On, In, & Transparent: A New AI Framework

Welcome to AI Confidential, your biweekly breakdown of the most interesting developments in confidential AI.

Today we’re exploring:

• A new communication framework for confidential AI

• The rise in deep fake attempts against the Secretary of State

• New open source projects you need to know about

Also mentioned in this issue: Mark Russinovich, James Kaplan, Vinay Pillai, Marco Rubio, Steve Hasker, Xe Laso, Microsoft Azure, McKinsey & Company, ServiceNow, Thomson Reuters, OpenAI, DeepSeek, Baidu, Alibaba, UNESCO, GNOME, and Ffmpeg.

Let’s dive in!

Last month, at our annual Confidential Computing Summit™, we sat down with three of our many incredible speakers.

On this week’s AI Confidential podcast, we’re sharing insights from these exclusive interviews.

1️⃣ Mark Russinovich

We spoke with Mark, CTO, Deputy CISO, and Technical Fellow at Microsoft Azure, about recent developments in confidential AI, including a new framework for levels of confidential AI:

• On — As more of a lift-and-shift solution, this base level refers to when a pre-existing workload is put into a confidential infrastructure, no re-architecturing done.

• In — This level occurs when a workload is put into a trust boundary. The data is secure while in the system, and if it ever leaves, it’s automatically encrypted.

• Transparent — Built within the code of the confidential pipeline, this data is measured and attested through the guarantees of confidential AI.

Right now, many companies are using the ‘On’ level of confidential AI.

The goal is to get transparent—so we have visibility into every touchpoint across the AI stack from keyboard to production.

2️⃣ James Kaplan

We sat down with James, Partner and CTO at McKinsey Technology, to talk shop about unstructured data.

According to James, up to 90% of enterprise data is unstructured.

Gone are the days when this didn’t matter. Now, companies need to find ways to squeeze benefits out of every part of their business, and genAI is providing a helpful solution.

But make no mistake…

Randomly throwing resources into use cases won’t solve the problem.

The real winners of this new era of tech will be those who focus on domains, particularly on creating AI systems with security, scalability, resiliency, and compliance built in.

3️⃣ Vinay Pillai

Finally, we talked with Vinay, Chief Architect and VP of Engineering & Digital Technology at ServiceNow, and a leading example of going all-in on agents.

Recently, ServiceNow has made big changes, using confidential agents to improve their sales commission desk response times from eight days down to four seconds.

His biggest takeaway?

We can’t approach agentic AI like a typical workload.

Agents are not deterministic. They can’t be controlled as easily. They act on their own and can easily go off the rails.

Because of that, successful integrations of agentic AI need:

• The right agents

• A way to know they are doing the right thing

• A way to see that they are working together as intended

The Confidential Computing Summit™ is the highlight of our year every year—but getting to share these exclusive conversations and insights is a close second.

The episode is live now. Give it a listen here.

Keeping it Confidential

What book written in 1726 includes “The Engine,” one of the earliest mentions of a machine capable of generating ideas autonomously?

1. Gulliver’s Travels by Jonathan Swift

2. Robinson Crusoe by Daniel Defoe

3. Vathek by William Beckford

4. Candide by Voltaire

See the answer at the bottom.

Code for Thought

Important AI news in <2 minutes

🤖 40% of executives want to adopt AI agents across their companies, but the majority feel they lack the safety protocols to do so, a recent ServiceNow report reveals. 

💼 Enterprises with clear AI adoption strategies are 3.5x more likely to reap “critical AI benefits” than those without, a new Thomson Reuters study finds, estimating $32 billion in efficiency gains.

🛡️ The U.S. State Department and FBI warn American diplomats of deep-fake attempts imitating Secretary of State Marco Rubio, using voice and text to obtain sensitive info.

⚠️ Islamic extremist groups are using generative AI to boost recruitment, design weapons, and finance their operations. 

🔐 OpenAI tightened its security protocols to protect algorithms and data centers from meddling, following accusations that DeepSeek copied its AI models.

Community Roundup

Updates involving OPAQUE and our partners

We’re still thinking about the Confidential Computing Summit™—two days packed with insights exploring why securing AI systems is more urgent than ever before. 

With 87 industry leaders sharing their thoughts on the current state of confidential computing and the age of agentic AI, this event was a smash success.

Here are five key takeaways:

‼️ Agentic AI is introducing unprecedented risks, forcing enterprises to reimagine trust architecture from the ground up to ensure safe deployment. 

🚀 Confidential AI has moved from experimentation to production-grade infrastructure—and enterprises are now seeing real ROI.

📜 Regulated industries from healthcare to finance are turning to runtime attestation and audit trails to comply with laws like the EU AI Act.

🧑‍💻 Engineering teams are rebuilding their tech stacks to support confidential workloads, from attestation to policy enforcement.

🤝 Cross-vendor collaboration is non-negotiable, with leaders calling for standards across chipmakers, cloud providers, and AI frameworks.

The bottom line is this: 

Confidential AI is no longer an emerging technology—it’s scaling industry-wide. 

Securing AI workloads is becoming the industry standard, and companies that hold out risk leaving efficiency gains and safety behind.

📣 Want a deeper dive? Our full Summit Takeaways Report is coming soon, featuring in-depth insights from 75+ sessions and the leaders shaping the future of confidential AI. Stay tuned.

OPAQUE in the press

Hot off the press from The AI Journal, our CEO, Aaron Fulkerson, is talking about the four waves of AI adoption.

Authoring a special guest post, Aaron breaks down each wave, including why the clock is ticking for enterprises to capitalize on AI:

🌊 Wave 1: AI Sandbox — Early, small-scale testing and experimentation.

🌊 Wave 2: The AI Plateau — Pilots move to production, but returns remain surface-level.

🌊 Wave 3: The AI Powerhouse — Safely leveraging proprietary data using confidential AI.

🌊 Wave 4: Agentic Architecture at Scale — The next generation of enterprise architecture.

Aaron summarizes this perfectly:

“Foundational models are table stakes. Your competitive edge — the kind that drives market disruption, deeper customer trust, and defensible revenue — will come from activating your proprietary data.”

OPAQUE in the wild

This week on The Tech Trek podcast, Rishabh Poddar, OPAQUE CTO and Co-founder, sat down to unpack AI strategy and compliance.

Here’s what came up in conversation:

✔️ Agentic AI is not determinant, meaning we need to assume things will go sideways.

✔️ We can’t just chase laws. We need to build verifiable systems, regardless of how rules shift.

✔️ Every data pipeline is already at risk (you just haven’t mapped it out yet).

Open source spotlight 

🚀 Baidu released ERNIE 4.5, a family of open sourced large language models that surpasses DeepSeek on 22 performance benchmarks.

🌐 Alibaba unveiled WebSailor, an AI agent claimed to complete complex reasoning tasks current frontier models can’t, marking a step toward “superhuman” reasoning. 

⚔️ Xe Laso’s Anubis is a program designed to block AI bots from scraping an organization’s website data, currently used by UNESCO, GNOME, and Ffmpeg.

Quotable

💭 “The future isn’t just about whether organizations should be adopting AI—it’s about how they can do so strategically to get the most benefit from advanced technology.”

— Steve Hasker, President and CEO of Thomson Reuters

Trivia answer: Gulliver’s Travels by Jonathan Swift.

In the novel, “The Engine” is a mechanical contraption that rotates wooden blocks to create new ideas and sentences. Meant to be satirical, the idea of algorithmic text generation is real now with genAI—meaning author Johnathan Swift accidentally predicted the future 🔮

Stay confidential!

- Your friends at OPAQUE

ICYMI: Links to past issues

• The Internet of Agents is Coming

• Understanding Data Complexity

• Why AI Evaluation and Observability Matter