IT Infrastructure Upgrades

Chatting is easy. Doing is hard. ⚡ I’ve been reading a lot lately about how many LLMs lack an execution layer. When it comes to travel, that layer is everything. Most tools are phenomenal at talking about a trip, but they fail the moment they need to book it. They lack the "governance infrastructure" required to move real money or enforce a travel policy. When OpenAI recently stepped back from completing bookings inside ChatGPT, some in the travel industry breathed a sigh of relief. They saw a retreat. I see a massive architectural validation. The "AI gap" isn't about how smart a model is; it’s about execution and trust. Most AI applications today are just a fancy interface sitting on top of a legacy link. When it hits a "Buy" button, it breaks. Why? Because most models lack the architecture to move real money, navigate complex corporate rules, or handle the 2 AM chaos of a canceled flight. That’s why when we set out to build Ava, we didn't build a chatbot. We built an Agent. While the rest of the world is just now discovering this "Execution Wall," Ava has been scaling it at Navan for years and is busy: ✅ Booking complex multi-leg flights. ✅ Upgrading seats and managing loyalty preferences. ✅ Changing travel dates and re-routing during disruptions. ✅ Crucially: Doing all of this within the deterministic guardrails of corporate policy. The industry is currently flooded with "Assistive AI" – tools that act like a GPS but don't know how to drive the car. Ava is the driver. She doesn't hand you off to a legacy website link and wish you luck. She stays in the flow, seamlessly manages complex processes, and handles the transaction. And we didn’t just stop with Ava. Navan Cognition allows us to embed 𝘵𝘳𝘶𝘭𝘺 agentic models everywhere. Whether you’re using Ava, Navan Edge or the “Book with AI” functionality in Navan – we’ve built AI that has direct access to unrivaled travel content and finishes the job for you. This is hard to replicate. In fact, according to Anthropic’s February 2026 analysis (https://lnkd.in/ddCpfzyw), travel and logistics rank last in agentic AI penetration, representing just 0.8% of “tool calls” – the measurable instances where AI systems take action inside real operational software, not just generate text – compared to nearly 50% for software engineering. If your AI "agent" is still handing you off to a legacy website to finish the job, you’re just buying a chatbot. If you want a system that actually does the work, you need Ava.

I’ve been mentoring engineering leaders recently, and one theme keeps coming up: Engineering is evolving—and so must we. When I worked on Google’s index 2 decades ago, it was just a few billion pages. Scaling to trillions and beyond required a mindset shift. We physically visited datacenters, mapped rack affinity & topologies, hardcoded these for performance—because no off-the-shelf solution existed. Fast forward to today: engineers can spin up a datacenters worth of compute with a config change—or better yet, it happens dynamically. That kind of shift isn’t just about tools. It’s about thinking differently. Now, AI is demanding another leap. You can’t say “I’m just backend developer” or “I only do mobile” or "I only work on models". You are now supervisors. System thinkers. Outcome owners. You are not just writing code—you are orchestrating intelligence. And that requires a new kind of engineering leadership. One that breaks silos, rethinks roles, and embraces the unknown.

🚀 Strengthening Cybersecurity with Zero Trust: Key Highlight from the FY26 Federal Cybersecurity Priorities 🚀 The Office of Management and Budget (OMB) and the Office of the National Cyber Director (ONCD) have released their FY26 Cybersecurity Priorities, focusing on enhancing the Nation's cybersecurity posture through strategic investments and initiatives. Here's a deep dive into the crucial aspects of their Zero Trust strategy: 🔹Modernizing Federal Defenses: The U.S. Government is transitioning towards fully mature Zero Trust architectures. This involves prioritizing technology modernization, implementing encryption and multifactor authentication, and leveraging government-managed cybersecurity shared services. 🔹Increasing Maturity of Information Systems: Agencies are required to submit updated Zero Trust implementation plans within 120 days, documenting current and target maturity levels in each pillar for all high-value assets and high-impact systems. These plans will be reviewed by OMB, ONCD, and CISA. 🔹Reducing Risk and Enhancing Security: Budget submissions must demonstrate how agencies are reducing risks by increasing the maturity of information systems based on the pillars outlined in the Cybersecurity and Infrastructure Security Agency’s (CISA) Zero Trust Maturity Model. Quotes from the Memo: 🔹"Agency investments should lead to demonstrable improvements reflected by agency FISMA reporting or similar metrics." "🔹Agencies with federated networks should prioritize investments in department-wide, enterprise solutions to the greatest extent practicable in order to further align cybersecurity efforts, ensure consistency across mission areas, and enable information sharing." 🔹"Within 120 days of the date of this memorandum, agencies must submit an updated zero trust implementation plan to OMB and ONCD." By aligning with CISA's Zero Trust Maturity Model and leveraging these strategic priorities, federal agencies can significantly enhance their cybersecurity posture, ensuring robust defense mechanisms and resilience against evolving threats. #Cybersecurity #ZeroTrust #Technology #CISA #Innovation #DigitalTransformation

A CEO of a SaaS company told me that despite having a sizable engineering team, they weren't delivering enough revenue-boosting features. A portfolio review revealed the problem's root: They were juggling two versions of every product - the original and a next-gen upgrade. The remedy? A strategic roadmap to phase out older products without alienating customers. Retiring outdated products isn't a simple "lights out." In this case, the new versions lacked features beloved by legacy users. So, we did this: ✅ Feature Focus Groups: We listened. Loud and clear. Customers told us what they'd miss, and what would entice them to switch. ✅ Upgrade Evolution: We pivoted. Based on customer feedback, we added crucial features to the new versions, making them truly compelling choices. ✨ ✅ Communication Crusade: We kept everyone informed. Customers, teams, stakeholders – everyone got the lowdown on the "why" and the "how" of the transition. The outcome? Transformed. The maintenance workload went down and engineers could focus on innovation and revenue-generating features. Facing a similar product purgatory? Read the full story (and get even more tips!) in my blog post: https://lnkd.in/gGHpj37S  If you need more help to boost productivity and innovation,  feel free to DM me and schedule a consultation And remember, prevention is best! When building next-gen products, think backward compatibility and seamless upgrades. #productmanagement #growth #leadership #changemanagement ___ ➡️ I am Talila Millman, a fractional CTO,  a management advisor, and an executive coach. I help CEOs and their C-suite grow profit and scale through optimal Product portfolio and an operating system for Product Management and Engineering excellence.  📘 My book The TRIUMPH Framework: 7 Steps to Leading Organizational Transformation will be published in Spring 2024. You can preorder a signed copy on my website

The Cloud ☁️ isn't just software - it relies on physical infrastructure and this week in the GCC, we witnessed exactly how vulnerable that infrastructure can be🚨 Over the last few days, Amazon Web Services (AWS) data centers in the UAE and Bahrain suffered unprecedented physical damage from regional drone strikes The result? A massive regional outage that caused digital services, mobile apps, and trading platforms across several major banks to go completely dark For years, the mandate has been "move everything to the cloud ☁️” but this incident is a brutal wake-up 🚨 call for business leaders and those advisors recommending ➖ when you outsource your core infrastructure to a centralized hyperscaler, you are also outsourcing your business continuity Coincidentaly, I also came across a viewpoint from a colleague in Arthur D. Little titled “Cloud Control: Rethinking Digital Dependence in the Age of AI”: https://lnkd.in/gKQWReWE While the article heavily frames the issue around geopolitical sanctions and data sovereignty, the core thesis is identical to the lessons learned from the AWS strike. The AWS outage proves that the insights in this article are no longer theoretical. If you are running critical infrastructure - especially in finance, energy, or healthcare - it is time to rethink how much control you have given up and consider the following: 🔹 Hybrid is the Standard: High criticality workloads need to be insulated. Repatriating core functions on-premise or utilizing decentralized models is becoming a necessity 🔹 Sovereign Factories: We will likely see a rise in enterprise-controlled, localized environments for developing and operating critical digital and AI assets 🔹 Distributed Redundancy: Relying on a single vendor's "Availability Zone" is not a disaster recovery plan The conveniences of the public cloud are immense, but the era of blind digital dependence is over (at least in the Middle East). It’s time for leaders to rethink the control of their most critical digital assets ——— What are your thoughts? Is it time for highly regulated industries to step back from the public cloud? Let me know below! 👇 #CloudComputing #AWS #CyberResilience #DigitalTransformation #BankingTech #BusinessContinuity #AI #TechTrends #RiskManagement #DataSovereignty

☁️ Every major cloud outage is a reminder that resilience isn’t something you can enable with a checkbox, it’s something you need to explicitly design, test, and adapt as dependencies evolve. A recent “thermal event” in Microsoft Azure’s West Europe region, caused by a cooling system fault triggered hardware shutdowns, took storage units offline, and resulted in broader service disruption across VMs, databases, and Azure Kubernetes Service. Even impacting dependent services in other Availability Zones. Serving as a reminder that zone-redundancy alone isn’t going to be enough when underlying storage fabrics or control-plane dependencies span across availability zones. If your replication strategy still relies on locally-redundant storage (LRS) within a single zone, or even multiple zones in the same region, you're exposed to environmental failures like this. As organizations migrate more critical workloads to the cloud, now is the moment to revisit resilient architecture. Invest in services that span multiple regions to avoid this kind of exposure, and test failover under realistic conditions, so that teams can build muscle-memory and to expose unexpected dependencies. https://lnkd.in/eUsDQ-gH https://lnkd.in/eBz8J3kD

India faced an average of 2807 attacks per week in Q1 2024, a 33% YoY increase, becoming one of the most targeted nations in the world, according to Checkpoint Research Report. Also, a notable increase in the average number of cyber attacks per organization per week, reached 1308, marking a 5% increase from Q1 2023. The Education/Research sector suffered the most, with an average of 2,454 attacks per organization weekly, making it the top target among industries. Following closely are the Government/Military sector with 1,692 attacks per week and the Healthcare sector with 1,605 attacks per organization per week, highlighting significant vulnerabilities in critical sectors essential to societal function. These numbers highlight a worrying trend of rapid escalation in cyber threats. So, what steps can organizations globally take to bolster their cybersecurity defenses? Here are a few recommendations: Awareness and Training: Educate employees about cybersecurity best practices, including identifying phishing attempts and avoiding suspicious links or downloads. Regular Vulnerability Assessments: Conduct regular security assessments to identify weaknesses in the IT infrastructure and applications, and promptly address any vulnerabilities. Multi-Factor Authentication (MFA): Implement MFA across all accounts and systems to add an extra layer of security and protect against unauthorized access. Incident Response Plan: Develop a comprehensive incident response plan that outlines steps to be taken in case of a cyberattack. Regularly test and update the plan to stay prepared. Advanced Threat Protection: Invest in advanced threat protection solutions that can detect and mitigate sophisticated cyber threats, including those that utilize AI-based tools. Data Encryption: Encrypt sensitive data both at rest and in transit to ensure that even if it gets intercepted, it remains unintelligible to unauthorized users. Continuous Monitoring: Deploy robust monitoring systems to detect and respond to cyber threats in real-time, reducing the dwell time of attackers within the network. #Cybersecurity is a continuous process. As cybercriminals constantly evolve their tactics, so should our defenses. #Cyberattacks #ThreatIntelligence #Cybersecurity

The most stressful seconds in a Data Center project. We spend months testing chillers, UPS units, and generators individually. They all pass their checklists (Level 3 & Level 4 Commissioning). But individual success doesn't guarantee system resilience. That is why the Integrated Systems Test (IST) is the single most critical milestone in Data Center delivery. It leads up to the "Black Building / Blackout Test" where we physically cut the utility power to the facility. No simulation. No software override. We just pull the plug. For a few heart-stopping seconds, the facility relies entirely on physics and logic: 1- The Ride Through: The UPS batteries must bridge the power gap with zero interruption to the IT Load. 2- The Transfer: The generators must start, synchronize, and accept the "Block Load" instantly. 3- The Restabilization: The mechanical cooling must restart and normalize temperatures before thermal limits are breached. The IST reveals hidden flaws that individual testing misses: 1- Breaker coordination acting slower than the sensitive IT threshold. 2- BMS latency causing "chatter" during the transfer switch. 3- Harmonic distortion that only appears when the entire infrastructure runs on backup power. A Data Center hasn't truly been commissioned until it has survived the dark. #DataCenters #IST #MissionCritical #Commissioning #Engineering #Resilience

The current Data Center landscape demands a higher level of technical discipline and execution capability across electrical infrastructure. This list reflects participation. The real discussion is technical capability under extreme conditions. Data Center infrastructure is entering a phase where electrical design becomes a limiting factor. Hyperscale campuses above 100 MW. AI-driven load profiles with high variability and peaks. Rack densities moving beyond 50 kW. Grid constraints and interconnection complexity. N+1, 2N and 2N+1 redundancy requirements. In this environment, the substation is no longer a standard solution. It is a custom-engineered system that must guarantee stability, protection and scalability from day one. This is where WEG operates with depth. WEG is structured to deliver across the full electrical chain required by Data Centers. Power transformers designed for high-load and continuous operation. Thermal performance, overload capability and insulation systems aligned with mission critical profiles. Medium voltage switchgear engineered for reliability and fast fault isolation. Arc-resistant designs, protection coordination and operational safety under high fault levels. Low voltage systems prepared for high-density distribution. Selective coordination, energy efficiency and adaptability to dynamic IT loads. Integration between MV and LV layers. Ensuring stability, protection selectivity and seamless operation across the entire electrical architecture. Engineering for redundancy architectures. Support for Tier III and Tier IV topologies with full alignment to uptime requirements. Manufacturing scale with controlled lead times. Real capacity to support multiple large-scale projects simultaneously without compromising delivery. Local execution across LATAM and USA. Reducing logistics risk, accelerating commissioning and ensuring proximity during critical project phases. The complexity is no longer in individual components. It is in how the system performs under real operating conditions. - Voltage stability. - Fault response. - Thermal limits. - Load variability. This is where projects are won or lost. And this is exactly where WEG delivers. #datacenter #powerinfrastructure #substation #energy #missioncritical #digitalinfrastructure #weg #engineering #ai #hyperscale

AI data centres may be the only game in town right now… but what goes inside them besides AI chips? 💡 8 things you need to know When we think "data centre," the conversation usually stops at GPUs, TPUs, HBMs and high-performance processors. But in reality, these facilities are vast ecosystems of specialised technologies, each critical to keeping our digital world running 24/7. Here are the unsung enablers: 1️⃣ Medium voltage (MV) power distribution – Companies like ABB, Siemens, Hitachi & Schneider Electric are at the forefront of MV power distribution in data centres, providing reliable and efficient systems essential for smooth operations. 2️⃣ Backup power – The need for uninterrupted power is critical, and companies like GE, Caterpillar Inc., Generac & Cummins Inc. lead in generators and backup systems to ensure uptime during outages. 3️⃣ Uninterruptible power systems (UPS) – Rolls-Royce, Eaton, Vertiv & EnerSys provide UPS solutions that protect against disruptions and maintain continuous power supply. 4️⃣ Building automation – Johnson Controls, Trane Technologies, Cisco & Honeywell enable efficient management of data centre operations, from power usage to cooling and security. 5️⃣ Security systems – Palo Alto Networks, Bosch & Delta Electronics safeguard data centres against both digital and physical threats through advanced surveillance, access control, and network security. 6️⃣ Heating, ventilation, and air conditioning (HVAC) solutions – Munters, Mitsubishi Electric & Dover Corporation maintain optimal temperature and humidity to ensure equipment longevity and reliability. 7️⃣ Server cabinets –Hewlett Packard Enterprise, Fujitsu & Dell Technologies design cabinets that organise and protect critical hardware, supporting effective cable management, cooling, and security. 8️⃣ Low voltage (LV) power distribution – Companies like Vertiv, nVent & MPS Limited provide systems that ensure the safe and efficient distribution of low voltage power within data centres. 💡 Why it matters: The AI Data-centre revolution rides on more than just semiconductors. It’s the infrastructure stack: power, cooling, security, automation, that transforms silicon into real-world capability. Each layer represents opportunities for innovation, investment, and strategic positioning in the global digital economy. 📍 For Malaysia: If we want to play big in AI, we shouldn’t just think about chips. We should aim to be a hub for the full data centre value chain. 💬 Which of these 8 do you think Malaysia could lead in? As we approach the end of 2025, I’m re-posting one of my most popular posts of the year. I share semiconductor insights everyday. Follow me 👉 Andrew Chan Yik Hong for actionable perspectives on policy, strategy and industry shifts and ring the bell 🔔 to get notified whenever I post. 💬 If this post resonates with you, re post, drop a comment or leave a like. I would love to hear your thoughts.