I was at the AI Summit a couple of weeks ago, part of London Tech Week. I missed Starmer's speech by a day or two, but I caught most of the rest of it, and what struck me was how little had changed. The technology moves every week, of course. What hadn't shifted was the way people on the ground feel about all of it.
If you've never been to one of these events, the shape is always the same. A big trade show in the middle, ringed by theatres of various sizes where the talks happen. The trade-show floor is mostly cyber-security vendors selling the fear of the AI invasion that's coming and the spend you'll need to hold it back. Sensible enough; you do need to be protected. And the talks are the big vendors telling everyone they're miles behind, the train is leaving, and extinction is the alternative to getting on it. That's the gist. You're behind, we're all doing incredible things, hurry up.
The room told a different story from the stage. You could read it in the grumbles and the sideways laughs every time one of those big statements landed. Almost everyone I spoke to, and everyone I sat next to, is still in the pilot phase. They've got Copilot licences. They can transcribe a meeting and summarise their email. Beyond that, the value is thin. And the message coming off the stage is that everyone else is sprinting ahead while you're standing still. So the feeling that dominated the room was a quiet sort of dread: I don't know what to do, everyone's beating me, and I don't know where to go next.
Kev and I have talked about this split before, and the summit made it concrete. There are two kinds of AI user right now. Call them A and B. Group A is the copy-and-paste crowd, which is most people. You open ChatGPT, you type a prompt, you get something back, maybe you upload a spreadsheet and it does some rough analysis, and then you paste the result into an email or a document. Useful, but it's still you doing the work with a slightly better tool.
Group B is much smaller. They've worked out that AI can be labour, not just an assistant. They orchestrate agents. They hand over whole tasks and come back later to find them done. This is the move from asking the AI to assigning the AI, and it's a genuinely different relationship with the technology. The people up on stage talking about how far ahead they are tend to be group B. And in a narrow sense they're right, because most of the room is still in group A.
Here's the part that gets missed. The people most worried about cost are the ones in group A, the ones barely using the tools. They're anxious about FinOps and getting a handle on the spend. Fair question to be asking. But the people actually being stung by the change in cost are in group B, the ones who started two years ago and now have tasks running all the time, churning tokens overnight while they sleep. A figure that's been doing the rounds, from an AI-native company that published its spend by department, put engineering at something like three thousand dollars per person per month. That's half a salary in tokens. It's a long way from what anyone was sold at the beginning.
This is the bit I keep turning over. There's a whole category of organisation busy solving the governance, compliance and FinOps questions for a tool set they haven't actually deployed. They're convinced the use cases are coming. They're sure of it. So they're getting the controls in place ahead of the real-world application, ahead of knowing what any of it costs, ahead of the maturity that would tell them what to govern in the first place.
I find that order fascinating, because it's the reverse of how the last few transitions went. With mobile, people brought their own devices into work and forced a bring-your-own-device culture on the organisation before anyone had written the compliance rules; the rules and the MDMs came afterwards, locked it down, then opened it back up in a controlled way. With cloud, people pushed workloads out before the cost question was answered, and FinOps lagged along behind to help everyone catch up. This time the instinct is to solve all of it up front and in parallel, before the use cases have even been found. It's the right instinct. It's just a remarkable place for the conviction to have got to.
Kev had a good example of where this bites. We were in a room recently talking through our software factory approach, the harness engineering that lets you do modern agentic development with the right governance gates around what an agent can touch and how you keep human judgement in the loop. We put a diagram on screen. It had a box with an agent in it, and that box left the client's environment and entered ours, with an agent sitting in the middle. The room froze. The word "cyber" came up, and as soon as it did, the tone changed to: right, this is a six-month conversation, this isn't happening today, let's look at something else. The exploration just stopped.
I understand why. For an enterprise, those questions genuinely have to be answered before anything moves. How is it locked down. What happens with prompt injection, which is a fundamental problem and not a solved one. What stops an agent deleting things in their environment, and what's the plan if it could, which it shouldn't be able to in the first place. There's serious work going on here, including Anthropic's recent paper on zero trust for AI agents and the realisation that OAuth was built for humans rather than agents. The reason every vendor at the summit is talking about this layer is simple. They can't sell anything until it's answered. The money stays locked up until the answers exist.
Underneath all of it sits the shadow-AI problem, which is the same pattern as the personal phones people brought into work years ago. In a lot of the organisations we talk to, there's still no AI policy, or it's quietly banned. So people use their own accounts to get the work done, and in doing so they're sending company IP off to whichever model will help them, in breach of policies the organisation may not even have. People take the easy route; they always have. The policy lag is being felt as real pain right now.
There's a training lag too, and it's connected. Part of the reason so many people are stuck in group A is that nobody has had the time, or the nudge, to work out what an agent could actually do for them. The trailblazers figured it out in their own time. Everyone with their head down on the day job hasn't. And it's hard to train people when nobody yet knows what to train, because they don't know what they don't know.
The other story from the last few weeks is Fable. For anyone who missed it, Fable was the public, gated version of Anthropic's Mythos model, the one they'd been so cautious about that they only released the original to a handful of financial-services and security firms to stress-test first. Then they put guardrails on it, called it Fable, and let everyone in. People had a weekend with it. I had something I wanted to test, jumped on, and it was gone.
My first thought was that they'd run out of capacity. They hadn't. The model had been pulled following a government intervention on national-security grounds. Anthropic protested publicly and said they thought it was a mistake. The precise reasons are still disputed, and there are several theories doing the rounds: a jailbreak, a longer-running disagreement between Anthropic and the Pentagon over military use, a worry about other states distilling the model. I genuinely don't know which of those is true, and I'd be wary of anyone who claims they do.
Fable itself barely matters here. It was available for about ten minutes and almost certainly wasn't running anyone's business. The precedent is what matters. We've always known a service could go away. But we leaned on the contracts, the SLAs, the data-retention terms, the uptime guarantees, the bits of paper we'd all agreed meant something. What's new is a political actor reaching in over the top and saying the bits of paper don't matter, take it down. That's a different kind of risk, and it's one most builders and enterprises don't yet have on the register.
So picture the version that does hurt. You've built something business-critical on a particular model, with the right harness around it, and that model gets pulled overnight for reasons that have nothing to do with you. That's a genuine problem. The lesson here is about lock-in. Building on these models is fine; tying yourself to a single one is the risk. We made the same mistake in the early cloud days, when the received wisdom was that multi-cloud was a trap because you couldn't get the full benefit of any single platform. Then containers and Kubernetes made running across providers practical, and from where we're standing now that looks less like a trap and more like sense.
It's worth being honest about how far this could go. We're seeing governments reach into places they traditionally haven't. The UK conversation about banning VPNs alongside the social-media age limits is the same shape: a narrow technical lever pulled by people who often understand very little about the technology, aimed at one problem and landing on several others. There's nothing that says local models or open weights couldn't end up inside a legal framework too, however hard that would be to enforce. The test I keep coming back to is the one you'd apply to any new power. Would you be comfortable with your opponents holding it? Because the next lot will inherit whatever this lot grants themselves.
For all the noise, the useful response to AI FOMO is fairly grounded. Most of what comes off the stage is exactly that, noise; the work is seeing through it to where the real application is. Don't tie yourself to a single model, even though that's hard when all you can buy is Copilot. Understand the whole landscape and not just the frontier: hosted open-weight models that still need serious infrastructure, and local models you can run on your own hardware, which is part of why people are quietly putting boxes back under desks and building their own tin again. Treat the governance work as real, but don't let it become a reason never to start. The only way to find the use cases is to get your hands on the tools and see what they'll do.
And be honest about where you are. Almost everyone feels behind, because almost everyone is in the same place. The adoption is broad but shallow. The gap between what these tools can do and what most organisations are willing or able to do with them is the defining feature of 2026 so far, and it won't close on a stage. It closes one team at a time, with the right process around the tooling, which is the work we're doing with clients right now.
That process matters more than the model of the month. The technology will keep moving every week. The direction of travel is clear enough that we can start to see the end game. What's written in pencil is the politics around it, and that's the part worth watching.