Posted
By and

We all remember the first time we beheld the majestic power of generative AI. It plans vacations! It drafts my emails! It writes my essays! … then you accidentally include “Would you like me to soften the breakup message I drafted for you to be less confrontational?” in the text you send to your now ex- and highly offended partner, and you realize quickly the glaring limitation that a large language model (LLM) has on making you more productive. The model could give you the words, but it couldn’t act on them to fix your problems. And so, agents came along, which we thought would fix the inefficiency of copying and pasting a text response. But technically, these tools were hard to scale because every connection was custom-built, one at a time. Want Claude to talk to Slack? Build a custom bridge. Want ChatGPT to talk to Google Drive? Build another custom bridge. In reality, these tools weren’t scaling in the way we thought would drive efficiency. Your dreams of building an autonomous breakup robot were just not coming to fruition.

That is until Anthropic came up with a solution. Enter the Model Context Protocol (MCP), a standardized language that allows integration of LLMs into existing data source and application structures.

Continue reading

Posted
By , and

The European Commission has published its regulatory proposal for the EU Digital Omnibus, a package of amendments seeking to streamline EU rules on data protection, artificial intelligence and digital regulation in an effort to improve EU competitiveness. For more information on the background to the Digital Omnibus, see our earlier briefing here. The Digital Omnibus is split into two regulations, one targeting the AI Act and another targeting other EU digital regulations.

Continue reading

Posted
By

“Let a thousand flowers bloom” used to be Johnson & Johnson’s strategy to generative AI innovation. In short order, nearly 900 projects sprouted across the company.

But subsequent internal review revealed that only 10–15% of those projects produced 80% of the value. In response, J&J pivoted. It narrowed its focus to high-impact use cases, and scrapped the rest. These remaining efforts were tightly aligned with business strategy, execution quality and adoption.

Continue reading

Posted
By and

Quantum-as-a-Service (QaaS) has moved from lab curiosity to real-world adoption. The inflection point isn’t that enterprises will own quantum computers anytime soon; it’s that usable quantum capacity is becoming accessible through cloud platforms, and leading firms are reporting production-adjacent use cases in real workflows.

Continue reading

Posted
By , , , and

Regulation (EU) 2023/2854 (the Data Act) entered into force on January 11, 2024, and applied from September 12, 2025, with certain provisions phased in through 2026 and 2027. The Data Act is intended to create a harmonized framework for fair access to and use of data across the EU, supplementing the GDPR and sector-specific rules. The Data Act also includes specific requirements on providers of a “data processing service” to enable customers to switch to another provider (or to an on-premise solution)—this is likely to have a significant impact on the global cloud market.

Continue reading

Posted
By

Mainframe computers are the backbone of many global industries, and integral to industry sectors such as finance, health care, transportation and government. However, the personnel trained to manage these systems are aging out of the workforce while mainframes are not—they continue to provide unmatched reliability, resiliency and security. In Sustaining and Modernizing Mainframe Systems in the Global Economy, colleagues Aaron M. OserPhilip T. EvansRoger C. Roy Jr. and Brittney D. Sandler break down the resulting and growing challenge of ensuring continuity of expertise while managing escalating software licensing costs due to vendor practices.

Read the white paper here.

 

 

Posted
By , and

The EU AI Act (AI Act), effective since February 2025, introduces a risk-based regulatory framework for AI systems and a parallel regime for general-purpose AI (GPAI) models. It imposes obligations on various actors, including providers, deployers, importers and manufacturers, and requires that organizations ensure an appropriate level of AI literacy among staff. The AI Act also prohibits “unacceptable risk” AI use cases and imposes rigorous requirements on “high-risk” systems. For a comprehensive overview of the AI Act, see our earlier client alert.

Continue reading

Posted
By and

GDPR-1497956947-300x300The European Commission’s proposed amendments to the General Data Protection Regulation (GDPR) mark the first substantive reworking of the regulation since its enactment, signaling a material shift toward economic pragmatism. These changes warrant close attention not only for what they include, but also for what they omit.

Continue reading

Posted
By and

By now, we all know what AI is. Some of us use ChatGPT as our search engine, confidant, secretary, travel agent, and much more. Others, at least, are acutely aware that AI exists, because everyone else is talking about it, possibly making money from it, or losing their jobs to it.

Continue reading

Posted
By

In 2023, we summarized the U.S. Department of Treasury report that raised concerns about the growing reliance of financial institutions (FIs) on cloud computing. Treasury highlighted structural imbalances and regulatory blind spots in the relationship between FIs and cloud service providers (CSPs).

Continue reading