Some AI jobs demand a huge hardware buildout in the office, others require nothing more than a subscription to a cloud-based AI service such as OpenAI or Google Gemini.

Deciding whether to build out a customized AI platform, buy (or rent) one from a third-party vendor, or wait and see what the future brings is a critical choice, especially as many AI deployments haven’t paid off yet. For IT pros who decide to build, how can they ensure their AI hardware and software doesn’t become “shelfware”?

A 2025 MIT study revealed that 95% of 300 publicly disclosed AI initiatives found zero return on their investments.

In many cases when building out customized AI, “the reality is the servers become the equivalent of shelfware,” Dean Chyla, solutions director for compute and AI at solutions integrator Insight Enterprises’s Infrastructure Center of Excellence, told IT Brew. “They’re sitting there. Maybe configured, maybe not configured, certainly not optimized. And there’s kind of a long road for customers like that, where they need to build the skills to actually use it.”

The questions you should ask before buying AI hardware.—BH

Sir Isaac Newton found that what goes up must come down, and though he was thinking about objects under the force of gravity, that very same thing happened for cyber insurance claims in the first half of this year.

According to a new report from cyber risk management firm Resilience, cyber insurance claims fell 53% in the first half of 2025 compared to the same period last year. During this period, the average loss incurred from claims fell 11%. Resilience’s findings are based on analysing its internal insurance claims.

While Resilience said the decline in cyber claims indicates a “stabilization in the cyber risk environment,” the firm found that the severity, or the incurred losses of ransomware attacks, grew 17% YOY in H1 2025.

This year’s highs and lows in cyber insurance claims.—BM

The last time the National Institute of Standards and Technology (NIST) revised its framework about digital identity, it was 2017. Fidget spinners and Ed Sheeran were big, and far fewer people could define a “deepfake.” Now, with companies facing tons of new identity-related cyber threats, NIST has given its framework a much-needed update.

Specifically, the NIST framework’s fourth revision for its Digital Identity Guidelines shares the technical requirements for “meeting digital identity assurance levels for identity proofing, authentication, and federation,” which include security and privacy requirements and improved customer experience, according to NIST’s blog post.

For IT pros responsible for ensuring employees access sensitive and identifiable information in a safe and reliable way, the NIST framework can help provide guidance for navigating fraud threats, especially as cyberattackers look for new and sophisticated ways to access secrets and systems.

“These guidelines are ultimately intended to make navigating the digital world more secure and convenient by providing a framework to understand online risks and controls that can better protect our critical online services,” NIST stated.

NIST’s Digital Identity Guidelines makeover.—CN

Learn effective strategies to minimize unplanned downtime in critical IT systems. This article explores the financial and reputational effects of service disruptions, highlights essential tools like Building Management Systems and Computerized Maintenance Management Systems, and emphasizes the importance of redundancy and proactive incident response planning to ensure consistent uptime.