Foundations beat fireworks: the week AI grew up

Friends,

your weekly AI briefing is here - designed to help you respond to AI, not react to the noise. No curveballs. No chaos. Just clarity.

🎓 Learn how to use AI to save 1 day a week in just 6 weeks: next cohort starts Tuesday 14th April

The next cohort of the AI Leaders Fellowship kicks off Tuesday 14th April. It's where SME leaders come to accelerate their AI skills, build their own AI strategy, and learn the core practical skills that save you one days a week - every week. If you've been meaning to get properly fluent rather than dabbling around the edges, this is the one.

👉 Grab your seat here

📰 This was the week that was...

This was the week we got a preview of AI's next chapter - and it's less about raw power, more about foundations. Anthropic unveiled Claude Mythos Preview, a model that can autonomously find and exploit software vulnerabilities across every major OS and browser - and in the same breath launched Project Glasswing, bringing Amazon, Apple, Google, Microsoft and Cisco together to harden critical software before attackers get similar tools.

At the same time, Google DeepMind shipped Gemma 4, putting frontier-class intelligence onto phones that work entirely offline, and Meta's Superintelligence Labs entered the race with Muse Spark, a multimodal "personal superintelligence" trained with over 1,000 physicians. Meanwhile the plumbing got easier: Claude Managed Agents handles sandboxing, sessions and permissions so teams like Notion, Rakuten and Asana ship agents in days rather than months.

Let's get into it.

🔥 Urgent Priorities

✅ No fires to fight this week

✅ Infrastructure foundations shifting beneath the capability headlines

✅ Time to think about sovereignty and security, not just performance scores

This isn't a week for panic. It's a week for mapping your AI foundations.

🎯 Strategic Insight

Tension: It's tempting to focus on which AI provider offers the smartest responses or highest accuracy scores. Most procurement conversations still centre on feature comparisons and capability demos, rather than whether you have the foundations to use AI effectively when business continuity depends on it.

Optimistic insight: The smart money is moving to foundations: security, sovereignty, and systems that work when connectivity fails. Project Glasswing shows that leading technology companies are thinking defensively first - securing software before offensive capabilities proliferate. Gemma 4's edge focus demonstrates that the future of AI isn't just bigger models in bigger data centres, but capable models running where you need them. And Claude Managed Agents shows the same pattern one layer up: the winning question is no longer "can we build an agent?" but "can we run it safely, reliably, and at scale?"

What's shifting: The conversation is moving from "Which AI gives the best answers?" to "Which approach gives us control when it matters most?" Between on-device models, security-hardened deployment, managed agent runtimes and proper governance frameworks, the organisations that thrive will be those that built robust foundations rather than chased the latest capability demos.

Why this matters now: Anthropic's own research shows AI capabilities in cybersecurity have reached a threshold where vulnerabilities found by the model often survive decades of human review and millions of automated tests. The same acceleration that makes AI powerful also makes security and sovereignty urgent, not optional.

👉 Takeaway: Between now and Q2, audit your AI foundations across three dimensions:

• Security: How quickly could you patch vulnerabilities if AI-powered attacks accelerate?

• Sovereignty: Which of your AI use cases need to work without internet connectivity or external API dependencies?

• Governance: Where do you need human oversight that can't be bypassed by social engineering or prompt injection?

If you'd like help stress-testing your AI strategy against these shifts, book a call and we'll work through it.

🤓 Geek-Out Stories

1️⃣ Keeping AI agents on a leash

AWS published a detailed guide for controlling which websites your AI agents can access, responding to enterprise customers who need domain-based filtering and egress control for agents that browse the web. The approach uses network controls to block unauthorised destinations while maintaining audit logs for compliance reviews.

Why it matters: This addresses a core business risk with AI agents - you want them to access enough to be useful, but not so much that they become a liability. Imagine an agent meant to research competitors accidentally sharing sensitive data with external sites, or being tricked into visiting malicious domains.

👉 Read it here: https://aws.amazon.com/blogs/

👉 Action: Review any AI systems you use that access external websites or APIs. List which domains they genuinely need versus which should be blocked.

2️⃣ Practice makes perfect - even for AI

Research published in Communications of the ACM argues that user simulation - creating virtual customers that interact with AI systems - is a critical catalyst for overcoming bottlenecks in AI development. The technique enables user behaviour modelling, synthetic interaction data, and system evaluation at scale.

Why it matters: Instead of learning from real customer interactions (and potentially frustrating them with early mistakes), you can simulate thousands of realistic sessions to test and improve your AI systems. Faster improvement cycles, without risking actual customer relationships.

👉 Read it here: https://cacm.acm.org/opinion/the-indispensable-role-of-user-simulation-in-the-pursuit-of-agi/

👉 Action: Pick one customer journey where you'd like to test AI improvements. Consider whether virtual customer testing could help you validate changes before deploying to real customers.

3️⃣ AI that works without Wi-Fi

Developer Fikri Karim used Google's new Gemma 4 model to build an English learning app that looks at objects around you, hears conversations, and provides real-time language coaching - all running entirely on a phone with no internet connection. The app shows how frontier AI capabilities are now available for local deployment on everyday devices.

Why it matters: This solves fundamental business challenges around connectivity, data privacy and service reliability. UK businesses in farming, construction, field services, or any operation away from reliable internet can now consider AI applications that work regardless of signal strength or data centre availability.

👉 Read it here: https://deepmind.google/

👉 Action: Identify three business processes that happen in locations with poor connectivity. Consider whether locally-running AI could enhance these workflows without requiring infrastructure investment.

4️⃣ Giving your AI a memory of its own

Milla Jovovich has released MemPalace, an open-source system that lets your AI remember every conversation you've ever had with it - across tools, across sessions, across models. A separate project from Andrej Karpathy takes a different angle: a persistent wiki that compounds knowledge as you use it, so every new conversation builds on what came before rather than starting from scratch.

Why it matters: As you lean harder on AI, the frustration of re-explaining yourself every single session becomes the single biggest drag on productivity. Persistent memory is also the unlock for more sophisticated agent workflows - an AI that forgets can't plan, can't learn your preferences, and can't compound value over time. This is a hot space precisely because whoever solves it well changes the ceiling on what AI can do for you.

👉 Read them here: https://github.com/milla-jovovich/mempalace https://gist.github.com/karpathy/442a6bf555914893e9891c11519de94f

👉 Action: Notice the next three times you have to re-explain context to an AI tool. That friction is telling you where persistent memory would pay you back fastest.

🎨 Weekend Playground

This weekend, pick your path. If you've got an Android, try the Google AI Edge Gallery app from the Play Store - it lets you run advanced AI models entirely on your phone with no internet connection required. Experiment with processing text, images and audio locally. The real insight isn't just that it works offline - it's that you can have private conversations with frontier-class AI without sending any data to external servers.

If you're on iPhone or would rather stay in the browser, spend an hour with Claude instead. Push it on something real from your working week - a messy decision, a document you need to make sense of, a strategy you're wrestling with - and see how far a proper thinking partner can take you.

Why this matters: Both paths point at the same shift - from AI-as-a-service to AI-as-infrastructure, and from AI-as-novelty to AI-as-thinking-partner. One puts the model on hardware you control. The other puts a frontier model to work on the problems actually on your desk.

👉 Mission:

• Android: download the Google AI Edge Gallery app and try the image analysis feature with a photo from your camera roll

• Android: ask it to explain a complex document without any internet connection

• Claude: bring it the hardest decision on your plate this week and ask it to stress-test your thinking

• Claude: upload a document you've been meaning to read and ask for the three things that matter most

• Either path: notice where on-device or frontier intelligence could quietly enhance your business operations

📢 Share the Optimism

If The AI Optimist helps you think more clearly, forward it to someone else navigating the shift.

If it's not quite landing, hit reply and let me know - I read every message.

Stay strategic, stay generous.

Hugo & Ben