2026-02-04 22:00:00
The previous article in this series, “Rules fail at the prompt, succeed at the boundary,” focused on the first AI-orchestrated espionage campaign and the failure of prompt-level control. This article is the prescription. The question every CEO is now getting from their board is some version of: What do we do about agent risk?
Across recent AI security guidance from standards bodies, regulators, and major providers, a simple idea keeps repeating: treat agents like powerful, semi-autonomous users, and enforce rules at the boundaries where they touch identity, tools, data, and outputs.
The following is an actionable eight-step plan one can ask teams to implement and report against:
These steps help define identity and limit capabilities.
Today, agents run under vague, over-privileged service identities. The fix is straightforward: treat each agent as a non-human principal with the same discipline applied to employees.
Every agent should run as the requesting user in the correct tenant, with permissions constrained to that user’s role and geography. Prohibit cross-tenant on-behalf-of shortcuts. Anything high-impact should require explicit human approval with a recorded rationale. That is how Google’s Secure AI Framework (SAIF) and NIST AI’s access-control guidance are meant to be applied in practice.
The CEO question: Can we show, today, a list of our agents and exactly what each is allowed to do?
2. Tooling control: Pin, approve, and bound what agents can use
The Anthropic espionage framework worked because the attackers could wire Claude into a flexible suite of tools (e.g., scanners, exploit frameworks, data parsers) through Model Context Protocol, and those tools weren’t pinned or policy-gated.
The defense is to treat toolchains like a supply chain:
This is exactly what OWASP flags under excessive agency and what it recommends protecting against. Under the EU AI Act, designing for such cyber-resilience and misuse resistance is part of the Article 15 obligation to ensure robustness and cybersecurity.
The CEO question: Who signs off when an agent gains a new tool or a broader scope? How does one know?
A common anti-pattern is to give the model a long-lived credential and hope prompts keep it polite. SAIF and NIST argue the opposite: credentials and scopes should be bound to tools and tasks, rotated regularly, and auditable. Agents then request narrowly scoped capabilities through those tools.
In practice, that looks like: “finance-ops-agent may read, but not write, certain ledgers without CFO approval.”
The CEO question: Can we revoke a specific capability from an agent without re-architecting the whole system?
These steps gate inputs, outputs, and constrain behavior.
Most agent incidents start with sneaky data: a poisoned web page, PDF, email, or repository that smuggles adversarial instructions into the system. OWASP’s prompt-injection cheat sheet and OpenAI’s own guidance both insist on strict separation of system instructions from user content and on treating unvetted retrieval sources as untrusted.
Operationally, gate before anything enters retrieval or long-term memory: new sources are reviewed, tagged, and onboarded; persistent memory is disabled when untrusted context is present; provenance is attached to each chunk.
The CEO question: Can we enumerate every external content source our agents learn from, and who approved them?
In the Anthropic case, AI-generated exploit code and credential dumps flowed straight into action. Any output that can cause a side effect needs a validator between the agent and the real world. OWASP’s insecure output handling category is explicit on this point, as are browser security best practices around origin boundaries.
The CEO question: Where, in our architecture, are agent outputs assessed before they run or ship to customers?
Protect the data such that there is nothing dangerous to reveal by default. NIST and SAIF both lean toward “secure-by-default” designs where sensitive values are tokenized or masked and only re-hydrated for authorized users and use cases.
In agentic systems, that means policy-controlled detokenization at the output boundary and logging every reveal. If an agent is fully compromised, the blast radius is bounded by what the policy lets it see.
This is where the AI stack intersects not just with the EU AI Act but with GDPR and sector-specific regimes. The EU AI Act expects providers and deployers to manage AI-specific risk; runtime tokenization and policy-gated reveal are strong evidence that one is actively controlling those risks in production.
The CEO question: When our agents touch regulated data, is that protection enforced by architecture or by promises?
For the final steps, it’s important to show controls work and keep working.
Anthropic’s research about sleeper agents should eliminate all fantasies about single test dreams and show how critical continuous evaluation is. This means instrumenting agents with deep observability, regularly red teaming with adversarial test suites, and backing everything with robust logging and evidence, so failures become both regression tests and enforceable policy updates.
The CEO question: Who works to break our agents every week, and how do their findings change policy?
AI security frameworks emphasize inventory and evidence: enterprises must know which models, prompts, tools, datasets, and vector stores they have, who owns them, and what decisions were taken about risk.
For agents, that means a living catalog and unified logs:
The CEO question: If asked how an agent made a specific decision, could we reconstruct the chain?
And don’t forget the system-level threat model: assume the threat actor GTG-1002 is already in your enterprise. To complete enterprise preparedness, zoom out and consider the MITRE ATLAS product, which exists precisely because adversaries attack systems, not models. Anthropic provides a case study of a state-based threat actor (GTG-1002) doing exactly that with an agentic framework.
Taken together, these controls do not make agents magically safe. They do something more familiar and more reliable: they put AI, its access, and actions back inside the same security frame used for any powerful user or system.
For boards and CEOs, the question is no longer “Do we have good AI guardrails?” It’s: Can we answer the CEO questions above with evidence, not assurances?
This content was produced by Protegrity. It was not written by MIT Technology Review’s editorial staff.
2026-02-04 21:10:00
This is today’s edition of The Download, our weekday newsletter that provides a daily dose of what’s going on in the world of technology.
Why AI companies are betting on next-gen nuclear
AI is driving unprecedented investment for massive data centers and an energy supply that can support its huge computational appetite. One potential source of electricity for these facilities is next-generation nuclear power plants, which could be cheaper to construct and safer to operate than their predecessors.
We recently held a subscriber-exclusive Roundtables discussion on hyperscale AI data centers and next-gen nuclear—two featured technologies on the MIT Technology Review 10 Breakthrough Technologies of 2026 list. You can watch the conversation back here, and don’t forget to subscribe to make sure you catch future discussions as they happen.
How social media encourages the worst of AI boosterism
Demis Hassabis, CEO of Google DeepMind, summed it up in three words: “This is embarrassing.”
Hassabis was replying on X to an overexcited post by Sébastien Bubeck, a research scientist at the rival firm OpenAI, announcing that two mathematicians had used OpenAI’s latest large language model, GPT-5, to find solutions to 10 unsolved problems in mathematics.
Put your math hats on for a minute, and let’s take a look at what this beef from mid-October was about. It’s a perfect example of what’s wrong with AI right now.
—Will Douglas Heaven
This story originally appeared in The Algorithm, our weekly newsletter on AI. To get stories like this in your inbox first, sign up here.
The paints, coatings, and chemicals making the world a cooler place
It’s getting harder to beat the heat. During the summer of 2025, heat waves knocked out power grids in North America, Europe, and the Middle East. Global warming means more people need air-conditioning, which requires more power and strains grids.
But a millennia-old idea (plus 21st-century tech) might offer an answer: radiative cooling. Paints, coatings, and textiles can scatter sunlight and dissipate heat—no additional energy required. Read the full story.
—Becky Ferreira
This story is from the most recent print issue of MIT Technology Review magazine, which shines a light on the exciting innovations happening right now. If you haven’t already, subscribe now to receive future issues once they land.
MIT Technology Review Narrated: China figured out how to sell EVs. Now it has to deal with their aging batteries.
As early electric cars age out, hundreds of thousands of used batteries are flooding the market, fueling a gray recycling economy even as Beijing and big manufacturers scramble to build a more orderly system.
This is our latest story to be turned into a MIT Technology Review Narrated podcast, which we’re publishing each week on Spotify and Apple Podcasts. Just navigate to MIT Technology Review Narrated on either platform, and follow us to get all our new content as it’s released.
The must-reads
I’ve combed the internet to find you today’s most fun/important/scary/fascinating stories about technology.
1 Europe is edging closer towards banning social media for minors
Spain has become the latest country to consider it. (Bloomberg $)
+ Elon Musk called the Spanish prime minister a “tyrant” in retaliation. (The Guardian)
+ Other European nations considering restrictions include Greece, France and the UK. (Reuters)
2 Humans are infiltrating the social network for AI agents
It turns out role-playing as a bot is surprisingly fun. (Wired $)
+ Some of the most viral posts may actually be human-generated after all. (The Verge)
3 Russian spy spacecraft have intercepted Europe’s key satellites
Security officials are confident Moscow has tapped into unencrypted European comms. (FT $)
4 French authorities raided X’s Paris office
They’re investigating a range of potential charges against the company. (WSJ $)
+ Elon Musk has been summoned to give evidence in April. (Reuters)
5 Jeffrey Epstein invested millions into crypto startup Coinbase
Which suggests he was still able to take advantage of Silicon Valley investment opportunities years after pleading guilty to soliciting sex from an underage girl. (WP $)
6 A group of crypto bros paid $300,000 for a gold statue of Trump
It’s destined to be installed on his Florida golf complex, apparently. (NYT $)
7 OpenAI has appointed a “head of preparedness”
Dylan Scandinaro will earn a cool $555,000 for his troubles. (Bloomberg $)
8 The eternal promise of 3D-printed batteries
Traditional batteries are blocky and bulky. Printing them ourselves could help solve that. (IEEE Spectrum)
9 What snow can teach us about city design
When icy mounds refuse to melt, they show us what a less car-focused city could look like. (New Yorker $)
+ This startup thinks slime mold can help us design better cities. (MIT Technology Review)
10 Please don’t use AI to talk to your friends
That’s what your brain is for. (The Atlantic $)
+ Therapists are secretly using ChatGPT. Clients are triggered. (MIT Technology Review)
Quote of the day
“Today, our children are exposed to a space they were never meant to navigate alone. We will no longer accept that.”
—Spanish prime minister Pedro Sánchez proposes a social media ban for children aged under 16 in the country, following in Australia’s footsteps, AP News reports.
One more thing
A brain implant changed her life. Then it was removed against her will.
Sticking an electrode inside a person’s brain can do more than treat a disease. Take the case of Rita Leggett, an Australian woman whose experimental brain implant designed to help people with epilepsy changed her sense of agency and self.
Leggett told researchers that she “became one” with her device. It helped her to control the unpredictable, violent seizures she routinely experienced, and allowed her to take charge of her own life. So she was devastated when, two years later, she was told she had to remove the implant because the company that made it had gone bust.
The removal of this implant, and others like it, might represent a breach of human rights, ethicists say in a paper published earlier this month. And the issue will only become more pressing as the brain implant market grows in the coming years and more people receive devices like Leggett’s. Read the full story.
—Jessica Hamzelou
We can still have nice things
A place for comfort, fun and distraction to brighten up your day. (Got any ideas? Drop me a line or skeet ’em at me.)
+ Why Beethoven’s Ode to Joy is still such an undisputed banger.
+ Did you know that one of the world’s most famous prisons actually served as a zoo and menagerie for over 600 years?
+ Banana nut muffins sound like a fantastic way to start your day.
+ 2026 is shaping up to be a blockbuster year for horror films.
2026-02-03 21:10:00
This is today’s edition of The Download, our weekday newsletter that provides a daily dose of what’s going on in the world of technology.
Microbes could extract the metal needed for cleantech
In a pine forest on Michigan’s Upper Peninsula, the only active nickel mine in the US is nearing the end of its life. At a time when carmakers want the metal for electric-vehicle batteries, nickel concentration at Eagle Mine is falling and could soon drop too low to warrant digging.
Demand for nickel, copper, and rare earth elements is rapidly increasing amid the explosive growth of metal-intensive data centers, electric cars, and renewable energy projects. But producing these metals is becoming harder and more expensive because miners have already exploited the best resources. Here’s how biotechnology could help.
—Matt Blois
What we’ve been getting wrong about AI’s truth crisis
—James O’Donnell
What would it take to convince you that the era of truth decay we were long warned about—where AI content dupes us, shapes our beliefs even when we catch the lie, and erodes societal trust in the process—is now here?
A story I published last week pushed me over the edge. And it also made me realize that the tools we were sold as a cure for this crisis are failing miserably. Read the full story.
This story originally appeared in The Algorithm, our weekly newsletter on AI. To get stories like this in your inbox first, sign up here.
TR10: Hyperscale AI data centers
In sprawling stretches of farmland and industrial parks, supersized buildings packed with racks of computers are springing up to fuel the AI race.
These engineering marvels are a new species of infrastructure: supercomputers designed to train and run large language models at mind-bending scale, complete with their own specialized chips, cooling systems, and even energy supplies. But all that impressive computing power comes at a cost.
Read why we’ve named hyperscale AI data centers as of our 10 Breakthrough Technologies this year, and check out the rest of the list.
The must-reads
I’ve combed the internet to find you today’s most fun/important/scary/fascinating stories about technology.
1 Elon Musk’s SpaceX has acquired xAI
The deal values the combined companies at a cool $1.25 trillion. (WSJ $)
+ It also paves the way for SpaceX to offer an IPO later this year. (WP $)
+ Meanwhile, OpenAI has accused xAI of destroying legal evidence. (Bloomberg $)
2 NASA has delayed the launch of Artemis II
It’s been pushed back to March due to the discovery of a hydrogen leak. (Ars Technica)
+ The rocket’s predecessor was also plagued by fuel leaks. (Scientific American)
3 Russia is hiring a guerilla youth army online
They’re committing arson and spying on targets across Europe. (New Yorker $)
4 Grok is still generating undressed images of men
Weeks after the backlash over it doing the same to women. (The Verge)
+ How Grok descended into becoming a porn generator. (WP $)
+ Inside the marketplace powering bespoke AI deepfakes of real women. (MIT Technology Review)
5 OpenAI is searching for alternatives to Nvidia’s chips
It’s reported to be unhappy about the speed at which it powers ChatGPT. (Reuters)
6 The latest attempt to study a notoriously unstable glacier has failed
Scientists lost their equipment within Antarctica’s Thwaites Glacier over the weekend. (NYT $)
+ Inside a new quest to save the “doomsday glacier” (MIT Technology Review)
7 The world is trying to wean itself off American technology
Governments are growing increasingly uneasy about their reliance on the US. (Rest of World)
8 AI’s sloppy writing is driving demand for real human writers
Long may it continue. (Insider $)
9 This female-dominated fitness community hates Mark Zuckerberg
His decision to shut down three VR studios means their days of playing their favorite workout game are numbered. (The Verge)
+ Welcome to the AI gym staffed by virtual trainers. (MIT Technology Review)
10 This cemetery has an eco-friendly solution for its overcrowding problem
If you’re okay with your loved one becoming gardening soil, that is. (WSJ $)
+ Why America is embracing the right to die now. (Economist $)
+ What happens when you donate your body to science. (MIT Technology Review)
Quote of the day
“In the long term, space-based AI is obviously the only way to scale…I mean, space is called ‘space’ for a reason.”
—Elon Musk explains his rationale for combining SpaceX with xAI in a blog post.
One more thing
On the ground in Ukraine’s largest Starlink repair shop
Starlink is absolutely critical to Ukraine’s ability to continue in the fight against Russia. It’s how troops in battle zones stay connected with faraway HQs; it’s how many of the drones essential to Ukraine’s survival hit their targets; it’s even how soldiers stay in touch with spouses and children back home.
However, Donald Trump’s fickle foreign policy and reports suggesting Elon Musk might remove Ukraine’s access to the services have cast the technology’s future in the country into doubt.
For now Starlink access largely comes down to the unofficial community of users and engineers, including the expert “Dr. Starlink”—famous for his creative ways of customizing the systems—who have kept Ukraine in the fight, both on and off the front line. He gave MIT Technology Review exclusive access to his unofficial Starlink repair workshop in the city of Lviv. Read the full story.
—Charlie Metcalfe
We can still have nice things
A place for comfort, fun and distraction to brighten up your day. (Got any ideas? Drop me a line or skeet ’em at me.)
+ The Norwegian countryside sure looks beautiful.
+ Quick—it’s time to visit these food destinations before the TikTok hordes descend.
+ Rest in power Catherine O’Hara, our favorite comedy queen.
+ Take some time out of your busy day to read a potted history of boats 
2026-02-03 18:00:00
In a pine forest on Michigan’s Upper Peninsula, the only active nickel mine in the US is nearing the end of its life. At a time when carmakers want the metal for electric-vehicle batteries, nickel concentration at Eagle Mine is falling and could soon drop too low to warrant digging.
But earlier this year, the mine’s owner started testing a new process that could eke out a bit more nickel. In a pair of shipping containers recently installed at the mine’s mill, a fermentation-derived broth developed by the startup Allonnia is mixed with concentrated ore to capture and remove impurities. The process allows nickel production from lower-quality ore.
Kent Sorenson, Allonnia’s chief technology officer, says this approach could help companies continue operating sites that, like Eagle Mine, have burned through their best ore. “The low-hanging fruit is to keep mining the mines that we have,” he says.
Demand for nickel, copper, and rare earth elements is rapidly increasing amid the explosive growth of metal-intensive data centers, electric cars, and renewable energy projects. But producing these metals is becoming harder and more expensive because miners have already exploited the best resources. Like the age-old technique of rolling up the end of a toothpaste tube, Allonnia’s broth is one of a number of ways that biotechnology could help miners squeeze more metal out of aging mines, mediocre ore, or piles of waste.
The mining industry has intentionally seeded copper ore with microbes for decades. At current copper bioleaching sites, miners pile crushed copper ore into heaps and add sulfuric acid. Acid-loving bacteria like Acidithiobacillus ferrooxidans colonize the mound. A chemical the organisms produce breaks the bond between sulfur and copper molecules to liberate the metal.
Until now, beyond maintaining the acidity and blowing air into the heap, there wasn’t much more miners could do to encourage microbial growth. But Elizabeth Dennett, CEO of the startup Endolith, says the decreasing cost of genetic tools is making it possible to manage the communities of microbes in a heap more actively. “The technology we’re using now didn’t exist a few years ago,” she says.
Endolith analyzes bits of DNA and RNA in the copper-rich liquid that flows out of an ore heap to characterize the microbes living inside. Combined with a suite of chemical analyses, the information helps the company determine which microbes to sprinkle on a heap to optimize extraction.
In lab tests on ore from the mining firm BHP, Endolith’s active techniques outperformed passive bioleaching approaches. In November, the company raised $16.5 million to move from its Denver lab to heaps in active mines.
Despite these promising early results, Corale Brierley, an engineer who has worked on metal bioleaching systems since the 1970s, questions whether companies like Endolith that add additional microbes to ore will successfully translate their processes to commercial scales. “What guarantees are you going to give the company that those organisms will actually grow?” Brierley asks.
Big mining firms that have already optimized every hose, nut, and bolt in their process won’t be easy to convince either, says Diana Rasner, an analyst covering mining technology for the research firm Cleantech Group.
“They are acutely aware of what it takes to scale these technologies because they know the industry,” she says. “They’ll be your biggest supporters, but they’re going to be your biggest critics.”
In addition to technical challenges, Rasner points out that venture-capital-backed biotechnology startups will struggle to deliver the quick returns their investors seek. Mining companies want lots of data before adopting a new process, which could take years of testing to compile. “This is not software,” Rasner says.
Nuton, a subsidiary of the mining giant Rio Tinto, is a good example. The company has been working for decades on a copper bioleaching process that uses a blend of archaea and bacteria strains, plus some chemical additives. But it started demonstrating the technology only late last year, at a mine in Arizona.
While Endolith and Nuton use naturally occurring microbes, the startup 1849 is hoping to achieve a bigger performance boost by genetically engineering microbes.
“You can do what mining companies have traditionally done,” says CEO Jai Padmakumar. “Or you can try to take the moonshot bet and engineer them. If you get that, you have a huge win.”
Genetic engineering would allow 1849 to tailor its microbes to the specific challenges facing a customer. But engineering organisms can also make them harder to grow, warns Buz Barstow, a Cornell University microbiologist who studies applications for biotechnology in mining.
Other companies are trying to avoid that trade-off by applying the products of microbial fermentation, rather than live organisms. Alta Resource Technologies, which closed a $28 million investment round in December, is engineering microbes that make proteins capable of extracting and separating rare earth elements. Similarly, the startup REEgen, based in Ithaca, New York, relies on the organic acids produced by an engineered strain of Gluconobacter oxydans to extract rare earth elements from ore and from waste materials like metal recycling slag, coal ash, or old electronics. “The microbes are the manufacturing,” says CEO Alexa Schmitz, an alumna of Barstow’s lab.
To make a dent in the growing demand for metal, this new wave of biotechnologies will have to go beyond copper and gold, says Barstow. In 2024, he started a project to map out genes that could be useful for extracting and separating a wider range of metals. Even with the challenges ahead, he says, biotechnology has the potential to transform mining the way fracking changed natural gas. “Biomining is one of these areas where the need … is big enough,” he says.
The challenge will be moving fast enough to keep up with growing demand.
2026-02-03 02:09:57
This story originally appeared in The Algorithm, our weekly newsletter on AI. To get stories like this in your inbox first, sign up here.
What would it take to convince you that the era of truth decay we were long warned about—where AI content dupes us, shapes our beliefs even when we catch the lie, and erodes societal trust in the process—is now here? A story I published last week pushed me over the edge. It also made me realize that the tools we were sold as a cure for this crisis are failing miserably.
On Thursday, I reported the first confirmation that the US Department of Homeland Security, which houses immigration agencies, is using AI video generators from Google and Adobe to make content that it shares with the public. The news comes as immigration agencies have flooded social media with content to support President Trump’s mass deportation agenda—some of which appears to be made with AI (like a video about “Christmas after mass deportations”).
But I received two types of reactions from readers that may explain just as much about the epistemic crisis we’re in.
One was from people who weren’t surprised, because on January 22 the White House had posted a digitally altered photo of a woman arrested at an ICE protest, one that made her appear hysterical and in tears. Kaelan Dorr, the White House’s deputy communications director, did not respond to questions about whether the White House altered the photo but wrote, “The memes will continue.”
The second was from readers who saw no point in reporting that DHS was using AI to edit content shared with the public, because news outlets were apparently doing the same. They pointed to the fact that the news network MS Now (formerly MSNBC) shared an image of Alex Pretti that was AI-edited and appeared to make him look more handsome, a fact that led to many viral clips this week, including one from Joe Rogan’s podcast. Fight fire with fire, in other words? A spokesperson for MS Now told Snopes that the news outlet aired the image without knowing it was edited.
There is no reason to collapse these two cases of altered content into the same category, or to read them as evidence that truth no longer matters. One involved the US government sharing a clearly altered photo with the public and declining to answer whether it was intentionally manipulated; the other involved a news outlet airing a photo it should have known was altered but taking some steps to disclose the mistake.
What these reactions reveal instead is a flaw in how we were collectively preparing for this moment. Warnings about the AI truth crisis revolved around a core thesis: that not being able to tell what is real will destroy us, so we need tools to independently verify the truth. My two grim takeaways are that these tools are failing, and that while vetting the truth remains essential, it is no longer capable on its own of producing the societal trust we were promised.
For example, there was plenty of hype in 2024 about the Content Authenticity Initiative, cofounded by Adobe and adopted by major tech companies, which would attach labels to content disclosing when it was made, by whom, and whether AI was involved. But Adobe applies automatic labels only when the content is wholly AI-generated. Otherwise the labels are opt-in on the part of the creator.
And platforms like X, where the altered arrest photo was posted, can strip content of such labels anyway (a note that the photo was altered was added by users). Platforms can also simply not choose to show the label at all.
Noticing how much traction the White House’s photo got even after it was shown to be AI-altered, I was struck by the findings of a very relevant new paper published in the journal Communications Psychology. In the study, participants watched a deepfake “confession” to a crime, and the researchers found that even when they were told explicitly that the evidence was fake, participants relied on it when judging an individual’s guilt. In other words, even when people learn that the content they’re looking at is entirely fake, they remain emotionally swayed by it.
“Transparency helps, but it isn’t enough on its own,” the disinformation expert Christopher Nehring wrote recently about the study’s findings. “We have to develop a new masterplan of what to do about deepfakes.”
AI tools to generate and edit content are getting more advanced, easier to operate, and cheaper to run—all reasons why the US government is increasingly paying to use them. We were well warned of this, but we responded by preparing for a world in which the main danger was confusion. What we’re entering instead is a world in which influence survives exposure, doubt is easily weaponized, and establishing the truth does not serve as a reset button. And the defenders of truth are already trailing way behind.
Update: This story was updated on February 2 with details about how Adobe applies its content authenticity labels. A previous version of this story said content credentials were not visible on the Pentagon’s DVIDS website. The labels are present but require clicking through and hovering on individual images. The reference has been removed.
2026-02-02 22:20:29
Many organizations rushed into generative AI, only to see pilots fail to deliver value. Now, companies want measurable outcomes—but how do you design for success?
At Mistral AI, we partner with global industry leaders to co-design tailored AI solutions that solve their most difficult problems. Whether it’s increasing CX productivity with Cisco, building a more intelligent car with Stellantis, or accelerating product innovation with ASML, we start with open frontier models and customize AI systems to deliver impact for each company’s unique challenges and goals.
Our methodology starts by identifying an iconic use case, the foundation for AI transformation that sets the blueprint for future AI solutions. Choosing the right use case can mean the difference between true transformation and endless tinkering and testing.
Mistral AI has four criteria that we look for in a use case: strategic, urgent, impactful, and feasible.
First, the use case must be strategically valuable, addressing a core business process or a transformative new capability. It needs to be more than an optimization; it needs to be a gamechanger. The use case needs to be strategic enough to excite an organization’s C-suite and board of directors.
For example, use cases like an internal-facing HR chatbot are nice to have, but they are easy to solve and are not enabling any new innovation or opportunities. On the other end of the spectrum, imagine an externally facing banking assistant that can not only answer questions, but also help take actions like blocking a card, placing trades, and suggesting upsell/cross-sell opportunities. This is how a customer-support chatbot is turned into a strategic revenue-generating asset.
Second, the best use case to move forward with should be highly urgent and solve a business-critical problem that people care about right now. This project will take time out of people’s days—it needs to be important enough to justify that time investment. And it needs to help business users solve immediate pain points.
Third, the use case should be pragmatic and impactful. From day one, our shared goal with our customers is to deploy into a real-world production environment to enable testing the solution with real users and gather feedback. Many AI prototypes end up in the graveyard of fancy demos that are not good enough to put in front of customers, and without any scaffolding to evaluate and improve. We work with customers to ensure prototypes are stable enough to release, and that they have the necessary support and governance frameworks.
Finally, the best use case is feasible. There may be several urgent projects, but choosing one that can deliver a quick return on investment helps to maintain the momentum needed to continue and scale.
This means looking for a project that can be in production within three months—and a prototype can be live within a few weeks. It’s important to get a prototype in front of end users as fast as possible to get feedback to make sure the project is on track, and pivot as needed.
Enterprises are complex, and the path forward is not usually obvious. To weed through all the possibilities and uncover the right first use case, Mistral AI will run workshops with our customers, hand-in-hand with subject-matter experts and end users.
Representatives from different functions will demo their processes and discuss business cases that could be candidates for a first use case—and together we agree on a winner. Here are some examples of types of projects that don’t qualify.
Moonshots: Ambitious bets that excite leadership but lack a path to quick ROI. While these projects can be strategic and urgent, they rarely meet the feasibility and impact requirements.
Future investments: Long-term plays that can wait. While these projects can be strategic and feasible, they rarely meet the urgency and impact requirements.
Tactical fixes: Firefighting projects that solve immediate pain but don’t move the needle. While these cases can be urgent and feasible, they rarely meet the strategy and impact requirements.
Quick wins: Useful for building momentum, but not transformative. While they can be impactful and feasible, they rarely meet the strategy and urgency requirements.
Blue sky ideas: These projects are gamechangers, but they need maturity to be viable. While they can be strategic and impactful, they rarely meet the urgency and feasibility requirements.
Hero projects: These are high-pressure initiatives that lack executive sponsorship or realistic timelines. While they can be urgent and impactful, they rarely meet the strategy and feasibility requirements.
Once a clearly defined and strategic use case ready for development is identified, it’s time to move into the validation phase. This means doing an initial data exploration and data mapping, identifying a pilot infrastructure, and choosing a target deployment environment.
This step also involves agreeing on a draft pilot scope, identifying who will participate in the proof of concept, and setting up a governance process.
Once this is complete, it’s time to move into the building phase. Companies that partner with Mistral work with our in-house applied AI scientists who build our frontier models. We work together to design, build, and deploy the first solution.
During this phase, we focus on co-creation, so we can transfer knowledge and skills to the organizations we’re partnering with. That way, they can be self-sufficient far into the future. The output of this phase is a deployed AI solution with empowered teams capable of independent operation and innovation.
After the first win, it’s imperative to use the momentum and learnings from the iconic use case to identify more high-value AI solutions to roll out. Success is when we have a scalable AI transformation blueprint with multiple high-value solutions across the organization.
But none of this could happen without successfully identifying that first iconic use case. This first step is not just about selecting a project—it’s about setting the foundation for your entire AI transformation.
It’s the difference between scattered experiments and a strategic, scalable journey toward impact. At Mistral AI, we’ve seen how this approach unlocks measurable value, aligns stakeholders, and builds momentum for what comes next.
The path to AI success starts with a single, well-chosen use case: one that is bold enough to inspire, urgent enough to demand action, and pragmatic enough to deliver.
This content was produced by Mistral AI. It was not written by MIT Technology Review’s editorial staff.
