The agents are coming, and they represent a fundamental shift in the role artificial intelligence plays in businesses, governments, and our lives.
The biggest news in agentic AI happened this month when we learned that OpenAI’s agent, Operator, is expected to launch in January.
OpenAI Operator will function as a personal assistant that can take multi-step actions on its own. We can expect Operator to be put to work writing code, booking travel, and managing daily schedules. It will do all this by using the applications already installed on your PC and by using cloud services.
It joins Anthropic, which recently unveiled a feature for its AI models called “Computer Use.” This allows Claude 3.5 Sonnet to perform complex tasks on computers autonomously. The AI can now move the mouse, click on specific areas, and type commands to complete intricate tasks without constant human intervention.
We don’t know exactly how these tools will work or even whether they’ll work. Both are in what you might call “eta” — aimed mainly at developers and early adopters.
But what they represent is the coming age of agentic AI.
What are AI agents?
A great way to understand agents is to compare them with something we’ve all used before: AI chatbots like ChatGPT.
Existing, popular LLM-based chatbots are designed around the assumption that the user wants, expects, and will receive text output—words and numbers. No matter what the user types into the prompt, the tool is ready to respond with letters from the alphabet and numbers from the numeric system. The chatbot tries to make the output useful, of course. But no matter what, it’s designed for text in, text out.
Agentic AI is different. An agent doesn’t dive straight away into the training data to find words to string together. Instead, it stops to understand the user’s objective and comes up with the component parts to achieve that goal for the user. It plans. And then it executes that plan, usually by reaching out and using other software and cloud services.
AI agents have three abilities that ordinary AI chatbots don’t:
1. Reasoning: At the core of an AI agent is an LLM responsible for planning and reasoning. The LLM breaks down complex problems, creates plans to solve them, and gives reasons for each step of the process.
2. Acting: AI agents have the ability to interact with external programs. These software tools can include web searches, database queries, calculators, code execution, or other AI models. The LLM determines when and how to use these tools to solve problems.
3. Memory Access: Agents can access a “memory” of what has happened before, which includes both the internal logs of the agent’s thought process and the history of conversations with users. This allows for more personalized and context-aware interactions.
Here’s a step-by-step look at how AI agents work:
The user types or speaks something to the agent.
The LLM creates a plan to satisfy the user’s request.
The agent tries to execute the plan, potentially using external tools.
The LLM looks at the result and decides if the user’s objective has been met. If not, it starts over and tries again, repeating this process until the LLM is satisfied.
Once satisfied, the LLM delivers the results to the user.
Why AI agents are so different from any other software
“Reasoning” and “acting” (often implemented using the ReACT — Reasoning and Acting) framework) are key differences between AI chatbots and AI agents. But what’s really different is the “acting” part.
If the main agent LLM decides that it needs more information, some kind of calculation, or something else outside the scope of the LLM itself, it can choose to solve its problem using web searches, database queries, calculations, code execution, APIs, and specialized programs. It can even choose to use other AI models or chatbots.
Do you see the paradigm shift?
Since the dawn of computing, the users who used software were human beings. With agents, for the first time ever, the software is also a user who uses software.
Many of the software tools agents use are regular websites and applications designed for people. They’ll look at your screen, use your mouse to point and click, switch between windows and applications, open a browser on your desktop, and surf the web — in fact, all these abilities exist in Anthropic’s “Computer Use” feature. Other tools that the agent can access are designed exclusively for agent use.
Because agents can access software tools, they’re more useful, modular, and adaptable. Instead of training an LLM from scratch, or cobbling together some automation process, you can instead provide the tools the agent needs and just let the LLM figure out how to achieve the task at hand.
They’re also designed to handle complex problem-solving and work more autonomously.
The oversized impact of the coming age of agents
When futurists and technology prognosticators talk about the likely impact of AI over the next decade, they’re mostly talking about agents.
AI agents will take over many of the tasks in businesses that are currently automated, and, more impactfully, enable the automation of all kinds of things now done by employees looking to offload mundane, repetitive and complicated tasks to agents.
Agents will also give rise to new jobs, roles, and specialties related to managing, training, and monitoring agentic systems. They will add another specialty to the cybersecurity field, which will need agents to defend against cyber attackers who are also using agents.
In fact, AI smart glasses and AI agents were made for each other. Using streaming video from the glasses’ camera as part of the multimodal input (other inputs being sound, spoken interaction, and more), AI agents will constantly work for the user through simple spoken requests.
One trivial and perfectly predictable example: You see a sign advertising a concert, looking directly at it (enabling the camera in your glasses to capture that information), and tell your agent you’d like to attend. The agent will book the tickets, add it to your calendar, invite your spouse, hire a babysitter and arrange a self-driving car to pick you up and drop you off.
Like so many technologies, AI will both improve and degrade human capability. Some users will lean on agentic AI like a crutch to never have to learn new skills or knowledge, outsourcing self-improvement to their agent assistants. Other users will rely on agents to push their professional and personal educations into overdrive, learning about everything they encounter all the time.
The key takeaway here is that while agentic AI sounds like futuristic sci-fi, it’s happening in a big way starting next year.
Well, I’ll be: We’ve just barely finished welcoming Google’s Android 15 update into the world, and already, Android 16 is teasing us with a tiny early taste.
Yes, indeedly: Google has now officially launched the first developer preview of next year’s Android 16 software. It’s part of the company’s plan to shake up the Android release schedule and put out major new versions in the second quarter of the year with smaller updates to follow in the fourth quarter.
At this point, what we can see of Android 16 is still extremely rough and preliminary. Odds are, most of its more significant elements aren’t even publicly visible just yet. But one standout addition is already stepping into the spotlight and tempting those of us who follow such subjects closely.
The feature is called Notification Cooldown, and it’s something we actually first heard about around this year’s Android 15 release. Google tested the concept during the development of that Android version but ended up pulling it and holding it for Android 16 instead.
As a smart and savvy Android Intelligence reader, though, you don’t have to wait for Android 16 to enjoy this significant new annoyance-eliminator. You can implement something similar and even more versatile, customizable, and effective on any Android device this second — if you know where to look.
[Psst: Grant yourself even more noteworthy notification powers with my new Android Notification Power-Pack — six smart enhancements that’ll change how you use your phone.]
Notification Cooldown — no Android 16 required
First things first: Notification Cooldown, if the name doesn’t ring a bell, is a new Android option designed to minimize interruptions from back-to-back, rapid-fire notifications — like when your chatty colleague Kirstie sends you 7,000 short messages during a Zoom call or your kinda-sorta buddy Brad sends seven stupid sentences somehow split into 14 separate texts.
In Android 16, Notification Cooldown can turn down the volume and “minimize alerts” in any such repeat-interruption scenarios — automatically, on your behalf, when you active a single simple toggle with your system settings.
Here’s a little secret, though: I’ve had a similar sort of system up and running on my own personal Android phone for ages now, since long before Android 16 existed. It’s even better, actually, ’cause I can decide exactly which notifications will trigger it — down to the specific app and even sender involved — and also decide for myself how long the “cooldown” period should last.
The key is an incredible Android power-user app called BuzzKill. BuzzKill lets you create powerful filters for your phone’s notifications, with all sorts of eye-opening options. I have an in-depth guide to some of its more useful possibilities, but right now, I want to focus on the Notification-Cooldown-like wizardry it can bring to any Android phone this minute — with about 60 seconds of simple setup.
Ready?
60 seconds to smarter Android notifications
All right — here’s all you’ve gotta do to get Android-16-like Notification Cooldown powers on your favorite Android phone today:
First, go download BuzzKill from the Play Store. It’ll cost you four bucks, once, as a one-time up-front purchase (and it’ll be worth that much and then some over time!).
Open it up and follow the prompts to grant it the permissions it requires. These are all genuinely required for it to be able to view and interact with your notifications. The app is from a known and reputable Android developer, it doesn’t store or share any manner of personal info, and it doesn’t even have the ability to access the internet for transferring any sort of data if it wanted to (which, again, it doesn’t!).
Tap the “Create rule” button on the main BuzzKill screen.
Now, here’s where the fun begins: BuzzKill will show you a ready-to-be-filled-in rule for how it should process certain types of incoming notifications.
BuzzKill’s still-blank starting point for creating your own Android-16-style Notification Cooldown rule.
JR Raphael, IDG
What we need to do next is tap each underlined term and fill in the blanks to configure our custom Notification Cooldown behavior.
So, first, tap the words any app and select the app or apps you want to watch for these purposes. Communication apps like Google Messages or Slack probably make the most sense, but you can pick any app or combination of apps you want (and you can always go back and create additional rules later, too).
Next, tap the words contains anything and think carefully about what specific sorts of notifications you want to include. If you want BuzzKill to stop rapid-fire back-to-back alerting for any and all incoming messages, you can just leave this blank and not change anything. But if you want to limit that behavior to messages from a specific contact, you could tap “Phrase” and then type in their name — exactly as it appears in your messaging app.
You can include any name or other phrase you want, and BuzzKill will limit its cooling only to notifications that match.
JR Raphael, IDG
Once you’ve applied that and you’re back on the rule configuration screen, tap the words do nothing, then find and tap the option for “Cooldown” in the list and tap “Pick action” at the bottom of the screen to save it. (Yes, BuzzKill used the “Cooldown” term first!)
Cooldown is just one of the notification-processing options BuzzKill presents for you.
JR Raphael, IDG
Now, you’ve got a couple quick choices to make before we wrap this puppy up:
See the words that app? Tap ’em, and you can select exactly how your cooldown will work — if BuzzKill will silence all subsequent alerts from the same app, limit it only to notifications within the same specific conversation, or limit it only to notifications that match whatever term you put in a minute ago. Assuming you put in a specific contact’s name, I’d suggest using the “that conversation” option here; otherwise, “that app” would probably make the most sense.
You’ve got all sorts of options that Google’s official Android 16 Notification Cooldown feature won’t provide.
JR Raphael, IDG
By default, BuzzKill will silence all back-to-back notifications that match your conditions for five minutes. If you tap 5 mins, you can change that to any other time you like.
The amount of time your notification cooling lasts is completely up to you.
JR Raphael, IDG
Personally, I’d start with a lower value — a minute or two — and then see what you think as you experience it in real-time. Generally speaking, a minute or two is plenty to shield yourself from the bothersome back-to-back dinging a rapid-fire texter creates but not so much that you’re likely to miss something unrelated and potentially important.
And with that, you’re all set! You should see your complete Cooldown rule scripted out in front of you, and all that’s left is to hit “Save rule” to make it active.
An Android-16-style Notification Cooldown rule — ready to save and activate.
JR Raphael, IDG
You should then see the rule on your main BuzzKill screen, with the toggle flipped over to the right in the active position.
Notification Cooldown, in action — no Android 16 required. How ’bout them apples?!
JR Raphael, IDG
And that’s it: You’ve officially set up your own version of Android 16’s Notification Cooldown, with even more flexibility and control and no restrictions on where it can run.
Amid the uncertainty around what makes a Windows 11 PC a Copilot+ PC, and how that differs from an AI PC, Arm is bringing some clarity — or perhaps a new source of confusion — with its definition of what constitutes an Arm PC.
For decades, the heart of every PC running Windows was an x86 processor, designed by Intel and later expanded upon by AMD with the x64 architecture. But in 2017, Microsoft released a version of Windows 10 that ran on processors built on designs from Arm, prompting some manufacturers to introduce Arm-based PCs.
Initially they had little influence on the market, but now Microsoft has really thrown its weight behind the Arm architecture. The Arm version of Windows 11 is superficially indistinguishable from the x86/x64 version, with the same user interface and functions. However, behind the scenes, while Windows 11 on Arm will run applications compiled for x86, it runs them slowly, in an emulator. Only applications compiled for the Arm architecture get the full power of the processor.
Microsoft makes no distinction between x86 and Arm architectures in its definition of what qualifies as a “Windows 11 PC,” leaving buyers to find out for themselves whether their favorite software application will run well or not.
For the last year or so, we’ve also had to contend with “AI PCs.” Pretty much everyone agrees that these are PCs that run AI applications thanks to an additional “neural processing unit” (NPU) alongside their CPU and GPU. For Intel, that NPU has to be in one of its Core Ultra chips. In Microsoft’s definition, an AI PC — initially at least — also had to have a dedicated Copilot key to launch its Copilot software.
Microsoft then added to the confusion with a new category: Copilot+ PCs. These are Windows 11 PCs with a “compatible” processor and an NPU capable of 40 trillion operations per second (TOPS) or more. This requirement neatly excluded Intel’s first generation of AI chips, which only hit 37 TOPS. The only chips Microsoft deemed suitable for the Copilot+ PCs on sale at launch were the Arm-based Snapdragon X Series from Qualcomm. However, that’s changing as machines with AMD Ryzen AI 300 Series and Intel Core Ultra 200V Series chips that meet the spec are now hitting the market.
But wait: It takes more than just a processor to make a PC. For years, Intel and AMD created reference designs for PCs based on the chips they made, clarifying details of interconnects and security systems. Arm doesn’t make chips, though; it licenses its architecture to Qualcomm and other companies, who sell the chips used in Arm-based PCs. So who is responsible for defining how everything fits together in an Arm-based PC?
Into that vacuum comes Arm, with its Arm PC Base System Architecture 1.0 platform design document providing rules and guidelines for companies manufacturing PCs from chipsets based on its architecture. This is an important step towards CEO Rene Haas’ goal of winning half of the Windows PC market by 2029.
Critical requirements for Arm PCs
Arm’s new PC Base System Architecture (PC-BSA) document lays out the basic elements intended to make its architecture reliable for PC operating systems, hypervisors, and firmware.
At a high level, it stipulates that 64-bit processors must be built on Arm v8.1 (or newer) core designs and integrate a TPM 2.0 trusted platform module to support security. TPM may be implemented as firmware, a discrete chip, or in a secure enclave. Arm PCs must also adhere to PCI Express standards, and allow for virtualization through a System Memory Management Unit (SMMU).
“The PC Base System Architecture embeds the notion of levels of functionality,” Arm explains in the document. “Each level adds functionality better than the previous level, adding incremental features that software can rely on.” Technical specifications also cover memory maps, interrupt controllers, and device assignment.
Protection from supply chain attacks
Arm points out that PCs go through different stages as they progress along the supply chain, from manufacturing and provisioning through deployment, production, and finally decommissioning.
“To allow actors in the supply chain to determine the current security state of a system, the security-relevant state can be reflected in hardware through mechanisms such as fuses and one-time programmable (OTP) memory,” the document stipulates.
A software boost for Arm-based PCs
One of the challenges for owners of Arm-based Windows 11 PCs is that, apart from the operating system and the Microsoft 365 productivity suite, few applications were optimized for the Arm architecture.
There were some significant new Arm-compatible software releases at Microsoft’s Ignite event this week, though, with Google releasing a beta version of its Drive for Desktop ARM64 cloud storage client, and the secure Signal Messenger app getting an update that supports the Arm-based Qualcomm Snapdragon X processors in Copilot+ PCs.
Microsoft also demonstrated new search functions powered by the NPU in Copilot+ PCs that it will release sometime in early 2025. Users will be able to find files, documents, and photos by describing their content to Copilot, even when they are offline. For instance, they may search for “modes of transport,” and the model will bring up documents that discuss cars, buses, and airplanes, Microsoft explained.
Another new Microsoft capability for Copilot+ PCs, now in preview, is Click to Do. Its purpose is to simplify workflows by making text and images selectable so that AI can provide relevant action suggestions, such as summarizing text or editing images.
Microsoft has also introduced a new API for its lightweight open multimodal model, Phi 3.5, custom-built for the Copilot+ with Snapdragon X series. This will support text summarization, completion, and prediction.
Finally, the company rolled out new enterprise-grade controls for Recall, its controversial data snapshot tool. The AI-powered feature uses natural language to help people re-engage with content. It takes frequent snapshots of active screens, encrypting them and storing them on the PC where they can be searched by AI to make what Microsoft calls an “explorable timeline of your past on your PC.”
Microsoft is working on a new Windows feature, “Quick Machine Recovery,” that will allow IT administrators to use Windows Update with “targeted fixes” to remotely fix systems that can’t boot, according to Bleeping Computer.
The new feature is part of the Windows Resiliency Initiative — Microsoft’s efforts to prevent a repeat of the outage that occurred in July 2024, when a buggy Crowdstrike update left hundreds of thousands of Windows computers unable to start, affecting hospitals, emergency services and airlines worldwide.
Microsoft plans to roll out the Quick Machine Recovery feature to the Windows 11 Insider Program in early 2025.
As regulation threatens to tear Google apart and fundamentally both damage both Android and Apple, yet another regulatory noose is tightening around Cupertino, as its Apple Pay service will in future be regulated like a bank.
All this comes as company lawyers attempt to get the insanely flawed US Department of Justice anti-trust case against Apple quashed. and it climbs in on top of recent threats of further fines and challenges in Europe. You’d be forgiven if some of the leaders at Apple might feel a little as if they have been born in “interestingtimes.”
Apple Pay faces tougher regulation
The latest twist of the rope comes from the US Consumer Financial Protection Bureau (CFPB), which is about to introduce a new rule that puts Apple Pay and other digital wallet services under the same federal supervision as banks. That’s going to mean the CFPB can proactively examine Apple and other large companies in this space to ensure they are complying with consumer protection laws concerning privacy and surveillance, error and fraud, and maintaining service continuity in order to protect users against “debanking.”
The agency in 2022 warned some Big Tech firms providing such services about their obligations under consumer protection laws when using behavioral targeting for financial products.
Announcing the regulation on X, CFPB Director Rohit Chopra explained his organization is also concerned about “how these apps can fuel surge pricing that jack up costs using your purchase history and personal data.”
You can read the new rules governing these companies here (PDF). But what is interesting is that elements of them that might have impacted crypto transactions appear to have been mitigated or removed.
Proactive, not reactive, oversight
Most of these matters were already regulated; what really changes is how rules around them are enforced. You see, while the previous regulation meant CFPB could only react to consumer complaints as they arose, it can now proactively investigate compliance. That’s the same kind of oversight banks and credit unions already face and means Apple and other payment providers covered by the rules will face deeper and, presumably, more intrusive oversight.
The new rules will only affect digital wallet providers whose tech is handling 50 million or more transactions per year. Apple’s system is now easily the most widely used digital wallet in America, so it will most certainly face this oversight. The company also participated in the consultation process that preceded the new rule’s introduction. Other providers likely swooped up under the law will include Cash App, PayPal, Venmo, and Google Pay.
To some degree, the rules make sense, given that digital wallets are used to handle real money and consumer protection is vital. But what’s really interesting is the extent to which the new determination proves just how rapidly digital wallets have replaced real wallets across the last decade.
The rise and rise of digital payments
That’s certainly what the CFPB thinks. “Digital payments have gone from novelty to necessity and our oversight must reflect this reality,” said Chopra. “The rule will help to protect consumer privacy, guard against fraud, and prevent illegal account closures.”
If you think back, it wasn’t terribly long ago when the notion that Apple wanted to turn your iPhone into a wallet seemed impossibly extreme. That is no longer the case. Two years ago, researchers claimed Apple Pay had surpassed Mastercard in the dollar value of transactions made annually, making Apple Pay the world’s second most popular payment system, just behind Visa. Google’s G Play system then stood in fifth place.
The regulator explains that payment apps are now a “cornerstone” of daily commerce, with people using them daily as if they were cash. “What began as a convenient alternative to cash has evolved into a critical financial tool, processing over a trillion dollars in payments between consumers and their friends, families, and businesses,” the CFPB said.
What next?
I think it’s pretty clear that Apple has learned a lot about this business since the introduction of Apple Pay. Not only has it been in, and then exited, the lucrative Buy Now Pay Later market with Apple Pay Later, but it has also experienced the slings and arrows of outrageous fortune with its wildly popular credit card operation, Apple Card, which has ended in a tumultuous relationship with Goldman Sachs.
During all these adventures, the company will have learned a great deal about the sector — and now that it is being regulated as if it were a bank, I wouldn’t be terribly surprised if it decided to become one.
After all, if it’s getting regulated to the same extent as banks, why not get into more of the same business sectors banks now serve? I can’t help but imagine that Apple already has a weighty file of research documents in one of its Cupertino filing cabinets exploring how and where it might profitably extend Apple Pay into more traditional banking sectors.
The new CFPB oversight regime might well accelerate any such plans.
AI agents will soon be everywhere, automating complex business processes and taking care of mundane tasks for workers — at least that’s the claim of various software vendors that are quickly adding intelligent bots to a wide range of work apps.
Many companies appear to be listening. Over the next three years, at least 40% of Global 2000 businesses will use AI agents and agentic workflows to automate knowledge work, according to an IDC report, doubling productivity in the process — where the technology is successfully implemented, at least.
Should the technology live up to expectations, businesses will be faced with a significant shift in how work is done in their organization.
“People are not just being asked to adopt a new technology, they’re being asked to change the way they do their jobs,” said Amy Loomis, research vice president, Future of Work at IDC, “I think that the vendors don’t quite appreciate how much AI is altering who does what and how.”
What are AI agents?
At a basic level, AI agents can be viewed as the next stage in the evolution of the AI tools that are already embedded in many workplace software applications — the assistants or copilots that generate content or retrieve information as directed by a worker, such as summarizing documents and drafting emails, for instance.
Autonomous AI agents, on the other hand, can complete complex, multi-step tasks with little or no input from human workers, combining large language models (LLMs) with workflow automation triggers and actions. The goal is to create intelligent and highly capable assistants that can plan, reason, and execute work tasks independently, or with minimal human oversight.
AI assistants, advisors, and agents have different capabilities and use cases, according to IDC.
IDC
“For so long we’ve talked about the work about the work — the busy work, the stuff that gets in the way of you actually doing work,” said Chris Marsh, research director, Workforce Productivity & Collaboration at S&P Global Market Intelligence. “And I think there is a genuine opportunity now to really expedite high-value work by having agents automate all that crud.”
Defining exactly what an agent is can be tricky, however: LLM-based agents are an emerging technology, and there’s a level of variance in the sophistication of tools labelled as “agents,” as well as how related terms are applied by vendors and media.
And as with the first wave of generative AI (genAI) tools, there are question marks around how businesses will use the technology. IDC analysts pointed to business scepticism around AI agent performance, alongside privacy concerns, a lack of clarity around pricing, and a skills gap in terms of understanding how knowledge work is performed “outside of traditional-documented business processes.”
Nevertheless, Deloitte predicts that a quarter of companies that use gen AI will launch “agentic AI” pilots or proofs on concept in 2025, growing to half by 2027. “Some agentic AI applications, in some industries, and for some use cases, could see actual adoption into existing workflows in 2025, especially by the back half of the year,” said Deloitte staff in a report published this week.
Achieving the “substantial gains” promised by agentic AI will require “significant overhead in terms of teams and companies adjusting to what this world looks like,” said Marsh. “And there are bigger questions … do you have the right data architecture? Do you have the right integration strategy to actually make the next phase of agentic AI a reality?”
The agents are coming
The range of options for building and managing AI agents has quickly grown in the past year.
Numerous dedicated frameworks and development platforms for building AI agents —from both startups and established technology companies — are already available. Robotic process automation software vendors have touted agents as the next generation of intelligent automation tools.
More recently, enterprise software vendors have added no-code platforms into their apps, too.
Salesforce’s Agentforce was the centerpiece of its recent Dreamforce event with the launch of its Agent Builder, a low-code tool for building AI agents, while Microsoft made its “autonomous agent” builder within Copilot Studio available in a public preview this week.
This is likely just the start: Gartner predicts that a third of enterprise applications will include “agentic AI” by 2028, up from less than 1% in 2024, with 15% of day-to-day work decisions made autonomously as a result.
Agents are also coming to digital work apps that a wide variety of office workers interact with on a regular basis. Asana, Atlassian, Box, and Slack have been among the first to announce such features in recent months. “In some ways, it’s going to be just baked into the productivity apps that you’re using, like [Microsoft 365] Copilot,” said IDC’s Loomis.
An employee onboarding agent created in Microsoft Copilot Studio.
Microsoft
Then there are agents in development from the likes of Anthropic and OpenAI: these promise to actually take over a user’s computer and perform tasks on their behalf across multiple apps.
With so many tools in development or coming to the market, there’s a certain amount of confusion among businesses that are struggling to keep pace.
“The vendors are announcing all of these different agents, and you can imagine what it’s like for the buyers: instead of ‘The Russians are coming, the Russians are coming,’ it’s ‘the agents are coming, the agents are coming,’” said Loomis. “They’re being bombarded by all of these new offerings, all of this new terminology, and all of these promises of productivity.”
Software vendors also offer varying interpretations of the term “agent” at this stage, and tools coming to market exhibit a broad spectrum of complexity and autonomy.
At a launch event last month, Microsoft gave an example of a client onboarding agent built by consultancy McKinsey. The agentic workflow kicks into action when a customer email arrives — from here the agent extracts the relevant details from emails and follows a series of steps: checking for previous interactions, summarizing client needs, and identifying the correct McKinsey employee to meet with the client. Then it can write and send an email to the employee with the relevant client details.
McKinsey claimed that the agent was able to reduce its lead time by 90% and admin work by 30%.
Microsoft has also developed other agents with more limited capability. For example, a pre-built Employee Self-Service agent available in Microsoft 365 Copilot can take some actions on behalf of a user — such as updating HR profiles — but functions mostly as an AI assistant that provides responses to user queries based on its access to documents and data from apps such as Workday and ServiceNow.
Similarly, SharePoint agents basically function as customized AI assistants that help workers retrieve information from select files. And although Microsoft says that its Facilitator note-taking agent in Teams — one of several agents announced for Microsoft 365 apps at the company’s Ignite conference this week — will eventually manage meetings “end-to-end,” the initial incarnation doesn’t sound like a huge departure from what the Copilot AI assistant can already do in the collaboration app.
These may all be useful features, of course, but are examples of the different ways agents are being marketed.
Another workplace transformation looms
Many of the agent builder tools coming to business and work apps require little or no expertise. This accessibility means a wide range of workers could manage and coordinate their own agents.
Some software vendors claim that all knowledge workers will build agents to help them in their job.
“We think everyone will need to be able to create agents in the future, much like how everyone can create spreadsheets or presentations in Microsoft 365,” said Bryan Goode, corporate vice president for Business Applications at Microsoft, in an email comment to Computerworld last month. Alongside its Copilot Studio app, Microsoft has added a “lightweight” agent builder to its Microsoft 365 Copilot assistant, which aims to encourage a wide range of workers to create agents using natural language prompts from the AI assistant’s BizChat interface.
A recent IDC report predicts a “transformative shift in how knowledge workers approach their daily and project-oriented tasks and workflows” in the coming years, thanks to the introduction of AI agents that will perform tasks “both autonomously and interactively.”
“As frustration with inefficient processes and lack of technological support mounts, workers will quickly realize they can harness the new capabilities of LLMs to automate and augment portions of their jobs,” the authors wrote.
The IDC analysts forecast that a fifth of knowledge workers with no development experience will build their own agentic workflows by the end of next year. “Despite lacking formal development experience, [knowledge workers] will harness the power of LLMs conversationally to create personalized, agentic workflows,” analysts said in the report. This means describing “tasks, processes, problems, and goals” in plain language that language models turn into the code, scripts, or automation routines required to run personal AI agents.
Although he sees potential for all manner of workers to create agents for individual productivity, S&P’s Marsh said that, for the most part, it’s likely to be a smaller subset of workers that build agents to automate key business processes. “So if it’s a bunch of workflow automation in a sales team, it’s probably going to be the sales ops person who does that, or the marketing ops person in a marketing function,” he said.
AI agents will handle a range of business processes, from relatively simple to complex.
Microsoft
The introduction of agents will require businesses and workers to adapt to yet another substantial change to how knowledge work is carried out. The shift to a hybrid-remote model is barely complete for a lot of organizations, and the initial wave of generative AI assistants are only in the early stages of adoption at most businesses. Injecting AI agents into business processes will further disrupt how work is done.
“In the longer term … I actually believe that we will start to change workflows in businesses, from human-led to AI-led,” said Matthew Kropp, managing director and senior partner at Boston Consulting Group.
The deployment of new automation technologies inevitably raises the prospect of job losses too. But despite the potential for agents to automate work processes, IDC’s Loomis expects that the technology will reshape rather than replace jobs.
“It doesn’t mean your job’s going away,” she said. “It means you focus on different things, and your job is to manage or develop the automation. So people are going to have to get much more technically astute, to a certain degree.”
Craig Le Clair, vice president and principal analyst at Forrester Research, predicts that the net number of jobs will remain the same or grow, but increasingly advanced automation will eventually result in a significant shift in the types of roles that are needed.
“Agents will mostly affect the digital elite, which is the professional category, and the ‘middle workers’ for those lower-level cognitive tasks that they do in the mid-office, in the back office. Those are going to create the greatest shifts,” said Le Clair, author of the book Random Acts of Automation.
Use cases in industries with high interest in AI agents, according to Forrester Research.
Forrester Research, Inc.
“AI is going to not so much eliminate jobs — I think we figured out that we can’t really predict that anyway — it’s more having middle workers either move to front line, or in a positive way, have middle workers who become AI operators be able to move up … the ‘digital elite’ will be challenged with the diminished importance of their professional credentials,” he said.
Are AI agents ready to deploy?
While automation holds great potential to transform how work is carried out in future, the near-term reality for businesses is a different story.
The first generation of generative AI assistants and copilots have now descended into what Gartner terms the “trough of disillusionment,” with many projects remaining at a pilot stage due to a combination of factors: change management, a lack of clarity on ROI, and various security considerations, for example. And then there’s the propensity for language models to “hallucinate” answers. Many of the same challenges will be faced when deploying AI agents.
Businesses are understandably cautious about letting LLM-based agents act autonomously and access business systems, for example, even if they are subject to limitations in terms of the actions they are programmed to carry.
For the time being, most businesses will want some sort of human oversight. “There are no circumstances, at least right now, in which you would deploy this without some ‘human in the loop,’” said Kropp. This means that human workers have visibility into the agent’s actions and are consulted before taking riskier actions. That said, Kropp is confident that the problem of AI hallucinations will fade in significance as the technology matures, with agent reasoning capabilities also improving quickly.
While there are likely to be plenty of challenges along the way, Marsh expects that the combination of AI and automation will ultimately have a “profound” impact on how works gets done — even more so than other recent workplace shifts prompted by new technologies.
“I think the productivity gains are there. I think they’re real … If I think of all those changes that have happened over the past five years, this will be easily the biggest,” he said.
DuckDuckGo has urged the European Commission to open three investigations into Google’s compliance with the EU’s Digital Markets Act (DMA), alleging non-compliance with key obligations under the law.
In a blog post, the privacy-focused search engine outlined Google’s obligations under the DMA, which include sharing anonymized click and query data, implementing choice screens, and allowing users to easily change default search settings.
“Unfortunately, Google is using a malicious compliance playbook to undercut the DMA,” DuckDuckGo said. “Google has selectively adhered to certain obligations – often due to pressure from the Commission – while totally disregarding others or making farcical compliance proposals that could never have the desired impact.”
DuckDuckGo argued that the obligations were designed to counter Google’s market dominance, noting parallels with findings in the United States v. Google case. The US judge in that case ruled that Google’s scale and distribution advantages were illegal, citing that 70% of search queries flow through access points preloaded with Google.
This creates what the judge called a “perpetual scale and quality deficit” for competitors, locking in Google’s dominance.
DuckDuckGo’s call for additional probes comes as Google faces growing competition from emerging players such as OpenAI and Perplexity AI.
Compliance enforcement challenges
DuckDuckGo’s allegations against Google shed light on the ongoing challenges in enforcing fair competition within the digital ecosystem.
In its post, DuckDuckGo has even argued that DMA fails to adequately address Google’s scale advantage. While sharing click-and-query data is a crucial step, the company said it is not enough on its own to foster a competitive search engine market.
“The potential gaps in Google’s compliance with the DMA underscore the need for vigilant regulatory oversight,” said Prabhu Ram, VP of the industry research group at Cybermedia Research. “If substantiated, these allegations could significantly impact competition dynamics in Europe.”
Sanchit Vir Gogia, chief analyst and CEO at Greyhound Research, added that it’s important to note that DMA is wide-ranging, complex, and open to interpretation.
“Hence, whether or not Google is compliant is still up for discussion,” Gogia said. “The fact is that Google has made select changes to encourage fair competition. Still, given the open-to-interpretation nature of this act, there is room for discussion (read allegation) from the competition.”
Moreover, as new competitors like Perplexity AI and OpenAI gain traction in the search market, any regulatory action against Google must account for the growing challenge these vendors pose to its dominance, Gogia added.
What Google may do
This could get more difficult as analysts suggest Google may have strategies to navigate the issue, such as licensing anonymized search data that excludes a significant portion of queries.
While this approach could technically comply with legal requirements, it risks undermining the intent of the rules.
“This, in turn, raises concerns about genuine user choice in an environment favoring incumbents,” Ram pointed out. “How EU regulators address these issues will be pivotal, shaping the behavior of other gatekeepers and setting important precedents for global competition policies.”
In its post, DuckDuckGo has called on regulators worldwide to examine the implementation of DMA, warning that Google has exploited loopholes to circumvent the rules. The company urged authorities to take measures to ensure Google cannot continue to obstruct progress and fair competition.
According to Techcrunch, users need a subscription to Microsoft 365 to have access to the technology.
Initially, the tool will support nine languages: English, French, Italian, Portuguese, Spanish, German, Japanese, Korean and Mandarin. More languages are likely to be added over time.
Among the first things Apple IT admins woke up to this morning was news of a pair of actively exploited zero-day attacks in the wild targeting Intel Macs, iPhones, iPads, and even Vision Pro users. Apple has already released software patches for the flaws, which is why the second thing admins realized is that they must rush through any necessary software verification process required before expediting installation of the update.
In these days of remotely managed devices and increasingly effective MDM systems, that’s far less a problem than it was in the past. You can usually make a policy change and push out updates to all your managed devices quickly.
Companies that don’t use these systems, or those that have employees using their own personal devices to access potentially sensitive internal data, must work harder to convince users to install security updates. So, what can they tell people about the latest threat that might help motivate them to install the patch today?
Why you should update immediately
First, Apple says it believes the attack is being actively used, which means any Intel system — including systems used by other people you interact with — is a potential target. “Apple is aware of a report that this issue may have been exploited,” the company said.
Second, it slips in using flaws in software you use daily, including JavaScript and WebKit, the rendering engine that powers the Safari browser on Apple devices. In other words, everyone using Apple’s devices is a potential target.
Finally — and perhaps best of all — Apple has already shipped a fix for the problem, maintaining its reputation for being ahead of threats, rather than echoing the approach taken by some other platforms and racing to keep up with attacks. It’s almost as if Apple’s systems remain more secure for a reason. The company addressed 20 zero-day attacks in 2023 and has guarded against just six so far this year.
Michael Covington, vice president for portfolio strategy at Jamf, thinks all users should update at once.
“While Apple has warned that the vulnerabilities, also present in macOS, may be actively exploited on Intel-based systems, we recommend updating any device that is at risk,” he said. “With attackers potentially exploiting both vulnerabilities, it is critical that users and mobile-first organizations apply the latest patches as soon as they are able.”
What are these attacks?
The attack vector makes use of two vulnerabilities found in macOS Sequoia JavaScriptCore (CVE-2024-44308) and WebKit (CVE-2024-44309). The first lets attackers achieve remote code execution (RCE) through maliciously crafted web content; the second lets attackers engage in cross-site scripting attacks.
As admins will recognize, RCE exploits can enable attackers to install malware surreptitiously on infected machines, perform denial-of-service attacks, or access sensitive information, while a cross-scripting attack can help hackers grab personal data for identity theft and other nefarious ends. No one wants to be a victim of either form of attack.
Who is using these attacks?
No information pertaining to who has been using these flaws in their attacks has been shared. With that in mind, it’s important to note that the flaws were identified by researchers at Google’s Threat Analysis Group (TAG), which works to counter government-backed attacks. That suggests that whoever has been weaponizing these vulnerabilities is connected to a national entity of some kind.
If that is the case, recent reports from TAG suggest an upsurge in such attacks, so users in some industries and professions might want to consider locking down their devices with Apple’s Lockdown Mode to minimize their attack surface. IT, meanwhile, should review security compliance, particularly among those using older iPhones, iPads, or Intel Macs.
