Squared: Enterprise rollouts, agent security, and the vibe-code reckoning
Most of this week was conference noise — NVIDIA shipped a wall of supercomputing announcements at ISC, and the model-release churn was quiet. But three threads actually matter for leaders: AI is moving from pilots into company-wide deployment, the security bill on agents and quick-built apps is coming due, and the policy ground is shifting under the big providers. Here's what's worth your attention.
Samsung puts ChatGPT and Codex in front of its entire workforce
Samsung Electronics is rolling out ChatGPT Enterprise and Codex to employees globally — one of OpenAI's largest enterprise deployments to date. Separately, OpenAI shipped new spend controls and usage analytics for ChatGPT Enterprise.
Why it mattersThe story isn't the model — it's that a manufacturer the size of Samsung has decided org-wide deployment beats departmental pilots. The arrival of spend controls and analytics is the tell: companies are now past 'does this work' and into 'how do we govern cost and usage at scale'. If you're still running disconnected trials, you're a phase behind. The decision to revisit is whether your AI spend is measurable per team — because soon someone will ask.
Securing agents is now its own discipline
Google DeepMind published an AI Control Roadmap for securing agentic systems, combining traditional safeguards with real-time monitoring. Hugging Face's MosaicLeaks work, meanwhile, probed whether research agents can actually keep a secret — and the answer is uncomfortable.
Why it mattersAs agents get access to tools, credentials and internal systems, the attack surface stops being theoretical. Sean Lynch's point on MCP — that its real value is isolating auth outside the agent's context window — is the practical version of this. If you're deploying agents, the question isn't 'is it clever enough', it's 'what can it touch, and what happens when it's tricked'. Treat agent permissions like you'd treat a junior employee with API keys.
Vibe-coded apps are shipping with holes in them
The Verge documented a vibe-coded site that went live with a hidden SQL injection flaw the creator only found months later. GitHub's trending list, meanwhile, is dominated by agent harnesses and coding agents — the tooling making this easier by the week.
Why it mattersThe barrier to producing software has collapsed, and so has the barrier to producing insecure software. Non-engineers in your organisation are now shipping things to the internet. That's an opportunity for speed and a genuine governance gap. Decide now who is allowed to deploy AI-generated code, and put a basic review gate in front of anything public-facing — before it's your customer data leaking, not a tax-spending hobby site.
The Trump administration's moves against Anthropic reshape provider risk
Reporting from TechCrunch and Ars Technica suggests the administration is cracking down on Anthropic — and that Anthropic's own loud safety warnings may have helped talk it into an export ban. Bernie Sanders separately floated a $7tn plan to give the public a stake in the AI industry.
Why it mattersProvider risk is no longer just uptime and pricing — it's political. If your stack is single-vendor, regulatory action against that vendor becomes your problem. This is the strongest argument this week for keeping your architecture portable: abstract your model layer so you can switch providers without a rewrite. The open agent frameworks trending on GitHub exist precisely because teams want that optionality.
Strip the conference noise and the signal is consistent: AI has crossed from experiment into deployment, and the unglamorous work — cost governance, agent permissions, code review, vendor portability — is now where the value and the risk live. If your AI programme is still a collection of pilots without spend visibility or a deployment gate, that's the gap to close this quarter. The models will keep improving regardless; your exposure is in how you operationalise them.
Working on something hard in AI? Just reply to the email — Daniel reads and answers every one.
Get Squared in your inbox each week
Free. The few things that actually matter, and what they mean for you.