Key Themes
AI amplifies existing organisational systems rather than fixing them
Speed without governance creates systemic fragility
AI strategy is fundamentally a system design problem
Wardley Mapping helps determine where AI should and should not be applied
Governance, oversight, and accountability must scale alongside AI capability
The AI Velocity Illusion: faster output does not equal faster organisational throughput
Organisations must distinguish between AI-driven strategy and AI-informed strategy
AI readiness depends on organisational maturity, not tool adoption alone
Work in Progress limits and flow control become more important in AI-enabled environments
Commodity-domain processes are the safest and most effective candidates for automation
Human judgment remains critical in uncertain and evolving domains
Most AI initiative failures stem from poor application and governance, not from the technology itself
Slides
You can also download the slides that accompanied this talk
AI Strategy with Firebot.AI
On 20 May 2026, Toby Corballis joined the Agentic Edge event as the keynote speaker at Barclay’s Eagle Labs in Shoreditch, London to speak about AI strategy, organisational design, governance, and the growing gap between AI capability and enterprise readiness.
The discussion focused on a core idea:
AI does not fix broken systems.
It amplifies them.
Below is a cleaned transcript of the keynote and audience discussion.
If you’re interested in accelerating delivery, the Strategic Flow Accelerator is a great starting point.
Transcript
The Value Is Human. The Speed Is AI.
Thank you all for coming.
I’m going to talk about AI strategy for an agentic world, but also about strategy more broadly, because the two have to dovetail.
I want to talk about speed, risk, and control.
There’s a quote I really like:
“The value is human. The speed is AI.”
I think that’s an important framing.
If we’re talking about strategy, we have to start with the right question.
A lot of organisations are still asking:
“How do we deploy more AI?”
That’s the wrong question!
It assumes the bottleneck is AI capability itself.
I don’t think it is.
The better question is:
“Have we designed the system properly for the AI to operate within?”
Because governance matters.
Oversight matters.
Intent matters.
And those things need to scale alongside the AI we introduce.
If they do not, then all we really create is speed.
And speed without system design is not acceleration.
AI Is Amplifying an Already-Changing Threat Landscape
In the security and infrastructure world, the threat landscape has already shifted.
Threat actors are operating at a scale we haven’t seen before.
They are evolving attack patterns faster than ever.
They are automating.
And importantly, they do not care about governance, guardrails, or organisational constraints.
They are already operating in an agentic world.
The question is whether enterprise defences evolve at the same pace.
This is fundamentally a system design problem, not just a technology problem.
The Myths Organisations Still Believe
There are several myths driving poor AI strategy.
Myth 1: Deploy AI and everything gets faster
Yes, AI accelerates output.
But it does not automatically accelerate:
- decision-making,
- governance,
- oversight,
- or organisational absorption capacity.
Myth 2: More tools create more capability
Not necessarily.
What they often create is more coordination overhead.
Myth 3: The main risk is that AI makes mistakes
AI will absolutely make mistakes.
The real question is whether your organisation can absorb those mistakes safely.
Myth 4: AI readiness means AI adoption
It doesn’t.
AI readiness means:
- system design,
- governance,
- security,
- intentionality,
- and oversight.
Without those, adoption simply increases risk.
Martec’s Law and the Growing Gap
There’s a concept called Martec’s Law, introduced by Scott Brinker.
Technology changes exponentially.
Organisations change logarithmically.
That creates a widening gap between technological capability and organisational capacity.
AI is accelerating that gap faster than anything we’ve seen before.
Which means organisations cannot do everything.
They must become intentional about:
- where AI is applied,
- how it is governed,
- and which problems are actually worth solving.
The AI Velocity Illusion
Earlier this year I published some research on what I call the AI Velocity Illusion.
If AI enables work to happen 30 times faster, but governance capacity does not increase at the same rate, then all you create is systemic overload.
Governance breaks.
Queues expand.
Speed creates risk.
This connects to Little’s Law in systems thinking:
Work in Progress = Throughput × Lead Time
If throughput explodes but the organisation’s ability to absorb work does not, the bottleneck simply moves elsewhere.
The bottleneck becomes organisational absorption capacity.
Wardley Mapping and AI Strategy
One of the tools I recommend for thinking about AI strategy is Wardley Mapping.
Every capability evolves through stages:
- Genesis
- Custom
- Product
- Commodity
The correct role for AI depends on where the activity sits on that evolutionary path.
Genesis
At the Genesis stage, humans must remain fully in charge.
AI can support:
- research,
- exploration,
- and idea generation.
But uncertainty is high and judgment matters deeply.
Custom
In the Custom stage, organisations are shaping and adapting capabilities to their needs.
AI can help with:
- pattern matching,
- analysis,
- and understanding.
But human judgment is still critical.
Product
At the Product stage, processes become more repeatable.
AI can begin recommending actions, but humans should still review and approve them.
Commodity
At the Commodity stage, processes are stable and repeatable.
This is where AI executes extremely well.
Humans still define constraints and oversight, but automation becomes highly effective.
That is why systems like Firebot are compelling.
Firewall and network change management are highly repeatable, stable processes.
That makes them ideal candidates for controlled AI execution.
What AI Actually Is
There is also a conceptual trap around AI itself.
People assume AI understands context.
It doesn’t.
It extracts statistical patterns from training data.
People assume it exercises judgment.
It doesn’t.
It produces statistically plausible outputs.
Sometimes those outputs are excellent.
Sometimes they are plausible nonsense.
Anyone who has used frontier models deeply in their own area of expertise will have seen this happen.
People think AI learns from experience.
It doesn’t.
It doesn’t have self-referential memory.
Any persistent memory is externally designed around the model.
People think AI reasons independently.
It does not.
It is structurally coupled to human language.
And people think AI knows what it does not know.
It doesn’t.
You still need verification, governance, and human oversight.
Because fundamentally:
- AI systems are pattern extractors,
- not autonomous strategic actors.
AI Without Constraints Creates Risk
The real risk is not the tool itself.
The risk is the absence of governance around the tool.
I recently built an OpenClaw system for my own business.
Before I allowed it to operate, I spent several days locking the environment down.
Because unconstrained autonomous systems are not acceptable in enterprise environments.
This is why strategy cannot be outsourced to the model.
We do not want AI-driven strategy.
We want AI-informed strategy.
Humans define:
- intent,
- constraints,
- priorities,
- and accountability.
AI accelerates execution within those boundaries.
That is a very different thing.
Three Practical Tools for AI Strategy
If I were recommending three practical tools for organisations approaching AI strategy, they would be:
1. Wardley Mapping
Map capabilities across the evolutionary landscape.
Do not automate before understanding what you are automating.
2. OKRs
Objectives and Key Results help align organisational strategy and act as a rejection filter.
Organisations fail when they attempt to do everything simultaneously.
3. Work In Progress Limits
WIP limits control systemic overload.
AI increases throughput dramatically.
Without limits, organisations simply create larger queues and greater fragility.
Three Questions Before Deploying AI
Before deploying AI into any system, ask:
- Where does this activity sit on the evolutionary landscape?
- What exactly will this AI amplify?
- Who remains accountable?
Because “the AI did it” is not a defensible governance model.
If accountability cannot be clearly named, then what you have is not strategy.
It is liability.
Closing Thought
The goal is not more automation.
The goal is greater control, better governance, and faster flow through systems that were intentionally designed to absorb AI safely.
The organisations that succeed will not be the ones deploying AI the fastest.
They will be the ones that combine:
- governance,
- oversight,
- intentionality,
- and appropriate system design.
That is what creates durable advantage.
Audience Discussion
Question: Where do organisations currently sit in terms of AI maturity?
I think we are seeing the full range of maturity levels.
A lot of organisations are still sitting at the “peak of inflated expectations” in the Gartner Hype Cycle.
They are trying to automate everything as quickly as possible.
The failure rates are extremely high.
Depending on the study, somewhere between 80% and 86% of AI initiatives are currently failing.
That does not mean AI itself is failing.
It means organisations are applying it immaturely.
Some companies are now entering the next phase:
- becoming more selective,
- focusing on valid use cases,
- and identifying where AI genuinely creates value.
We saw the same thing happen with:
- cloud,
- blockchain,
- managed infrastructure,
- and other major technology waves.
Eventually organisations move from hype to practical application.
That is where real value starts to emerge.