Q1. Could you start by giving us a brief overview of your professional background, particularly focusing on your expertise in the industry?

I've spent more than 22 years working with teams around the globe in enterprise cloud, AI, and cyber resilience. Along the way, I've partnered with telecoms, system integrators, and tech vendors—helping some of the most regulated industries get modern and stay secure. My real motivation has always been to turn tech talk into actual business wins. I started out in the trenches, building infrastructure, but now my work is about helping companies use big ideas like AI and Zero Trust to grow, cut risk, and keep running strong. These days, I advise boards and executive teams on how to innovate without losing sight of governance and financial discipline.

Q2. What is the average time between a successful AI Pilot and a company-wide EBITDA-positive rollout?

It typically takes 18 to 36 months for most large organizations to go from a successful AI pilot to a rollout that boosts EBITDA. Having the correct data, coordinating teams, and maintaining sound governance are the primary obstacles rather than technical ones. Pilots show what’s possible, but scaling up means delivering real savings, more revenue, and less risk. If finance and operations are involved early, this process can sometimes be shortened to 12 to 18 months, turning AI from a technical achievement into a true business transformation.

Q3. What is the estimated financial risk of 'Shadow AI' in terms of potential IP leakage or regulatory fines, particularly under the EU AI Act and DORA?

Shadow AI is not just an IT problem; it is a major risk that boards must take seriously. The EU AI Act can fine companies up to €35 million or 7% of turnover, and DORA has its own penalties. However, the bigger threat is losing valuable IP, allowing data to cross borders without control, missing audits, and harming your reputation. For a company worth €5–10 billion, even a 1% loss of intellectual property could mean €50–100 million lost. The only way to manage Shadow AI is through strong governance, clear risk oversight, and strict regulatory discipline across the organization.

Q4. Where is the biggest 'expectation gap' when selling Zero Trust architectures versus the reality of implementing them in a complex, global workforce?

The biggest expectation gap is seeing Zero Trust as a product instead of an enterprise operating model. Real implementation requires ongoing verification across identity, device, network, and workload, not just installing tools. In global companies, legacy identity issues, cultural resistance, and policy alignment can extend timelines to 3 to 5 years. Success depends on governance, change management, and disciplined execution, not just technology.

Q5. What is the actual reduction in Mean Time to Recovery (MTTR) that a large enterprise can expect after integrating AI into its SOC?

In a mature SOC, AI can reduce MTTR by 20 to 30% in the first year, and up to 50 to 60% with automated SOAR workflows. These improvements depend on clean telemetry, prioritized use cases, and human oversight. AI helps with triage, cross-log correlation, and early threat detection, acting as a force multiplier for analysts rather than replacing them.

Q6. At what scale of data throughput does a RAG architecture become more expensive than a targeted fine-tuned model due to vector database latency and token costs?

RAG architectures become less cost-efficient at scale — typically above 5–10 million queries per month with large context windows and latency-sensitive workloads, as vector storage, embedding refresh, and token costs compound. In stable, high-frequency environments, fine-tuned models are more predictable and economical. The tipping point is strategic, not technical: it depends on the ratio of update frequency to query volume and the value of operational efficiency.

Q7. If you were an investor looking at companies within the space, what critical question would you pose to their senior management? 

As an investor, I would ask: “How defensible is your AI moat when hyperscalers integrate your core capabilities natively?”
Real differentiation comes from proprietary data, domain-specific models, and regulatory positioning. I would look at data ownership, switching costs, margin sustainability, and compliance with the EU AI Act. In this field, long-term value depends more on data gravity and strategic control than on feature innovation alone.