A study by Boston Consulting Group (BCG) suggests that organisations that lead in technology development are gaining a first-mover advantage when it comes to artificial intelligence (AI) and using agentic AI to improve business processes.
What is striking about BCG’s findings, according to Jessica Apotheker, managing director and senior partner at Boston Consulting Group, is that the leading companies in AI are mostly the same ones that were leaders eight years ago.
“What this year’s report shows is that the value gap between these companies and others is widening quite a bit,” she says. In other words, BCG’s research shows that organisations that have invested disproportionately in technology achieve a higher return from that investment.
Numerous pieces of research show that a high proportion of AI initiatives are failing to deliver measurable business success. BCG’s Build for the future 2025 report shows that the companies it rates as the best users of AI generate 1.7 times more revenue growth than the 60% of companies in the categories it defines as stagnating or emerging.
However, there is certainly a case to build on previous initiatives such as robotic process automation (RPA).
Speaking at the recent Forrester Technology and Innovation Summit in London, Bernhard Schaffrik, principal analyst at Forrester, discussed how agentic AI can be built on top of a deterministic RPA system to provide greater flexibility than what existing systems can be programmed to achieve.
The analyst firm uses the term “process orchestration” to describe the next level of automating business processes, using agentic AI in workflow to handle ambiguities far more easily than the programming scripts used in RPA.
“Classic process automation tools require you to know everything at the design stage – you need to anticipate all of the errors and all the exceptions,” says Schaffrik.
He points out that considering these things at design time is unrealistic when trying to orchestrate complex processes. But new tools are being developed for process orchestration that rely on AI agents.
A strong data foundation
Boston Consulting Group (BCG) says prerequisites for the successful roll-out of AI agents include strong data foundations, scaled AI capabilities and clear governance.
Standardisation of data is a key requirement for success, according to Twig. “A big part of the issue is data,” he says. “AI is only as strong as the information it runs on, and many companies don’t have the standardised, consistent datasets needed to train or deploy it reliably.”
Within the context of agentic AI, this is important to avoid miscommunications both at the technology infrastructure level and in people’s understanding of the information. But the entire data foundation does not have to be built all at once.
BCG’s Apotheker says companies can have an enterprise-wide goal to achieve clean data, and build this out one project at a time, providing a clean data foundation on which subsequent projects can be built. In doing so, organisations are able to gain a better understanding of the enterprise data these projects require while they ensure that the datasets are clean and good data management practices are followed.
A working agentic AI strategy relies on AI agents connected by a metadata layer, whereby people understand where and when to delegate certain decisions to the AI or pass work to external contractors. It’s a focus on defining the role of the AI and where people involved in the workflow need to contribute.
This functionality can be considered a sort of platform. Scott Willson, head of product marketing at xtype, describes AI workflow platforms as orchestration engines, coordinating multiple AI agents, data sources and human touchpoints through sophisticated non-deterministic workflows. At the code level, these platforms may implement event-driven architectures using message queues to handle asynchronous processing and ensure fault tolerance.
Data lineage tracking should happen at the code level through metadata propagation systems that tag every data transformation, model inference and decision point with unique identifiers. Willson says this creates an immutable audit trail that regulatory frameworks increasingly demand. According to Willson, advanced implementations may use blockchain-like append-only logs to ensure governance data cannot be retroactively modified.
Adapting workflows and change management
Having built AI-native systems from the ground up and transformed the company’s own product development processes using AI, Alan LeFort, CEO and co-founder of StrongestLayer, notes that most organisations are asking completely the wrong questions when evaluating AI workflow platforms.
“The fundamental issue isn’t technological, it’s actually organisational,” he says.
Conway’s Law states that organisations design systems that mirror their communication structures. But, according to LeFort, most AI workflow evaluations assume organisations bolt AI onto existing processes designed around human limitations. This, he says, results in serial decision-making, risk-averse approval chains and domain-specific silos.
When you try to integrate AI into human-designed processes, you get marginal improvements. When you redesign processes around AI capabilities, you get exponential gains Alan LeFort, StrongestLayer
“AI doesn’t have those limitations. AI can parallelise activities that humans must do serially, doesn’t suffer from territorial knowledge hoarding and doesn’t need the elaborate safety nets we’ve built around human fallibility,” he adds. “When you try to integrate AI into human-designed processes, you get marginal improvements. When you redesign processes around AI capabilities, you get exponential gains.”
StrongestLayer recently transformed its front-end software development process using this principle. Traditional product development flows serially. A product manager talks to customers, extracts requirements and then hands over to the user experience team for design, the programme management team then approves the design, and developers implement the software. It used to take 18-24 months to completely rebuild the application in this process, he says.
Instead of bolting AI onto this process, LeFort says StrongestLayer “fundamentally reimagined it”.
“We created a full-stack prototyper role-paired with a front-end engineer focused on architecture. The key was building an AI pipeline that captured the contextual knowledge of each role: design philosophy, tech stack preferences, non-functional requirements, testing standards and documentation needs.”
As a result of making these workload changes, he says the company was able to achieve the same outcome from a product development perspective in a quarter of the time. This, he says, was not necessarily achieved by working faster, but by redesigning the workflow around AI’s ability to parallelise human sequential activities.
LeFort expected to face pushback. “My response was to lead from the front. I paired directly with our chief product officer, Joshua Bass, to build the process, proving it worked before asking others to adopt it. We reframed success for our front-end engineer around velocity and pioneering new ways of working,” he says.
For LeFort, true speed to value comes from two fundamental sources: eliminating slack time between value activities and accelerating individual activity completion through AI automation. “This requires upfront investment in process redesign rather than quick technology deployment,” he says.
LeFort urges organisations to evaluate AI workflow platforms based on their ability to enable fundamental process transformation, rather than working to integrate existing inefficiencies.
Getting agentic AI decision-making right
Research from BCG suggests that the best way to deploy agents is through a few high-value workflows with clear implementation plans and workforce training, rather than in a massive roll-out of agents everywhere at once.
There are different models with different strengths. We want to use the best model for each task Ranil Boteju, Lloyds Banking Group
One of the areas IT leaders need to consider is that their organisation will more than likely rely on a number of AI models to support agentic AI workflows. For instance, Ranil Boteju, chief data and analytics officer at Lloyds Banking Group, believes different models can be tasked with tackling each distinct part of a customer query.
“The way we think about this is that there are different models with different strengths, and what we want to do is to use the best model for each task,” says Boteju. This approach is how the bank sees agentic AI being deployed.
With agentic AI, problems can be broken down into smaller and smaller parts, where different agents respond to each part. Boteju believes in using AI agents to check the output from other agents, rather like acting as a judge or a second-line colleague acting as an observer. This can help to cut erroneous decision-making arising from AI hallucinations when the AI model basically produces a spurious result.
IT security in agentic AI
People in IT tend to appreciate the importance of adhering to cyber security best practices. But as Fraser Dear, head of AI and innovation at BCN, points out, most users do not think like a software developer who keeps governance in mind when creating their own agents. He urges organisations to impose policies that ensure the key security steps are not skipped in the rush to deploy agentic AI.
“Think about what these AI agents might access across SharePoint: multiple versions of documents, transcripts, HR files, salary data, and lots more. Without guardrails, AI agents can access all this indiscriminately. They won’t necessarily know which versions of these documents are draft and which are approved,” he warns.
The issue escalates when an agent created by one person is made available to a wider group of colleagues. It can inadvertently give them access to data that is beyond their permission level.
Dear believes data governance needs to include configuring data boundaries, restricting who can access what data according to job role and sensitivity level. The governance framework should also specify which data resources the AI agent can pull from.
In addition, he says AI agents should be built for a purpose, using principles of least privilege: “Just like any other business-critical application, it needs to be adequately tested and ‘red-teamed’. Perform penetration testing to identify what data the agent can surface, to whom, and how accurate the data is. Track and audit which agents are accessing which data and for what purpose, and implement real-time alerts to flag unusual access patterns.”
A bumpy ride ahead
What these conversations with technology experts illustrate is that there is no straightforward path to achieving a measurable business benefit from agentic AI workflows – and what’s more, these systems need to be secure by design.
Organisations need to have the right data strategy in place, and they should already be well ahead on their path to full digitisation, where automation through RPA is being used to connect many disparate workflows. Agentic AI is the next stage of this automation, where an AI is tasked with making decisions in a way that would have previously been too clunky using RPA.
However, automation of workflows and business processes are just pieces of an overall jigsaw. There is a growing realisation that the conversation in the boardroom needs to move beyond the people and processes.
BCG’s Apotheker believes business leaders should reassess what is important to their organisation and what they want to focus on going forward. This goes beyond the build versus buy debate: some processes and tasks should be owned by the business; some may be outsourced to a provider that may well use AI; and some will be automated through agentic AI workflows internally.
It is rather like business process engineering, where elements powered by AI sit alongside tasks outsourced to an external service provider. For Apotheker, this means businesses need to have a firm grasp of what part of the business process is strategically important and can be transformed internally.
Business leaders then need to figure out how to connect the strategically important part of the workflow to what the business actually outsources or potentially automates in-house.
Across the region, facilities tied to water and power—including desalination plants—have been damaged or exposed to risk as Iranian strikes extend beyond traditional targets.
A single strike, however, is unlikely to shut off the gulf’s water supply. The system is designed to absorb isolated disruption, but sustained or multisite attacks would begin to strain supply far more quickly.
“In the Gulf, desalination is built with enough breathing room that losing one plant doesn’t immediately show up at the tap,” says Rabee Rustum, professor of water and environmental engineering at Heriot-Watt University Dubai.
In Kuwait, Iranian drone attacks have damaged two power and desalination facilities and ignited fires at two oil sites. Other sites, including Fujairah in the UAE, have been identified as potentially exposed.
“Striking desalination plants would be a strategic move, but it would also come very close to, and in some cases cross, a red line,” says Andreas Krieg, senior lecturer at the School of Security Studies at King’s College London.
Water infrastructure, Krieg explains, occupies a distinct category. “Water infrastructure is not just another utility. In places that depend on desalination, it underpins civilian survival, public health, hospital function, sanitation, and basic state legitimacy.”
Krieg notes that international humanitarian law gives special protection to civilian objects and to objects indispensable to the survival of the civilian population. “Which is precisely why attacks on water systems carry such grave legal and moral weight,” Krieg adds.
The incidents highlight a structural reality: Desalination is central to water supply in the gulf, and disruption carries immediate implications for daily life.
How the System Absorbs Disruption
At first glance, desalination appears vulnerable. Shut down a plant, and supply is reduced. In practice, the system is designed with layers of redundancy.
Plants operate across multiple locations, allowing output to be redistributed if one facility slows down. Water is also stored at different points across the network, including central reservoirs and building-level tanks, creating a buffer that delays disruption.
According to a statement to WIRED Middle East by Veolia, an environmental services provider whose technologies account for nearly 19 percent of desalination capacity in the region, “the region’s water supply is diversified thanks to a network of numerous facilities distributed along the coastline.”
The company adds that distribution systems are interconnected, allowing plants to “support and substitute for one another when necessary,” helping maintain continuity of service.
In the UAE, storage capacity typically covers around one week, while in other parts of the region it may be limited to two to three days, Veolia says.
In practice, this means the system can absorb disruption for a limited period. Once reserves are depleted, water supply depends on whether plants can continue producing enough water to meet demand.
The System That Produces Water
Unlike most regions, the Gulf does not rely on rivers or rainfall. It depends on a network of desalination plants along its coastline that convert seawater into potable water on a continuous basis.
Seawater is drawn into treatment facilities, filtered and processed either through reverse osmosis—forcing it through membranes to remove salt and impurities—or through thermal methods that evaporate and condense water. The resulting supply is distributed through pipelines, stored in reservoirs, and delivered to homes, hospitals, and industry.
This is not a flexible system. It is designed to operate continuously, producing water at a scale that sustains cities, industrial activity, and essential services. Gulf states produce roughly 40 percent of the world’s desalinated water, operating more than 400 plants across the region.
Dependence varies by country but is high everywhere. In the UAE, desalination accounts for 41 to 42 percent of total water supply, while in Kuwait, it provides around 90 percent of drinking water, and in Saudi Arabia, approximately 70 percent.
When Disruption Becomes Visible
For residents, disruption would not be felt immediately—water would continue to flow.
Rustum explains that buildings are supported by internal storage and pumping systems, meaning early changes in supply may not be apparent. In many cases, water pressure remains stable, even as the wider system adjusts.
US Border Patrol agents are raising money by selling coins that commemorate last year’s wave of immigration enforcement “operations” across the country, along with other merchandise. The funds are for nonprofit organizations that list Border Patrol buildings as their address in IRS paperwork. At least two of the organizations have dedicated US Customs and Border Protection email addresses.
The front side of one coin for sale reads, “NORTH AMERICAN TOUR 2025,” along with the acronyms for US Border Patrol and the acronym for “fuck around and find out”—a phrase that was initially popularized by the far-right group the Proud Boys and has been used by various Trump officials. In the center, the coin depicts a gas mask, a riot control smoke grenade, and a pepper ball launcher. On the other side, the coin appears to have a portrait of Border Patrol’s now retired commander-at-large, Gregory Bovino, with his arm raised in a salute, along with the text “COMING TO A CITY NEAR YOU!” It lists seven cities, many of which actually saw federal enforcement surges in 2025: Chicago, Los Angeles, Memphis, Phoenix, Portland, Charlotte, and Atlanta.
The coin is for sale by Willcox Morale Welfare and Recreation, a nonprofit that the IRS most recently declared tax-exempt during the Biden administration and whose address on IRS paperwork matches that of the Willcox Border Patrol Station in Arizona. A request for comment sent to Willcox MWR’s dedicated CBP email address went unanswered.
Employees of the Department of Homeland Security, the parent agency for Border Patrol, are allowed to start private, not-for-profit employee associations within DHS, so long as they get formally recognized by the agency and follow certain rules. According to DHS policies, officially recognized groups can fundraise using government property and create merchandise with the agency’s name and logos–but they have to receive advance approval from the agency.
Willcox MWR is just one of several groups across the country that cater to Border Patrol agents and refer to themselves as MWRs, a reference to the US military’s “morale, welfare and recreation” programs. The groups tend to throw holiday events and retirement parties, and sometimes raise money for the families of agents going through hard times, including those not getting paid during the current shutdown.
Many MWRs also sell customized medallions known as “challenge coins” that commemorate specific teams or events. While anyone, including CBP alumni, can design and sell coins, current DHS employees are not supposed to use government resources to sell ones that use the agency’s seals or logos without permission, or ones that the agency considers inappropriate or unprofessional.
CBP did not provide comment about its relationship to Willcox MWR or any other nonprofit mentioned in this story, nor whether the agency had green-lit the “North American Tour” coin design, ahead of publication.
Under Willcox MWR’s Facebook post about the “North American Tour” coin, someone named Juan Diego commented, “Sign up SDC BK5 MWR for 10.”
“Shoot us an email,” someone managing the Willcox MWR account replied, giving out what appeared to be a dedicated cbp.dhs.gov email address for the group.
SDC BK5 MWR, also a registered nonprofit, lists an address on its website that matches that of a government facility in Chula Vista, California. It says on its site that it was started by San Diego Sector Border Patrol agents and sells custom merchandise “designed to raise funds for morale and relief efforts.”
Diego did not respond to a request for comment.
The SDC BK5 MWR website has listings for over 200 different products in addition to the North American Tour coin. One of those listings was a “Chicago Midway Blitz” challenge coin in the shape of a gas mask that doubles as a bottle opener. Embossed around the edges of the coin are the names of several municipalities and neighborhoods caught up in DHS’s immigration enforcement surge of the same name last fall. Like the North American Tour coin, it features the US Border Patrol logo and the acronym for “fuck around and find out.” Opponents of the Trump administration’s immigration enforcement activity in Illinois are unamused.
Tired of taking your action camera on an adventure, only to get home and find out you missed the action with a bad angle? One option is to switch to a 360-degree action cam, so you can capture all of the action and then edit down to just the good stuff later. One of our favorite options, the DJI Osmo 360, is currently available for just $390 on Amazon, a $209 discount from its usual price, and it comes with a selfie stick and an extra battery.
The DJI Osmo 360 achieves its impressive all-around video quality by leveraging a pair of 1/1.1-inch sensors, larger than some other offerings, and by supporting 10-bit color. You can really see that in the camera’s output, with colors that are vivid and bold, to the point that you may need to dial them back a bit in post if you want something more natural. With support for up to 50 frames per second at 8K when recording in 360 degrees, or 120 fps at 4K when shooting with only one sensor, you’ll have plenty of material to work with. In our testing, it ran for just shy of two hours at 30 fps, which is also around the time the internal storage had filled up anyway.
If you plan on catching any serious discussions with your Osmo 360, you’ll be pleased to know it connects directly to DJI’s line of wireless lavalier microphones, including the excellent and frequently discounted DJI Mic 2 and Mic Mini. If you want to mount it to something other than the included 1.2-meter selfie stick, it has both DJI’s magnetic attachment system and a more traditional ¼”-20 tripod mount. The DJI Mimo app lets you control the camera and adjust any settings, and there’s even a simple editor for on-the-fly production. For desktop users, DJI Studio has even more in-depth settings and editing options, in case you don’t want to pay for Premiere.
Sports1 week ago
Sports1 week ago
Tech3 days ago
Entertainment3 days ago
Politics7 days ago
Sports1 week ago