Filings tagged: AI

Lloyds Banking Group's security director shared at Infosecurity Europe how the bank actually deploys agentic AI in production. Eleven 'AI bets', a twelfth dedicated to security. Signed tools the agents cannot create. An internal agent marketplace. The world's first production red-team environment using OWASP Top 10 for agentic AI. They saw agent hijack.

Microsoft's threat intelligence team has tracked phishing campaigns built around ChatGPT, Claude, DeepSeek, and Copilot. A South African ChatGPT-themed wave hit 100,000 mailboxes a day. A Claude-themed wave reached 2,000 organisations across the US, UK, and India. The brand is the lure, the payload is the same old stealer.

London Tech Week 2026 closed with around £7 billion of announced AI investment, £1.1 billion of it a government hardware plan, £200 million for adoption and skills, and £150 million tied to a fund managed by a former Intel CEO. Most of it goes to large companies. A useful slice is reachable by smaller ones.

UK workers use AI for almost everything and report it saves them twelve hours a week. They also spend 6.4 hours a week fixing what it produced. Eighty per cent of UK IT leaders just had an unplanned AI cost increase. The numbers underneath the productivity story are sharper than the headlines.

The NCSC published two pieces of guidance in a fortnight that an SME owner can actually use. One is about agentic AI, the kind that takes actions on your behalf. The other is about zero trust network access. Both share the same underlying advice: the user's location stopped being a security signal a while ago.

On 18 May the Bank of England, the FCA, and the Treasury jointly told regulated firms that frontier AI now exceeds what a skilled attacker can do. If you sell into financial services, the diligence questions you get this year are going to look different.

A new wave of startups is publishing 'AI-native' org charts where seven named LLM agents do most of the work. The first step isn't restructuring around agents. It's making your business legible enough that anything, a new hire, an auditor, or eventually an agent, could read it and act on it. AI can help you get there. Future agent costs are a reason not to skip past it.

Most AI policies are vendor templates with the company name swapped in. They ban the obvious, permit the vague, and tell you nothing about how the business actually wants AI used. A coherent policy is a short one that takes a position.

The NCSC has told UK organisations to prepare for a wave of urgent patches as AI accelerates vulnerability discovery. The same week, NHS England decided the answer was to make its open source repositories private. Only one of those approaches actually fixes anything.

Two thirds of UK organisations cannot account for what staff share with AI tools. Now agentic AI is being deployed faster than anyone can govern it. The two problems are the same problem.

Two-thirds of UK IT leaders say they have an AI exit plan. Nearly half admit switching would seriously disrupt the business. A plan you can't execute is not a plan.

Schneier and co have reframed prompt injection as 'promptware': a full 7-stage kill chain. The uncomfortable truth: LLMs can't distinguish instructions from data. This isn't a bug you can patch.