to.
Aryaka’s Sood urges IT decision-makers to adopt proactive governance, risk and compliance (GRC) by updating the organisation’s internal security policies and procedures to account for the new cloud service and its specific risk profile. “Map the provider’s security controls and your compensating controls directly to relevant regulatory requirements,” he says.
Sood also suggests that IT leaders should ensure documentation of the organisation’s risk assessments, mitigation strategies and any formal risk acceptance decisions are meticulously managed.
By adopting these strategies, IT and security leaders can confidently embrace innovative cloud technologies, minimising inherent risks and ensuring a strong compliance posture, even when faced with SLAs that don’t initially meet all desired criteria.
With such measures and policies in place, IT decision-makers understand the risk and their mitigation strategies, which should put them in a better place to select the best AI and cloud innovations for their organisations. “The question isn’t whether to accept risk, but how to manage it intelligently in pursuit of business objectives,” says Bruce.
It’s nearly summer. Birds are migrating, flowers are blooming, and REI is kicking off its annual anniversary sale.
It’s the outdoor retailer’s biggest sale of the year. This year’s REI sale starts May 15 and runs through Memorial Day, May 25. Many items are up to 30 percent off, but REI Co-op members save up to 20 percent on any full-price item and an extra 20 percent off any REI Outlet item. To get the discount, add the promo code ANNIV26 at checkout.
Goal Zero’s new Yeti 1500 is one of the best camping and overlanding power stations we’ve tested. The new LiFePO4 chemistry battery is rated for 4,000 charge cycles (about 10 years of average use) and there’s a new high amp output (30 A) for tying into van and overlanding setups. Goal Zero also engineered it to be able to handle the high vibration environment of off-roading. With 4 AC outlets and USB charging at up to 140 watts, the Yeti 1500 can keep your wired world running for well over a week, no grid required.
Yes your phone has some features of a dedicated satellite messenger, but we still think you’re better off with a dedicated device. Garmin’s new inReach Mini 3 now offers some of those phone features—like voice and photo messaging—along with the emergency features and excellent service world wide. It’s also still tiny, well built and it has great battery life. The cheaper Garmin Inreach Mini 3 (which does not have the new photo sharing features) is also on sale for $400 ($50 off).
The Garmin Instinct Solar is our favorite rugged and affordable outdoor watch powered by the sun. It has long battery life and yes, recharges any time it’s in the sun. GPS is enabled and there’s tons of sports tracking and navigation features. It’s cheaper than a Fenix and just as reliable.
Courtesy of Coleman
My favorite of Coleman’s current lineup, the Cascade 3-in-1 (8/10, WIRED Recommends) features heavy-duty cast iron grates, comes with a cast-iron griddle and grill, and can fit a 12-inch pan and a 10-inch pan side by side. It’s sturdier and all-around more robust than other Coleman stoves, well worth the extra money if you’re serious about camp cooking. That said, the much cheaper stove below will get you by if you’re only using it a few nights a year.
This is our favorite camp stove for most people. Technically this version is a little fancier than our top pick, with electronic ignition and a nice pale green paint job. Is it worth an extra $30? That’s up to you. If it’s not, snag the less fancy version for $59 at Walmart.
The thing to keep in mind when you shop REI brand gear is the company’s basic proposition: you get 90 percent of the designer item for 70 percent of the price. It’s a strategy that works quite well and has generated some really great, affordable gear. This chair is a good example of that. It’s not as nice as the Nemo above, but it’s still comfortable (it does wobble a little, side to side when you move) and nearly half the price.
Photograph: Scott Gilbertson
Whenever I can, I like to cook over open flame using my firebox stove, which often means cutting wood. The best portable saw I’ve found is this Silky folding saw. It’s light enough to bring bike packing (5.3 ounces), and it folds down to about 9 inches long, which slips in a pannier no problem. This thing is razor sharp though, be careful when using it in the backcountry.
The thing to keep in mind when you shop for gear bearing the REI brand is the company’s basic proposition: You get 90 percent of the designer item for 70 percent of the price. It’s a strategy that works quite well and has generated some really great, affordable gear. This REI chair is a good example of that. It’s not as nice as the Nemo above, but it’s still comfortable (it does wobble a little, side to side when you move) and nearly half the price.
REI’s Base Camp tent is WIRED’s favorite car camping tent. It’s extremely well designed and proved plenty weatherproof in our testing. The traditional dome tent design, with two crossed poles and two side poles, holds up well in wind, and the tent floor is high-quality 150-denier (150D) polyester. There’s loads of storage pockets, double doors, great vents, and huge windows, making it comfortable even in summer heat.
The REI Half Dome 2 is the best budget two-person backpacking tent. I’ve toted it on many a backpacking trip and found it to be plenty sturdy, quick to set up, and capable of fitting two people and their gear. It even comes with a footprint (which I never bother with, but it’s nice to have it if you have to deal with prickers or pointy rocks).
The Big Agnes Copper Spur series is our top pick for freestanding ultralight tents. This is a high-quality, well-designed tent that’s lightweight, easy to set up, and roomy enough to be livable in the backcountry. The “awning” design (where the front fabric is held aloft with trekking poles or sticks) is a nice extra and the mix of 15D nylon, and 20D ripstop, while to feels fragile, as held up well over time. The 4-person version, which is one of the lightest 4P tents on the market is also on sale.
Nemo’s Dragonfly tents are great. I really like the generous amount of mesh at the top, which provides some nice ventilation on warm summer nights and is perfect for falling asleep under the stars when the weather permits. The Osmo fabric continues to live up to the hype, with much less water absorption than nylon tents in rainy weather, and there’s a good amount of room for storing all your stuff.
REI’s Magma line of down gear are some of the best deals around. The Magma 15 sleeping bag has long been an affordable bag that’s perfect for shoulder season trips when the temp potentially swing lower than you’re expecting (the comfort rating is 21 degrees Fahrenheit). There are three lengths and three widths, making it easy to get something that’s perfect for your body, and the 850-fill-power goose down (Bluesign-approved) packs down nice and small. If you don’t need the shoulder season coverage the Magma 30 is also on sale for $262 ($87 off), and makes a great summer sleeping bag.
I just spent a week sleeping under this quilt at the Biggest Week in American Birding. The Magma quilt was surprisingly warm. I did have on an puffer jacket, but I managed to stay comfy down to 30 degrees. Like the sleeping bag version above, this is 95 percent of what you get from far more expensive quilts. It’s light (20.3 ounces for the medium), packs down small, includes straps to keep it on your sleeping pad, can be completely unzipped and used like a comforter or snapped up in a proper foot box on colder nights.
Photograph: Scott Gilbertson
This is one of my favorite ultralight sleeping bags. There are lighter quilts out there, but when you need the warmth of a mummy bag on those colder nights, this is what I use. It also has the smallest pack size of any bag I’ve tested in this temperature range. With the included compression sack, this thing is truly tiny. The down fill is PFC-free, 850+ hydrophobic down. The zippers are on the small side, but they slide well and rarely if ever snag on the bag. I’ve slept in this bag down to 20 degrees and never been the least bit cold.
Nemo’s Forte 20 is a 20-degree synthetic-fill sleeping bag, but the comfort rating is 30 degrees. In my testing, this feels more like where you’d want to stay temperature-wise with this bag. The outer shell uses a 30-denier recycled polyester ripstop with an inside liner made from 20-denier recycled polyester taffeta. The fill is what Nemo calls Zerofiber insulation, which is made from 100 percent postconsumer recycled content fibers. The Zerofiber packs down remarkably small—this is the most compact synthetic-fill bag I’ve tested in this temp range.
Photograph: Scott Gilbertson
I had to surrender my ultralight cred to the Reddit mods for carrying this robust pad, but it is totally worth the improved sleep. The 6 or so extra ounces is more than made up for by how well I sleep—rest and recovery are a key part of long miles, kids—on this pad compared to, well, every other backpacking sleeping pad. It’s that good. Alas, it is also kinda pricey … which is why you should grab one now on sale.
The Tensor All-Season hits all the sweet spots. It weighs an acceptably light 18.2 ounces, provides a good 3 inches of padding, and has an R value of 5.4. (The R value of a sleeping pad denotes its level of insulation; the higher the number, the warmer you stay and 5.4 is enough insulation for colder spring or autumn nights.) That works out to the best padding and R rating for the weight. It’s also mercifully quiet—none of that annoying crunching noise every time you roll over.
If you’re gearing up for a winter trip, this is a good deal on a great winter sleeping pad. The Tensor Extreme Conditions has the highest R value of any pad we’ve tested (8.5) yet somehow manages to pack down to about the size of a Nalgene water bottle and weighs just 21 ounces (587 g).
Courtesy of Exped
This is my new favorite winter sleeping pad. It doesn’t have quite the R-value of the Tensor Extreme above, but I find it more comfortable and when paired the a Therm-a-Rest Z-lite, I stayed plenty warm even on a night spent at minus 25 degrees Fahrenheit this past winter. I like it so much a bought a second one for whomever is foolish enough to come with me on such trips.
The big fat camping pad that started the trend of big fat camping pads, the Megamat is a revelation. Trust me, you have no idea how comfortable tent camping can be until you sleep on a Megamat. The 4-inch-thick Exped MegaMat is soft and surprisingly firm thanks to the closed-cell foam inside it, which relieves pressure and feels about as close to the mattress in your bedroom as you’re going to get in the woods.
When I sold my Jeep, I had to give up my overlanding dreams and return to being a mere camper. But this Megamat, which cuts in to fit around the wheel wells of an SUV, has brought some of those overlanding dreams back to life. I throw this in the back of my wife’s Rav4, and while it’s not a perfect fit (check Exped to see which vehicles are supported), it’s close enough that I can get a good night’s sleep in the car.
For more than a year, Tesla has shielded details about its robotaxi crashes from public view. Now, the company has published new details in a federal database about 17 incidents, which took place between July 2025 and March 2026. In at least two of them, Tesla’s human employees appear to have played a hand in the crashes by remotely driving the otherwise autonomous cars into objects on the street.
In both crashes, which happened in Austin, “safety monitors” were in the vehicles’ passenger seats to oversee the still-fledgling self-driving tech, and no passengers were riding in the cars. Both crashes occurred at speeds below 10 miles per hour. The new details were first reported by TechCrunch.
In one incident, which took place in July 2025, the safety monitor experienced “minor” injuries after a remote worker drove the Tesla up a curb and into a metal fence at 8 mph. The monitor, who had requested help from Tesla’s remote driving team after the car stopped on the side of a street and wouldn’t move forward, was not hospitalized, Tesla reported.
The other incident, in January 2026, happened after a safety monitor requested navigation help from the remote team. The remote driver took control and drove the car straight into a temporary construction barricade at 9 mph. The crash left the robotaxi’s front left fender and tire scraped up, but Tesla didn’t report any injuries.
Tesla, which does not have a public relations team, did not respond to WIRED’s request for comment.
The new details draw attention to an often misunderstood but safety-critical part of autonomous vehicle operations: the human backstops who remotely monitor the robot cars and intervene when they get into trouble. All US self-driving operators maintain these remote teams, according to letters submitted to a US senator earlier this year. But Tesla appears to be an outlier because it more frequently allows these remote workers to directly drive the cars.
Other companies typically allow their workers to remotely provide input to the autonomous vehicle software, which the system can choose to use or reject. (Waymo says that specially trained workers can remotely drive its cars up to 2 mph, but said in February that it hadn’t used that functionality outside of training.)
Safety advocates have raised questions about remote driving, which can be challenging in places without consistent cellular connectivity and in contexts where remote drivers need a perfect understanding of a car’s surroundings to guide it out of complex situations.
The new details on the two Tesla crashes “raise questions about what the teleoperator can see in both coverage and resolution, and what kind of latency they are experiencing while driving,” Noah Goodall, an independent self-driving vehicle researcher, tells WIRED in a message.
Tesla’s still-fledgling robotaxi service is operating in three Texas cities: Austin, Dallas, and Houston. But the service has fewer than 100 vehicles operating in total, compared to Waymo’s nearly 4,000. Less than half of Tesla’s cars appear to operate without a safety monitor sitting in the passenger seat. Reuters reported this week that service wait times in Houston and Dallas, where robotaxis launched in April, are upward of 35 minutes. Even in Austin, where the cars have been carrying passengers for almost a year, a reporter for the publication found that robotaxis were sometimes completely unavailable.
Tesla CEO Elon Musk has said that autonomous vehicles and robotics are the automaker’s focus instead of manufacturing electric cars. Musk’s compensation—a potential $1 trillion paycheck by 2035—is now tied to vehicle and robot deliveries, as well as sales of not-yet-released self-driving subscriptions and the number of robotaxis in commercial operation.
OpenAI told staff on Friday that it would reorganize the company as part of an ongoing effort to unify its product offerings, WIRED has learned. OpenAI cofounder and president Greg Brockman will now lead the company’s product strategy, in addition to his work on AI infrastructure, OpenAI confirms to WIRED. Brockman was previously assigned to oversee OpenAI products on an interim basis while CEO of AGI deployment, Fidji Simo, was on medical leave; the change is now official.
“We’re consolidating our product efforts to execute with maximum focus toward the agentic future, to win across both consumer and enterprise,” Brockman said in a memo to staff seen by WIRED. Brockman added that OpenAI’s products are naturally converging, and that the company has decided to merge ChatGPT and Codex into one unified experience.
OpenAI says it’s folding ChatGPT, its AI coding agent Codex, and its developer-facing API into one core product team. The company says that Codex is increasingly powering its consumer and enterprise offerings, which are gaining the ability to perform digital tasks autonomously on behalf of users.
Two other OpenAI leaders are also taking on larger roles at the company as part of the changes. OpenAI’s head of Codex, Thibault Sottiaux, has been tapped to lead the core product and platform across consumer, enterprise, and developer surfaces. Sottiaux was a key leader in building Codex into one of the company’s fastest-growing products of all time. OpenAI’s longtime head of ChatGPT, Nick Turley, is moving to a new role at the company that aims to revamp enterprise products. OpenAI says Turley will continue his work on ChatGPT, which he has helped grow to more than 900 million weekly active users since he took over in 2022.
The changes are the latest shakeup for OpenAI as leadership aims to refocus the company on a few key product areas, including ChatGPT, Codex, and its forthcoming “everything app.” Last month, OpenAI announced many executive changes, including that CEO of AGI dDeployment, Fidji Simo, was taking a medical leave to focus on her health. OpenAI previously said Brockman would oversee product strategy in her absence. The company tells WIRED that Simo remains on medical leave, and worked directly with Brockman on these organizational changes and product strategy.
In the last year, OpenAI has faced increasing pressure from competitors, including Anthropic in coding domains and Google in consumer chatbots. OpenAI leaders are hoping to simplify product offerings ahead of its plan to file for an IPO, which could happen later this year.
Other OpenAI executives left the company entirely last month, including the head of its AI workspace for scientists, Kevin Weil; head of Sora, Bill Peebles; and its chief technology officer of enterprise applications, Srinivas Narayanan.
This is a developing story. Please check back for updates.
-SOURCE-Scott-Gilbertson.jpg)
Tech1 week ago
Tech1 week ago
Fashion1 week ago
Tech1 week ago
Tech1 week ago
Fashion1 week ago
Sports1 week ago
Entertainment1 week ago