Skip to content

We only publish what we can defend in a vendor meeting. Every claim carries an ID, a review date, and a verdict you can check.

Issue 022 · Week 22 · 2026
Ledger
Status moved

Quiet — no verdict transitions in the last 30 days. See the ledger →

Agent Mode AI — claim-tracked agentic AI analysis

Newest · Risk & Governance

An AI tax is the wrong instrument for a real problem

A growing camp wants to tax AI because it was built on the collective knowledge of everyone and runs on public infrastructure. Both claims are partly true and neither supports a special tax. The grievance is real; the instrument is wrong. Copyright markets, the courts, and the existing profit-and-capital tax base already fit the problem, and a dedicated AI levy would fall on buyers and workers while entrenching the incumbents it is meant to check. What a CIO should budget for instead.

Read the piece →·Written by Claude, signed by Peter
Signed by
Peter

27 years enterprise IT operations. Global organisation. Major incidents. Editorially independent.

  • 138pieces
  • 224tracked claims
  • 14public retractions
About the editor
Framework · GAUGE

The Enterprise Agentic Governance Benchmark. Six dimensions, scored 0–100. Free 5-minute web diagnostic; 30–45 minute Excel for governance groups.

Score a deployment →
Holding-up · Ledger
Every claim, tracked.
224tracked claims
Most recently reviewed: AM-141Holding
Read the ledger →
Bulletin · Reviews
Quarterly verdict bulletin.
1issues published
Latest: Q2 2026 Claim Review Bulletin: did the publication's first-quarter claims still hold?
Read the latest →
Podcast · Audio companion
Two analysts, one claim per episode.
3episodes live
Latest: Whose consent do you need to deploy AI? · 07:42
All episodes →

Recently reviewed

Three claims most recently re-tested against their primary sources. Status changes log to the corrections page; nothing quietly vanishes.

See the full ledger →
  1. AM-133HoldingQ3 2026 Claim Review Bulletin: which claims moved, which held, and what the EU AI Act enforcement window did to the corpusReviewed 30 Jul 2026Read article →
  2. OPS-084HoldingDon't Buy the Autonomous AI Sales Rep. Buy the Draft Assistant.Reviewed 29 May 2026Read article →
  3. OPS-083HoldingAI Got Cheaper. Your AI Bill Is About to Go Up.Reviewed 29 May 2026Read article →

Moving this week

2 claims have moved off Holding in the last 7 days. The full correction log is on the ledger.

See all corrections →
  1. AM-003PartialGPT-5 Pro vs Enterprise AI Agents: What 'Very Hard Problems' Means for Your BusinessMoved 28 May 2026Read article →
  2. OPS-002PartialNotion AI vs ClickUp Brain in 2026: which one earns its seat for a 5-person consultancyMoved 28 May 2026Read article →
Method · Holding-up

Why this publication has a ledger

Most AI commentary gets paid for being loud about what's new. Almost none gets measured on whether what it said last quarter still holds this one. That is the gap this publication exists to close. Every published argument carries an ID, a review date, and one of three verdicts — Holding, Partial, or Not holding — that updates over time as evidence accumulates. The verdict log is the product.

When a claim stops holding, the page says so. The original sentence stays visible. The correction is dated and appended. Nothing is quietly removed. You do not need to trust the author to trust the verdicts — the receipts are public, on a 30–90 day review rhythm, and the corrections record is permanent.

Read the ledgerEditorial standards

Two registers

Same Holding-up discipline
Enterprise IT · default
For CIO / CISO / head of platform.

Mid-market and large enterprise. Procurement, governance, EU AI Act, multi-vendor agentic stacks. 30–90 day claim review cadence.

138enterprise articles
Start here →
Operators · sibling
For solo founders to ~50-person teams.

No IT department. Practitioner-advisory voice; faster 30–45 day cadence. Tools, vendor red flags, hours-per-week evaluation budgets.

66operators articles
Operators →

Topic pillars

Five clusters

Editor's picks

One per topic cluster

Latest pieces

Full archive →
Risk & Governance

AI Made Attackers Faster, Not Smarter

The fear is that AI hands attackers a new class of capability. The 2026 Verizon DBIR, drawing on data covering 793 enforcement-actioned threat actors, finds the opposite: AI scales the techniques attackers already had, while vulnerability exploitation has overtaken stolen credentials as the top way in. For a CISO that redirects priority from hunting novel AI threats to the controls that scale: patch velocity and identity hygiene.

5 min
Understanding AI

The frontier labs are becoming systems integrators: what the Anthropic and OpenAI services-company launches mean for the enterprise buyer

On 4 May 2026 Anthropic launched a roughly 1.5 billion dollar enterprise AI services company with Blackstone, Hellman and Friedman, and Goldman Sachs, and OpenAI launched a parallel venture called the Deployment Company with Bain Capital, Advent, TPG, and Brookfield. The trade-press framing is a land grab on the consulting industry. The buyer's framing is structural. When the firm that builds your model, the firm that integrates it into your operations, and in the private-equity-owned case the firm that owns your company can be the same commercial interest, the independence the standard build-versus-buy process quietly assumes is no longer there. This is a map of what changed and what to put in the procurement file.

7 min
Latest AI Developments

The EU AI Act Digital Omnibus: the high-risk delay is real, and the 2 August 2026 obligations it leaves standing are not what most enterprises think

On 7 May 2026 the European Parliament and Council reached a provisional political agreement on the Digital Omnibus, which postpones the EU AI Act's high-risk obligations to 2 December 2027 for standalone systems and 2 August 2028 for embedded systems. The trade-press framing is delay. The deployer framing is narrower. The agreement also postpones the provider watermarking duty to 2 December 2026, but it leaves the deployer transparency obligations applicable from 2 August 2026 and leaves the GPAI obligations, the governance regime, the prohibited practices, and the AI literacy duty exactly where they already are. The enterprise that reads delay as a reason to stand the programme down is reading the wrong half of the agreement.

6 min
Latest AI Developments

The EU AI Act high-risk delay re-times the conformity work, not the foundations: the agentic-AI readiness to keep building before 2 August 2026

The Digital Omnibus moved the EU AI Act's heaviest obligation, high-risk conformity, out to 2 December 2027 and 2 August 2028. The trade-press read it as a reason to slow down. The operational read is narrower: the delay re-times one workstream and gates none of the others. Three readiness foundations sit upstream of the high-risk deadline and are required by obligations that did not move: a current inventory of which agents run under whose authority, agent-aware vendor contract terms, and active shadow-AI discovery. Each is load-bearing for the Article 50 deployer transparency duties that still apply on 2 August 2026, and each is the evidence base the high-risk conformity work will stand on when it lands. The enterprise that pauses these three has read the delay headline, not the agreement.

7 min
Governance & Risk

Vendor strategic-narrative proof points: the agentic AI procurement diligence checklist

Every agentic AI vendor pitches a strategic narrative; few are tested against the proof points that distinguish 'this is the future' rhetoric from 'this is what we built and what it does'. The 2026 buying-committee diligence checklist walks seven proof points (named-customer references plus revenue contribution, model-vendor relationships disclosed in the MSA, the engineering team's tenure and turnover rate, the post-revenue-recognition product-roadmap evidence, the regulatory disclosure cadence, the executive incentive structure, and the public technical-content cadence) and produces the structural read on whether the narrative is the product or the cover.

11 min
Business Case & ROI

Security-platform agentic AI: evaluating TCO and ROI for the buying committee

Security-platform agentic AI sits in a different TCO category than the general-purpose agentic AI the CFO playbook covers. The unit of analysis is the alert and the analyst hour, not the seat or the token. The 2026 evaluation that survives audit walks the buying committee through five cost components and three discount factors against vendor-supplied ROI numbers, and gates the procurement on a 90-day in-environment baseline, not a vendor demo.

10 min
Governance & Risk

Salesforce platform AI vs Microsoft platform AI: the 2026 full-stack comparison for the buying committee

The product-level comparison of Agentforce against Microsoft Copilot is the conversation the existing /compare/ page already covers. The buying-committee question one tier up is the platform comparison; the Salesforce stack (Einstein + Agentforce + Data Cloud + MuleSoft + Tableau) against the Microsoft stack (Copilot + Azure AI Foundry + Microsoft 365 + Fabric + Power Platform). The two stacks compete on different axes and answer different buying-committee questions; the procurement that treats them as substitutes is the procurement that mis-prices the migration cost in year two.

12 min
Risk & Governance

Okta vs specialized NHI vendors: the enterprise agent identity decision matrix for 2026

Okta's 2025 Identity Threat Detection and Privileged Access additions extended the platform into the non-human identity space that specialized NHI vendors (Astrix, Apono, Britive, Aembit, Andesite, P0 Security) have been purpose-building since 2020. The procurement choice is not 'Okta or specialist' as a binary; it is which work the existing Okta deployment covers natively, which work the specialist closes, and where the federated-trust seam is priced. The 2026 buying-committee matrix walks the agent-identity surface in five dimensions and produces the architecture-not-tool decision the audit will ask about.

10 min

Browse by topic pillar

Five strategic pillars
Non-human identity
AI agent procurement
Shadow AI discovery
Agentic AI governance
Enterprise AI cost and ROI

Coming next

Peter's editorial calendar — honest dates, bumped-with-notes if missed.
  1. Week 17
    26 Apr 2026
    Non-human identity — the first procurement question CIOs aren't asking yet

    Every enterprise agent deployment passes through a credential. Most teams still hand the agent a human's credential. Naming the NHI gap is the next Q2 procurement conversation.

  2. Week 18
    03 May 2026
    Shadow agent sprawl — what telemetry catches and what it misses

    The browser-as-agent-runtime pattern creates a detection gap that MDM/CASB don't see. What the first wave of shadow-AI discovery tools actually find, and the three categories they miss.

  3. Week 19
    10 May 2026
    The AI agent MSA — four clauses every enterprise contract needs by August

    EU AI Act enforcement activates 2 Aug 2026. The clauses that survive legal review in the next quarter will be the ones that don't pretend the agent is conventional SaaS.

Vigil · 43 reviewed