We are, if you believe all the news reports of the last few weeks, entering the famous “trough of disillusionment” section of the generative AI hype cycle. The trigger seems to have been the release of ChatGPT 5 which, while it did a lot to tidy up OpenAI’s absurd plethora of confusing versions and present them as a unified product, didn’t deliver any major step change in performance.
It also dialled back the tendency, rife in GPT4-o, for the model to tell users how great they were, something that was met with howls of outrage as of course there were a lot of very vocal users who loved it for telling them how great they were (many of whom, not able to get this kind of affirmation from a more discerning human partner, had starting dating it), a tendency that is verging on the psychotic and has already led to tragedy.
Nevertheless, the conversation is turning a little sour on generative AI, at least as far as business use is concerned. It was interesting to read in a recent piece about the simultaneous opportunity and threat presented to McKinsey by the fact that the most widely used AI tools at the famous consultancy help “write documents in the firm's house style […] summarize documents and interviews, and throw together PowerPoints.” These, along with the transciption of online meetings, are the main use cases at most businesses, and while they do indeed relieve some aspects of white-collar work, they’re hardly transformative.
The fact is that when it comes to solving business problems, LLMs – while impressive – are not reliable enough to be depended upon. Their biggest impact is being seen in software development, because the structured, unambiguous, but endlessly convoluted language of code is not only a good fit for the technology, but it has an immediate reality check: the code either runs or it doesn’t. Even here, though, developers find that in complex use cases they can spend more time checking and rewriting the output of the AI – which is often unnecessarily prolix – than the codebots save them.
They also find – as do people relying on it in other areas of endeavour, that continual use of these new tools invokes a kind of cognitive drain. It turns out that, like the Karate Kid polishing cars for Mr Miyake, humans need to do a certain amount of boring, low-level, repetitive detail work if they’re to keep their higher end faculties tip top. If you stop hacking basic code and turn all that over to a bot you quickly start to forget how to hack basic code, and before long you’re no longer sure you can trust your own judgement when it comes to the more creative stuff.
It's not all bad news. When used judiciously as a pair partner and a quick source of knowledge and techniques which might otherwise take ages to discover or work out, generative AI can be a fantastic help – this has certainly been part of my experience of using it for some projects here at Securys. But there’s only so far you should rely on it, and getting a sense of those boundaries is something we’re currently all learning.
What’s going on here? Generative AI (GenAI) is so extraordinary in so many ways, such a break with previous kinds of computing, and has been moving so fast as a field, that it can be hard to get a feel for what it actually is. But if we try to take a step back for a moment, one way to think about it is vas just a new kind of interface, which is to say a new way of interacting with data, which is ultimately the thing that all computers do. A brief history of interfaces goes something like: punch cards), keyboards + screens), mice + windows, touchscreens . And now we have a new interface, which is natural language. This is hard to see in the context of GenAI, because we’ve sort of had natural language interfaces for a while, but as all frustrated Siri users will know the language involved has only been one-way; you can ask Alexa all you want, but Alexa can only follow pre-programmed instructions when getting back to you. With GenAI, Alexa (or its replacement) gets to speak too, in a way that appears to be human, with what appears to be agency, even if these things are their own special kind of illusion (or “hallucination”, as we’ve come to term it).
Still, the capability is real to the extent that these systems can operate in a non-deterministic environment in a way that previous systems could not, and this is a phase change: new degrees of freedom have opened up. How to best use that freedom though… well, we’re still figuring that out, just as it took us a while to figure out what to do with windows and mice (thanks, Steve Jobs), and with the touchscreen (er… thanks again, Steve Jobs).
And, indeed, businesses are slowly doing that. This is what we’re all talking about when we talk about AI agents and agentic AI. Much of the chat is dominated by the knee-jerk not-yet-ready-for-prime-time consumer-facing example of an agent that sits in your browser and can go into all your personal data (including your digital wallet) and do things like book you the perfect holiday, and all you need to do is mention to it that you fancy getting away next month for a spot of sun.
This kind of thing is hugely triggering for anyone even remotely interested in privacy and in not having their bank account emptied by Russian hackers. But the agentic architectures required to make it work are the very ones that, set up in a sensible way, are most likely to help businesses get actual productive work out of this new ability to converse with data more directly.
Gartner, of course, has spotted this trend. “With AI investment remaining strong this year, a sharper emphasis is being placed on using AI for operational scalability and real-time intelligence,” says Haritha Khandabattu, Senior Director Analyst at the insights company. “This has led to a gradual pivot from GenAI as a central focus, toward the foundational enablers that support sustainable AI delivery, such as AI-ready data and AI agents.”
The good news is that the tools to do this are arriving thick and fast. The main cloud platforms – Google, AWS, Azure – are all making agentic tool sets available. Here at Securys/aiEthix, we’ve been trying out a few of them and the results are encouraging – if you set them up in the right way. Which brings me all the way around, as it so often does, to data governance. The real point of agentic systems is not to give ChatGPT access to everything on your computer and everything on the internet so that it can turn your life into a living hell, but so that you can constrain the conversations you have with GenAI and get these immensely powerful tools to only interact with the data that you need them to be guided by in order to get them to do the jobs you need to be done.
This does require thought, planning and governance, and it does take time. “Despite the enormous potential business value of AI, it isn’t going to materialize spontaneously,” says Khandabattu. “Success will depend on tightly business aligned pilots, proactive infrastructure benchmarking, and coordination between AI and business teams to create tangible business value.”
Just as with the internet, and with the touchscreens that replaced Blackberries and PalmPilots and introduced the world to the app, it will probably be another two to three years before most businesses with amenable processes have incorporated AI into their workflows. But it will come, and it will change the way that most of us do things, and it will mean that we have to pay more attention to the integrity, availability and confidentiality of our data than ever before. If you’d like to know how Securys can help your business to manage this, then drop us a line.