Here’s a scenario that should feel uncomfortably familiar.

A loyal customer—let’s call her Sarah—has spent thousands of dollars on your platform over three years. She buys premium cookware, organic groceries, and the occasional kitchen gadget. Your recommendation engine knows her well. So when she opens your app on a rainy Tuesday evening, it greets her with a curated shelf of her top picks: A cast-iron skillet, some artisan pasta, and a new espresso machine.

However, Sarah is at the airport and her flight was just cancelled. She needs a phone charger, a neck pillow, and something to eat in the next 20 minutes.

Your algorithm served her perfectly according to her profile, but failed her completely in this moment. That gap, between who a customer is and what they need right now, is the central problem in retail intelligence.

McKinsey’s research shows that 71% of consumers expect personalized interactions, and 76% report frustration when brands miss the mark. Despite years of investment, most retailers still can’t close that gap because they’re solving for the wrong variable. It’s clear that it’s not a technology problem, but a context problem.

What is contextual decision intelligence?

Contextual decision intelligence is the practice of making retail decisions by synthesizing what you know about a customer and what is happening around them at this specific moment. Traditional personalization asks one question: Who is this customer? CDI asks four simultaneously:

  • What is happening around them right now? (weather, local events, time of day)
  • What are they signaling in this session? (scroll speed, search phrasing, cart behavior)
  • What’s our operational reality? (inventory positions, margin, fulfillment capacity)
  • What has changed since they last visited? (a competitor’s stock out, a price sensitivity signal)

The output isn’t a smarter recommendation, rather it’s a situationally calibrated action. It looks different for Sarah at the airport than for Sarah planning a dinner party at home, even though the profile data is identical. This is the shift from personalization to situational commerce, and retailers who get there first are pulling away from those still optimizing their recommendation carousels.

Why your personalization engine is not working

Profile-based personalization has delivered real value. McKinsey pegs it at up to 50% reduction in customer acquisition costs and a 5-15% revenue lift. But the ceiling is becoming visible and the cracks are structural, not operational.

The same customer is multiple shoppers. You browse differently at 11pm than at 9am, more price-sensitive the week before payday, and in an entirely different mindset when buying for yourself versus the household. Personalization engines flatten all of that into one identity.

Collaborative filtering, the engine behind you might also like selections compounds the problem by aggregating behavior across millions of sessions, eliminating the situational variation that actually drives purchases. It’s the algorithmic equivalent of asking what your friends generally like for dinner and serving that every single time.

There’s also the operational blind spot: Most personalization engines surface recommendations with zero visibility into inventory position or fulfillment viability. Recommending a product that’s three weeks from restock doesn’t just fail the customer, it silently destroys trust and profit margins. Contextual decision intelligence is bidirectional by design, and that changes everything.

BCG research shows retailers deploying contextually adaptive decisions across merchandising, supply chain, marketing and customer service achieve revenue lifts 40 to 60% higher than those using profile-only personalization.

Three contextual decision intelligence levers that move the needle  

The most underused signal in retail is weather. IT influences the purchasing decisions for 93% of shoppers, yet most retailers treat it as a logistics variable, not a demand intelligence tool. Rainy days drive a significant spike in e-commerce activity, as adverse weather keeps shoppers away from physical stores. Retailers using weather-driven inventory systems cut stockout events by 30% and spoilage by 20% during peak seasons. H&M reduced its markdown costs by 1.5 percentage points in relation to sales by integrating AI-driven weather tracking and localized demand forecasting into merchandise planning.

Behavioral microcontext reads the session like a conversation. For example, scroll speed signals decision confidence. “Running shoes” versus “running shoes for flat feet under $120” tells you everything about intent stage and price sensitivity. Adding and removing the same product from a cart twice is a distress signal; someone who wants to buy an item but is hitting friction. The logic is straightforward: A customer’s behavior in this session reflects their intent right now, not who they were six months ago. Yet most retailers are still making real-time decisions using historical data. CDI systems that act on these signals in real time, surfacing social proof when a customer hesitates and adjusting price presentation when sensitivity signals fire, consistently outperform static models.

Competitive context capturing demand instantly. When a competitor goes out of stock on a high-demand SKU, demand doesn’t disappear it migrates. Retailers with CDI infrastructure that monitors competitor availability and activates quickly (adjusted search rankings, targeted promotions, outreach to relevant segments) can intercept that demand within hours. The same logic applies to competitor pricing windows and assortment gaps. Profile-based personalization has no mechanism for this. CDI does.

The org chart problem nobody mentions  

Here’s the uncomfortable truth: Most CDI efforts don’t fail because of bad technology. They fail because nobody owns the problem end-to-end. Your inventory team doesn’t talk to your digital team. Your data platform was built to track what customers bought, not what they’re doing right now. What about contextual signals like weather or competitor stockouts? Well, that’s under no one’s radar.

Getting this right takes two things.

First, a data setup that can pull live signals together in one place.

Second, a team with the authority to act on those signals across merchandising, marketing, and the supply chain simultaneously.

Dollar General’s Paul Bucalo captured it well: “Instead of amassing large quantities of data, we focus on acquiring quality data that provides a contextual understanding of our customers that we can adapt to predict trends and future behaviors.”

Simple idea, but it takes real executive will to make it happen.

Stop personalizing. Start responding. 

The numbers tell you everything you need to know: the AI in e-commerce market is growing at nearly 24% a year, from $7.25 billion today toward $64 billion by the end of the 2034.

The infrastructure is commoditizing. Yet 85% of companies claim to deliver personalized experiences while only 60% of customers agree. The gap isn’t closing, instead it’s growing.

Profile data tells you Sarah loves cooking. Context tells you she’s stranded at an airport with 20 minutes to spare. One of those facts is useful right now. Only Contextual Decision Intelligence knows which one.

The retailers building CDI capability now are building a compounding advantage that will be very hard to close in a few years. The real question is: are you one of them?

In this episode, CIO Varundeep Kaur explores how technology at scale amplifies leadership decisions, organizational clarity, and existing assumptions rather than simply solving problems. From her experiences across complex and rural FinTech environments, she reflects on when leadership judgment mattered more than technical capability, why speed without clarity creates fragile systems, and how AI and digital platforms can scale inclusion or deepen inequity. This conversation provides a thoughtful look at responsible technology leadership in high-impact environments.

Agenda  

  • Transitioning from technologist to leadership-driven decision making

  • Understanding what technology truly amplifies at scale

  • Knowing when to deploy technology, and when to pause

  • Lessons from technology solutions that failed in real-world environments

  • Challenges of designing technology for rural and underserved communities

  • Avoiding assumptions in FinTech and digital platform design

  • Deciding whether a problem needs technology, process change, or human intervention

  • What leaders should never outsource to technology

  • Questions CIOs should ask before approving technology initiatives

  • Ensuring AI scales inclusion rather than inequity

  • Building responsible, human-centered systems for long-term impact

Most organizations don’t discover a data breach on their own. On average, it takes organizations 241 days to identify and contain a data breach, according to IBM’s 2025 Cost of a Data Breach Report. That’s eight months of undetected access. Eight months of a cyber criminal copying files, reading emails, accessing accounts, and quietly mapping your entire environment.

The signs of a network compromise are almost always there in hindsight. The challenge is learning to spot them in real time. Here are seven indicators your organization may already be breached and what your IT team should check right now.

1. A former employee’s account is still active

Stolen and compromised credentials are now the initial access vector in 22% of all breaches, according to Verizon’s 2025 Data Breach Investigations Report (DBIR), and orphaned accounts belonging to ex-employees are among the easiest targets. They carry real permissions, a legitimate activity history, and zero scrutiny from a team that has mentally moved on. Attackers actively scan for them.

What to check: Cross-reference every active account against your current HR roster. Anything that doesn’t match should be disabled immediately. Set up an automatic workflow that disables all accounts and access permissions the second an employee finishes all exit formalities.

2. The help desk has had to reset the same password several times, but the employee never requested it

Your help desk is trained to be helpful. Attackers are trained to exploit that. Ten minutes of LinkedIn research—finding a name, a manager, and a department—is enough to impersonate an employee convincingly over the phone. Verizon’s 2025 DBIR found that the human element was involved in 60% of all breaches, with social engineering through support channels being one of the most consistent ways in.

What to check: Flag any account with three or more password resets in 30 days and require manager verification before approving the next one.

3. A vendor you depended on was breached and you were the last to find out

Third-party involvement in breaches doubled year-over-year according to Verizon’s 2025 DBIR, accounting for 30% of all incidents—up from 15% the year prior. When a vendor is compromised, they notify their legal team and the concerned authorities. Not you. Every supplier with an API integration, SSO connection, or service agent on your network is a potential entry point you don’t control.

What to check: Map every vendor that has access to your systems and treat them as an extension of your own attack surface. Monitor dark web and breach disclosure feeds for mentions of your suppliers. If you’re finding out about a vendor breach from a news headline, your process is already too slow.

4. Your monitoring tools keep failing in the same places

Sophisticated attackers don’t disable your security tools outright. That triggers alerts. When they gain a foothold, one of their first moves is to quietly tamper with monitoring agents on the specific machines they’re operating from. Not your entire environment, just the corners they’re using. What reads as a recurring technical glitch on the same three servers might be someone actively managing your visibility. The 241-day average detection time in IBM’s report doesn’t happen by accident. It’s partly the result of this kind of deliberate noise.

What to check: Track monitoring failures by specific asset. If the same machines repeatedly lose visibility with no clear root cause, escalate it as a security finding, not a maintenance ticket.

5. Employees are seeing emails that appear to be sent from their own addresses

Business email compromise (BEC) cost organizations $2.77 billion in 2024, making it the second-highest loss cybercrime category, according to the FBI’s 2024 Internet Crime Report. It rarely starts dramatically. An attacker gains quiet access to a mailbox, plants a hidden forwarding rule, and reads everything for weeks. Employees sometimes notice something feels off, like a reply they don’t remember sending, but those observations rarely make it to IT. They should.

What to check: Audit mailbox forwarding rules across your organization, especially for critical functions and leadership roles. Any rule forwarding externally and created outside business hours needs immediate investigation.

6. Your cloud bill inexplicably went up

A documented attacker technique involves compromising a cloud account, quietly staging database exports in an obscure storage bucket over several weeks, then exfiltrating everything in a single burst. IBM’s 2025 Cost of a Data Breach Report found that 30% of breaches entailed data being distributed across multiple cloud and on-premises environments and those breaches are among the costliest and hardest to detect. The evidence often shows up first in the invoice, filed away as an unexplained cost variance.

What to check: Route cloud cost anomaly alerts to your security team alongside finance. Unexplained storage or egress spikes should be treated as potential breach indicators until proven otherwise.

7. Successful backup reports mean nothing if nobody tests the restore

Ransomware groups that plan their attacks often target backup infrastructure weeks before the encryption begins, ensuring that recovery is impossible when it matters. According to Sophos’ 2025 State of Ransomware report, the use of backups to restore encrypted data has hit a six-year low: They were relied on in just 54% of ransomware incidents, while 49% of victims ended up paying the ransom instead. These numbers repeat the same story: When backups fail, the ransom becomes the only way out. A backup job reporting Success every night means nothing if the data it wrote was corrupted weeks ago.

What to check: Make restore validation a monthly discipline, not an annual check box. The question isn’t whether the backup job ran, it’s whether you can actually recover from it within the time your business can afford.

How to detect a network breach before it’s too late

None of these network compromise indicators need to be made by a sophisticated attacker for them to go unnoticed. Most exist because of ordinary blind spots such as offboarding gaps, unread logs, and untested backups that adversaries have learned to rely on. The organizations that get blindsided aren’t always the ones with the weakest security. They’re often the ones with decent security but little real visibility into what was quietly happening underneath.

Visibility is what separates a breach you catch in week one from one you find out in month eight.

The United States needs a federal consumer data privacy law, but not one like the recently proposed SECURE Data Act.

On April 22, Republicans on the House Energy and Commerce Committee introduced the SECURE Data Act (H.R. 8413), making it the first attempt at comprehensive privacy legislation in years; unfortunately, the bill is a disaster, as it would erase too much state-level progress.

The main problem with the SECURE Data Act is the issue of federal preemption. The bill would preempt all state legislation, effectively eviscerating strong state legislation like California’s CCPA (2018) and CPRA (2020).

The preemption problem

Nobody, myself included, wants businesses to have to deal with a patchwork of data privacy laws. We absolutely need a federal data privacy law on the books. That said, any federal law should build on top of state-level laws; it shouldn’t dilute existing laws, rendering them unenforceable, and erasing years of state-level legislative work.

As of May 2026, the U.S. has comprehensive privacy legislation in 21 states: Alabama, California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oklahoma, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia.

Of course, there is a great deal of nuance here, as some states have stronger laws than others. Nevertheless, any proposed federal law should be treated as a floor to build on top of these state-level laws, rather than a ceiling.

I agree with the Electronic Frontier Foundation’s Mario Trujillo, who writes, “Federal privacy laws should allow states to build ever stronger rights on top of the federal floor. Many federal privacy laws allow this, including the Health Insurance Portability and Accountability Act (HIPAA).”

Which businesses are affected

The proposed bill would apply to all businesses subject to the FTC Act, as well as all businesses in the U.S. that process the personal data of 200,000 U.S. consumers or more.

Additionally, there’s another standard that would affect other businesses; any business that processes the data of more than 100,000 U.S. consumers and derives more than 25% of revenue from selling that data would also be subject to the SECURE Data Act.

As it stands, the proposed bill exempts businesses with less than $25m in adjusted gross annual revenue.

Key provisions of the bill

The SECURE Data Act mandates that U.S. consumers be given a clear mechanism to opt out of targeted advertising practices as well as the sale of their personal data.

Were the bill to pass, many businesses that process and control consumer data would be forced to obtain opt-in consent before they processed any sensitive consumer data, including geolocation, financial information, and health data. Also, the bill would require businesses to get parental consent before processing the personal data of kids aged 13-16.

Data broker registry

This is my favorite part of the proposed bill. The SECURE Data Act would create a federally mandated data broker registry. Maintained by the FTC, this registry would require many data brokers to register every year and disclose all of their data collection and sales activities.

All data brokers that make over 50% of their profits by selling our personal data would be forced to register in the FTC’s public database. This is a wonderful development.

Enforcement

Here is where things get problematic for privacy advocates. The SECURE Data Act mandates that all enforcement be handled by the FTC and state attorneys general.

Particularly problematic for most privacy advocates, the proposed bill doesn’t include a private right of action, meaning that consumers cannot file civil suits against law-breaking companies. Only the FTC and state attorneys general can enforce the SECURE Data Act.

Moreover, the proposed bill includes a “45-day notice-and-cure provision,” which basically means that if a company is caught breaking the law, they have 45 days to “cure” any violation with no penalty.

Personally, for me, the lack of a private right of action isn’t a deal-breaker. And I think future iterations of this bill can reach a compromise on this issue.

No private right of action

Although privacy rights activists are up in arms about the lack of a private right of action, Electronic Privacy Information Center (EPIC) Deputy Director and Policy Director Caitriona Fitzgerald suggests that a compromised version of a private right of action could be reached down the line.

As Fitzgerald writes, “Previous bipartisan privacy proposals, such as the American Data Privacy and Protection Act and the American Privacy Rights Act, proposed a compromise version of a private right of action that allowed for injunctive relief so that consumers could force companies to stop violating the law, but did not allow for statutory damages.”

I think such a “compromise version” of a private right of action could get future iterations of this bill across the finish line.

The issue of “notice and choice” and burying fine print in the privacy policy

Another important issue to highlight is “notice and choice”; this is a common model in data privacy that allows companies to collect our data as long as they tell us what they’re doing with it (and they give us an option to opt-out.)

The problem with “notice and choice” is that sometimes exactly how the data is being used is buried in the companies’ privacy policies. And who reads these?

Also, many times, the consumers’ choice to allow data collection is bundled with the service itself, creating a take-it-or-leave-it situation.

Alternatively, companies sometimes combine user consent for necessary data collection (e.g., a navigation app needing our location data in order to provide us with directions) with totally unrelated uses (e.g., selling our location data to third-party advertisers or data brokers).

A far better policy is to mandate that companies adhere to data minimization requirements. For example, some state-level laws prevent companies from collecting consumer data beyond what is necessary to fulfill the requested service. This way, even if the consumer technically gives his or her consent, it is still illegal for companies to surreptitiously over-collect and profit from that user’s data in other ways.

The SECURE Data Act perpetuates the notice-and-choice model, as opposed to requiring that companies adhere to data minimization. This is a shame.

Maryland’s data privacy law has an excellent data minimization standard, as did two other previous bipartisan federal bills: American Data Privacy and Protection Act (ADPPA) and American Privacy Rights Act (APRA). It’s too bad the SECURE Data Act didn’t have such a standard.

Support for the SECURE Data Act

I’d be remiss if I didn’t point out that many folks are happy with the proposed bill. As an example, Adam Thierer, a senior fellow at the R Street Institute, was excited to see the bill not include a private right of action. Thierer writes, “Importantly, the SECURE Data Act wisely does not include a PRA, which would only exacerbate America’s growing over-litigation problem.”

And of course, many lobbyists and lawmakers are rejoicing at the chance to dilute the CPRA and other state laws. For example, advocacy group Americans for Tax Reform and twenty-three other center-right groups are particularly excited by the prospect of the SECURE Data Act passing.

The self-proclaimed center-right groups collectively write, “If all 50 states move forward with their own privacy laws, it could cost the American economy over $1 trillion in the next decade, with $200 billion of that burden falling on small businesses.” These 24 groups want to see “strong preemption, with no private right of action and no open-ended rule-making authority for federal agencies or additional state regulations.”

My take

I agree with the EFF’s contention that “the bill is weaker than congressional proposals in prior years, as well as most of the 21 state consumer privacy laws already on the books.”

The fact that the SECURE Data Act preempts existing state-level laws ultimately makes this a bad bill.

Aside from the federal preemption problem, which is a deal-breaker in and of itself in my mind, there are several other issues with the SECURE Data Act. As it stands, the bill perpetuates the “notice and choice” status quo, allowing organizations to obfuscate how they process consumer data, as they bury the specifics deep in their corporate privacy policies. Given that few consumers bother to read or understand corporate privacy policies, data minimization provisions would be much better than this “notice and choice” approach.

Unlike other privacy advocates, I am less concerned about the bill’s failure to include a private right of action. That’s not a deal-breaker for me. However, I am inclined to agree with EPIC’s Fitzgerald, who writes, “The combination of minimal consumer protections, weak enforcement, and insanely expansive preemption of state laws makes the SECURE Act a disaster for Americans’ privacy.”

That said, there are some great things inside the proposed SECURE Data Act. I particularly like the call for a federal data broker registry. It’s refreshing to see politicians on both sides of the aisle ready to crack down on the data brokerage industry, a particularly pernicious part of the data surveillance apparatus.

You install a fancy alarm system in your house thinking that you can conquer every threat that comes in your way. One day, an alarm goes off… but no one knows what to do.

The system works exactly as intended. This is not the failure of the system, this is the failure of the preparedness.

In enterprises, AI is playing the same role. AI is now embedded across security operations. It monitors network behavior, detects anomalies in real time, prioritizes alerts, and, in some cases, initiates automated responses.

Simultaneously, AI is shaping both sides of the equation. The same capabilities that strengthen defense are also being used to create faster, more adaptive attacks, narrowing the margin for response.

When something goes wrong, preparedness is not defined by how quickly a threat is identified, but by how effectively it is handled.

The AI paradox: Stronger defense, smarter attacks  

AI is not in an early stage in today’s enterprises and their cybersecurity systems. It is mainstream now. Already, 73% of organizations have integrated AI into their cybersecurity systems.

This sounds reassuring, except that at the same time, 65% of IT leaders say their current cybersecurity defenses cannot handle AI-powered attacks.

This highlights a deeper contradiction. Enterprises are continuing to integrate AI into their system to position them as future-ready, but how are they actually using it?

If 65% of IT leaders say their current cybersecurity defenses cannot handle AI-driven attacks, are organizations truly preparing for what lies ahead, or simply adopting AI without assessing its real impact?

What enterprises mistake for AI-ready cybersecurity preparedness? 

AI has quickly become the default layer in the modern cybersecurity systems. Nevertheless, AI-readiness is the system is not defined by how well the systems are understood and managed.

For many organizations, preparedness begins and ends with deployment.

AI systems are trained on the data, influenced by patterns, and largely dependent on the configurations that can be easily manipulated.

Let us assume a scenario:

An AI system flags an anomaly in network behavior. The alert is prioritized based on pattern recognition, and the system assigns it a risk score. On the surface, everything is functioning as expected.

But what happens next depends on the context.

  • If the model has been trained on incomplete or biassed data, the alert may not reflect the actual severity of the threat.

  • If configurations are misaligned, the system may either over-prioritize noise or underplay critical signals.

  • If teams rely entirely on the system’s output without validation, response decisions may be delayed or misdirected.

The system identifies the signal. But the interpretation, validation, and response still depend on human understanding and operational clarity.

This is not a hypothetical situation.

In 2026, the Mythos AI system demonstrated what the future of cybersecurity could look like. The model was capable of identifying hundreds of critical vulnerabilities across complex systems in a fraction of the time traditional methods would take.

On the surface, this represents the ideal state of preparedness. Faster detection, broader visibility, and more intelligent systems.

Despite these restrictions, Bloomberg reported that a small group of unauthorized users accessed the model through a third-party vendor environment on the same day Anthropic announced its limited release.

A tool built to strengthen defense had simultaneously become a point of vulnerability. This is where assumptions about preparedness begin to break. The verdict was not that the AI failed, but that the organizational layer around it was not ready.

Toward a definition of cybersecurity preparedness that can withstand the age of AI 

Cybersecurity preparedness in the age of AI is not only about the presence of the intelligence system.

As attack timelines compress, with breakout times now measured in minutes rather than days, the advantage does not lie in detecting more signals, but in reducing the time between detection and decisive action.

CrowdStrike’s 2026 Global Threat Report highlights this clearly. The average breakout time, the span between an attacker’s initial access and lateral movement through a network, dropped to just 29 minutes in 2025, a decline of 65% from the previous year.

Simultaneously, more than 50% of known vulnerabilities no longer require authentication, lowering the barrier for exploitation.

This creates an environment where threats do not need to be sophisticated to be effective. They only need to move faster than the organization’s ability to respond.

Real preparedness for a cybersecurity attack in the age of AI is not measured by the sophistication of tools. It is measured by what happens in the 29 minutes after the alarm goes off.

But are response processes tested, not just documented? Is the gap between detection and action measured in seconds or in escalation chains?

Those are the questions that separate organizations that are genuinely resilient from those that are merely well-equipped.

Alarms will go off again… is your organization prepared? 

When people talk about the biggest gap in the enterprise security systems, they immediately point to misconfigured AI model or an unpatched system. But, it is no longer the technical deficiencies.

The most dangerous vulnerability in 2026 is not sitting in your tech stack. It is sitting in your org chart.

Attackers have already automated their side of the equation, AI is merely compressing the time between their intent and their execution. Now, the remaining variable is how swiftly the IT team can think, react and determine what actions to take.

Let us be honest, right now that variable is losing. This is the skill gap that no AI tool can close.

The WEF Global Cybersecurity Outlook 2026 found that 66% of organizations report significant cybersecurity talent shortages. And 56% of the survey respondents cited that the cybersecurity skills shortage is their top challenge to improving resilience.

The consequences are measurable: 88% of organizations experienced at least one significant security event in the past year that respondents tied directly to a skills shortage.

These are not pipeline problems waiting to be solved by better hiring. They are operational failures happening right now, inside organizations that have already invested heavily in the right tools.

No platform fixes this. No AI layer closes a skills gap.

Genuinely resilient organizations treat their security posture as a hypothesis to be tested, here is how:

  • Stop running drills that your team could pass in their sleep. Make it uncomfortable. Make it real.

  • An alert that nobody acts on is just a notification. Start measuring the gap between “we saw it” and “we stopped it.”

  • Detection without response is just expensive logging. Keep closing the loop until the process becomes second nature.

  • Your AI is only as smart as the data you fed it. Audit it like you would audit anything else that holds the keys to your kingdom.

  • What about those third-party vendors with access to your systems? They are your problem too. Treat them like it.

The 29-minute breakout window is not a technology problem. It is an organizational readiness problem.

Closing that window requires not just faster tools but faster humans, clearer response chains, and the institutional muscle memory that only comes from repeated, realistic testing.

The alarm will go off again. The only question worth asking is whether your organization has rehearsed what happens next, before the clock starts.

In this episode of the ManageEngine Insights podcast, host Lauren Spiller speaks with James Healy, author of BS at Work and founder of The Behaviour Boutique, about a growing contradiction in modern organizations: Despite smarter systems and rapid advances in AI, adoption continues to fall short.

At the heart of the problem, James argues, is a flawed assumption. Organizations design systems with the expectation that employees will behave logically, follow processes, and adapt seamlessly.

But human behavior doesn’t work that way. People are influenced by emotion, social context, and identity, creating a disconnect between how systems are built and how they are actually used.

A defining theme in the discussion is identity. Work is not just about completing tasks but about how people see themselves within their roles. This is where many transformation efforts quietly fail: not at the system level but at the people level.

The conversation then turns to AI and its role in the future of work. While AI continues to excel at structured tasks, James highlights a less visible layer of work that often goes unnoticed.

If you’re looking to understand why AI and workplace systems don’t always deliver on their promise, this conversation offers a grounded perspective on the human side of work. Dive in now.

Agenda

  • Why AI and modern workplace systems are built on flawed assumptions about human behavior
  • The gap between system logic and real employee behavior
  • Identity at work: Why change feels personal, not just operational
  • Common behavioral blind spots in IT rollouts
  • The importance of soft skills
  • AI in the workplace: Why we anthropomorphize technology
  • Guardrails for the human/AI interface
Unsure about AI? Take our two-minute quiz for a clear readiness score Arrow X
x