Exclusive interview Bilal Baig, Vice President, Solutions Engineering, TrendAI™️

Your keynote focuses on the 2026 cybersecurity threat horizon. What are the biggest shifts enterprises should be preparing for over the next 12 to 18 months?

There are three shifts that enterprises need to prepare for urgently. The first is the governance of agentic AI. Agentic AI is moving into the mainstream, and every AI agent introduced into an enterprise environment effectively becomes a new identity. As organisations begin deploying hundreds or even thousands of agents, they will need clear controls around ownership, permissions, accountability, and response. In my view, this will very quickly move from a best practice to a compliance requirement.

The second is visibility. AI has expanded the enterprise attack surface almost overnight. We used to talk about shadow IT; today, we are dealing with shadow AI. Many organisations do not have a clear visibility of who is using AI, which tools are being used, what data is being shared, or whether AI projects are being built with the right governance in place. Establishing visibility of that attack surface thus becomes essential.

The third is vulnerability prioritization and virtual patching. With AI accelerating vulnerability discovery, organisations will face a growing volume of exposures that cannot all be patched immediately. The challenge will be knowing what to prioritise and how to protect critical systems while remediation is underway. This is why virtual patching is becoming relevant again.

Finally, we will see agentic capabilities become more central to defense. If attackers are using agentic AI, defenders will also need AI-powered, agentic security operations across areas such as SIEM, SOAR, detection, and response.

Across our industry these are the shifts that become extremely important over the next 12 to 18 months

A big part of “what’s coming” is agentic AI moving into production. When an autonomous agent can take actions, call tools, and talk to other agents, what new attack surfaces open up that legacy defences were never built to see?

The biggest change is that the attack surface is no longer limited to data, applications, and infrastructure. Enterprises now also need to govern the agents themselves.

Cybercriminals are already using agentic AI to make attacks more scalable and targeted, with different agents handling reconnaissance, phishing, coordination, and data analysis. At the same time, enterprises are introducing autonomous agents that can call tools, access systems, and communicate with other agents. That creates a new layer of risk.

For example, if one agent does not have permission to complete a task, it may interact with another agent that does. Without the right governance, that can bypass traditional security boundaries. The risk is not always intentional or malicious. An agent may simply be trying to complete its assigned goal, but in doing so it can drift into behavior that creates security, compliance, or data exposure risks.

This is why we need stronger governance around agent-to-agent communication. Enterprises need to understand what each agent is allowed to do, what identity it uses, which systems it can access, and who is accountable if something goes wrong. We should think of every agent almost like a new employee: it needs onboarding, permissions, supervision, and accountability.

Agent-to-agent interaction and data integrity are emerging as core risks. Technically, how do you secure trust between autonomous agents, and stop a compromised one from cascading across a workflow?

The first principle is that AI security has to be layered. It cannot start and end at the agent level. Enterprises need controls across the full AI stack, from infrastructure and microservices to LLMs, agents, applications, and data flows. If any one layer is compromised, it can affect the integrity of the wider workflow. This is particularly important as AI-native applications increasingly depend on multiple models, services, APIs, and agent interactions.

The second priority is controlling how agents communicate with each other and with enterprise systems. That means applying guardrails to inspect prompts, responses, behavior, permissions, and outputs in real time. It also means monitoring agent-to-agent communication so that a compromised or misdirected agent cannot collapse across a workflow unchecked. In short, every layer of the AI ecosystem requires its own security controls.

There is no single magic solution that can secure the entire AI environment. Effective security requires layered capabilities across AI guardrails, governance, LLM security, and backend security. At TrendAI™, we combine these capabilities as we work with partners such as Anthropic and NVIDIA to help organizations secure AI from development through deployment.

Most enterprises are layering agentic AI onto existing infrastructure rather than building greenfield. From a solutions engineering standpoint, where do the security gaps typically appear in those hybrid deployments?

The most common gap is visibility. An organization may officially approve one AI tool, but employees and teams may still be using others across the business. That creates a fragmented AI environment where security teams may not know which models are being used, what data is being shared, or whether those tools are sanctioned. This is where the core issue lies.

Once visibility is established, the next challenge is control. Enterprises need to define what each AI system is meant to do, how it should interact with users and systems, what malicious input looks like, and what type of output should be blocked. . Most of the newer top-tier models have some form of AI security guard built in, but the mid-tier models that many organisations rely on do not have those controls.

The issue is not that organisations are moving fast. Innovation should continue. The risk is moving AI projects into production without the right security checks. The better approach is to establish an AI security blueprint and production gates, so that AI applications, LLMs, agents, data flows, and backend systems are assessed before they go live.

Visibility keeps coming up. What does observability actually look like for autonomous systems and how do you monitor and audit decisions an agent makes with no human in the loop?

Observability for autonomous systems has to work across multiple layers. At the first layer, you need visibility into the agent itself – where it is running, what it is doing, and which systems it is interacting with. At the second layer, you need visibility at the gateway level, where communication moves between users, agents, applications, and LLMs. At the third layer, you need visibility into local or enterprise-hosted LLMs, including how they connect to internal systems, data sources, and services. Together this gives you visibility of how an AI whether a chatbot agent or an autonomous agent communicates with the various backend services it draws data from, including on-prem LLMs and how MCP servers are integrated across the ecosystem.

This also extends to internal LLM projects and public AI services such as OpenAI, where guardrails are needed to monitor usage and reduce risk. With TrendAI™, organisations can identify which AI tools are sanctioned or unsanctioned, user interactions, agent behavior, prompt activity, data movement, and potentially malicious commands. Without this level of observability, organisations cannot properly govern autonomous systems.

For auditing, the starting point is a clear blueprint. Every agent should have a defined role, expected behavior, access permissions, and decision framework. In an AI development lifecycle, for example, agents may generate code, test it, scan for vulnerabilities, and prepare it for commit. But the process still needs checkpoints, audit trails, policy enforcement, and human review at critical stages.

The goal is not to slow AI down but to make autonomous activity measurable, auditable, and accountable. Without those checks, agents can create operational, security, and even cost risks, including excessive token consumption or actions that were never intended by the business.

For an organisation just starting to deploy agentic AI, what’s the advice you would give them to first set-up on the security side and to be aware of the most common early mistake that organisations make?

My advice is to start with an AI security blueprint before moving anything into production. Organisations should first define the use case, expected outcome, the systems the AI will interact with, the data it can access, and the controls required across the lifecycle. Security cannot be treated as an afterthought. It has to be built into the design, development, deployment, and monitoring of every AI-native application.

At TrendAI™, we help organisations secure the full AI lifecycle, from defining the use case and building the AI system to deploying it safely into production and governing it once it is live. This is where TrendAI Vision One™ plays an important role, providing an AI security blueprint that gives organisations visibility into which AI tools are running, which are unsanctioned, where AI is being used, and what risks or attacks may be emerging. It also helps monitor user activity, agent behavior, security posture, rate limits, and token consumption, enabling organisations to put the right guardrails in place before deployment and maintain control as AI scales across the enterprise.

The most common mistake is rushing to production without visibility or governance. Many organisations move quickly because the business pressure around AI is high, but they only revisit security after something goes wrong. The better model is to put production gates in place from day one, so AI can scale safely without creating unmanaged risk.

Rohit Chowdhary, Head of Advanced Consulting Services at Nokia, sat down with The Integrator to share insights into the company’s vision for enabling the AI Supercycle. He outlined how Nokia’s end-to-end portfolio spans everything from AI-ready connectivity and energy-efficient 800G data centre networking to intelligent, self-optimising home Wi-Fi experiences powered by AI.

A key focus of the discussion was Nokia’s shift from strategic advisory to real-world execution through its dedicated Automation Excellence Practice, helping operators translate ambitious transformation roadmaps into measurable outcomes. The conversation also highlighted the growing importance of integrated, intelligent and secure networks that can support rising AI workloads, eliminate infrastructure bottlenecks and unlock tangible business value, while maintaining the highest standards of security, privacy and resilience

Could you begin by telling us about your role at Nokia and the journey that brought you here?

I lead Nokia’s Advanced Consulting Services business across Europe, the Middle East and Africa. My journey with Nokia spans nearly seventeen years, beginning at a time when consulting was largely focused on network transformation initiatives. Over the years, I have worked closely with operators around the world on transformation programmes, analytics adoption, customer experience management and digital modernization.

As the industry evolved, so did our consulting focus. Following the Nokia and Alcatel Lucent merger, we established what is today known as Advanced Consulting Services. The organization now spans several domains, including Security, Business monetization, Cloud and Technology transformation, Autonomous Networks, and Data & AI.

More recently, we launched an Automation Excellence Practice. The idea was simple. Customers often appreciated our strategic blueprints but needed practical expertise to implement them. Today, we have specialized engineers who combine telecom expertise, AI capabilities and software development skills to turn strategic visions into real automation pipelines, AI-driven workflows and production-ready use cases. Our role is to help customers move from concept to measurable business outcomes.

Nokia is often associated with connectivity, but the company is increasingly talking about AI readiness. How does Nokia’s infrastructure portfolio support this transition?

AI is creating what we describe as an AI Supercycle. It is transforming everything from data centres and cloud infrastructure to network architectures and edge computing. Supporting this shift requires a complete ecosystem rather than isolated technologies.

Nokia’s portfolio addresses this across multiple layers. On the network side, we continue to innovate in radio technologies, including AI-RAN capabilities developed alongside strategic partners such as Nvidia. We also have a strong optical networking and IP portfolio that enables the high-capacity connectivity required between data centres, edge locations and cloud environments.

One area that excites me is our innovation in data centre networking. We are introducing highly efficient coherent optical technologies and advanced switching platforms that significantly reduce infrastructure footprints while improving performance and energy efficiency. These innovations are becoming increasingly important as organizations invest in AI factories, AI grids and large-scale inference environments.

Beyond connectivity, we also provide intelligent automation layers through our Autonomous Networks platforms, enabling operators to manage complex, multi-vendor environments more efficiently and intelligently.

What are some of the biggest infrastructure bottlenecks you see operators and enterprises facing as AI adoption accelerates?

One of the biggest challenges is understanding that AI infrastructure is not just about compute power. Organizations often focus heavily on GPUs and processing capabilities, but connectivity can quickly become the limiting factor.

You can deploy the most powerful AI infrastructure available, but if the network cannot support the required data movement between racks, data centres and edge locations, performance suffers. This is where intelligent networking becomes critical.

At Nokia, we are helping customers design what we call AI-ready connectivity. This includes high-capacity optical networking, intelligent routing and the seamless interconnection of compute environments. As AI workloads become increasingly distributed, the ability to move data efficiently becomes just as important as the ability to process it.

On the consumer side, Nokia has been showcasing AI-driven Wi-Fi management capabilities. How does this improve the end-user experience?

The home network has become far more complex than it was a few years ago. Consumers expect flawless connectivity across multiple devices, applications and services.

Our AI-enabled Wi-Fi solutions continuously monitor network performance and user experience. They can identify coverage gaps, detect congestion, analyze interference patterns and even recommend or automatically implement corrective actions.

The goal is to create a self-optimizing network environment where many issues can be resolved autonomously before they impact the user. This reduces support requirements for service providers while delivering a more consistent and reliable experience for customers.

The Middle East is witnessing an unprecedented surge in data centre investments. How do you see this shaping Nokia’s opportunities in the region?

The Middle East has emerged as one of the most dynamic markets globally for AI infrastructure investments. Governments and enterprises are actively investing in sovereign AI capabilities, advanced data centres and digital ecosystems.

This creates significant opportunities, not only for Nokia but for the broader technology industry. The success of these initiatives depends on having secure, scalable and efficient connectivity between compute resources, cloud environments and end users.

Our role is to help customers build these foundations. Whether it is data centre interconnectivity, optical networking, intelligent routing or autonomous operations, Nokia’s technologies are designed to support the scale and performance requirements of AI-driven economies.

As data volumes continue to grow, security and data sovereignty are becoming increasingly important. How is Nokia addressing these concerns?

Security is deeply embedded into Nokia’s strategy and innovation roadmap. As a European technology company, trust, resilience and security have always been fundamental principles in how we design and operate our solutions.

While we continue to invest heavily in AI innovation, we are equally focused on strengthening security capabilities across our portfolio. This includes advanced network security architectures, AI-driven threat detection and preparations for future technologies such as quantum-safe networking.

We are actively engaged with industry bodies, standards organizations and ecosystem partners to help define the next generation of secure digital infrastructure. As AI becomes increasingly pervasive, security must evolve alongside it, and that is an area where Nokia continues to invest significantly.

Looking ahead, what excites you most about the future of AI-driven networks?

What excites me most is the convergence of AI, automation and connectivity. Networks are evolving from passive transport layers into intelligent platforms that can learn, adapt and optimize themselves.

The future will be defined by autonomous operations, AI-native networks and real-time decision-making at scale. Organizations that successfully combine these capabilities will unlock entirely new business models and levels of operational efficiency.

For us, the opportunity is not just about deploying technology. It is about helping customers transform the way they operate, innovate and create value in an increasingly AI-driven world.

Exclusive interview with Uday Shankar Kizhepat – Vice President and General Manager for ME

How is WSO2 sailing through in the region amidst the uncertainty?

The Middle East continues to be one of the most dynamic technology markets globally. While there is uncertainty in the broader geopolitical and economic environment, we see that organizations across the region remain committed to their digital transformation programs and continue to invest in the areas of API modernization, application integration, Identity and access management, data connectivity, cloud transformation and AI enablement. This is because digitization is now a business necessity rather than a discretionary investment.

For WSO2, this has translated into continued demand for solutions that help enterprises modernize systems, securely manage digital identities, integrate increasingly complex technology landscapes, and adopt AI responsibly. We are seeing particularly strong interest from government, financial services, telecommunications, and energy sectors, where organizations are focused on improving operational agility while maintaining security, compliance, and resilience.

Any new products / solutions that have been introduced for the region?

One of the most significant developments for us is our vision for the Agentic Enterprise and the introduction of WSO2’s Agentic Enterprise Fabric. Rather than treating AI as a standalone capability or bolt-on feature, we have embedded AI capabilities into the very fabric of our platform.

The Agentic Enterprise Fabric enables organizations to securely connect data, APIs, applications, identities, and AI agents across the enterprise. This creates a foundation where intelligent agents can operate with the right context, governance, and security controls while delivering measurable business outcomes.

The WSO2 Agent Manager is an open platform for the full life-cycle of enterprise grade AI agents. The WSO2 AI gateway helps in governance by monitoring the usage, applying guardrails, optimizing costs & exposing APIs as MCP tools so that AI agents can safely interact. The WSO2 agent ID helps to register, authenticate, authorize and audit AI agents as first class identities.

This approach is resonating strongly in the Middle East, where organizations are moving beyond AI experimentation and looking for scalable, enterprise-grade AI implementations that can be governed and integrated into existing business processes.

What are the key solutions that have kept WSO2 ahead of its other competitors in the region?

Our differentiation comes from helping customers address  key critical challenges simultaneously: APIs, integration, identity, and AI adoption.

Our API management platform helps companies ship, govern and monetize APIs, AI and MCP across any gateway or any cloud. Our integration capabilities enable organizations to connect legacy and modern systems quickly, helping accelerate digital initiatives.  Our identity and access management solutions provide the security and trust layer needed for large-scale digital services. Last but not the least, our Agentic Enterprise Fabric brings AI into the core of the enterprise architecture rather than layering it on top as an afterthought.

All of this combined with our open-source heritage, flexible deployment options, and ability to support sovereign cloud and hybrid environments, gives  customers the freedom to innovate with zero lock-in. This flexibility is critical in the Middle East region, where organizations increasingly prioritize digital sovereignty, data control, and long-term technology independence.

What are your plans for the coming few months in the region?

Our commitment to the growth and development of the Middle East region remains. We have just completed registering our office in KSA which reiterates our focus on deepening our engagement with customers and partners across the GCC and wider Middle East. We are investing in helping organizations move from AI pilots to production-ready deployments, while continuing to support large-scale modernization and digital transformation initiatives.

We also plan to strengthen our partner ecosystem, expand our presence in key markets, and work more closely with organizations pursuing digital sovereignty initiatives. As governments and enterprises accelerate their AI and digital agendas, we see significant opportunities to help them build secure, connected, and intelligent digital platforms for the future.

What’s your anticipated growth for the digital / tech sector in the coming few years?

The outlook remains very positive and we are optimistic. Over the next three to five years, I believe the region will move from digital transformation to intelligent transformation, where AI becomes embedded in core business operations rather than existing as isolated applications. Organizations that successfully combine AI with strong integration, identity, governance, and data foundations will be best positioned to create sustainable competitive advantages.

This shift will create significant opportunities for technology providers, system integrators, and enterprises alike.