Signal Brief — March 10, 2026: The Speed Gap

Monday, March 10, 2026

📈 EY Documents 4x–5x Coding Productivity — but Only When Agents Connect to Internal Standards — VentureBeat / EY
Enterprise AI
EY documented a 4x–5x coding productivity gain on teams using Factory Droids coding agents — with a critical finding: the gains only materialized when agents had access to internal engineering standards, compliance frameworks, and institutional code context. Teams that deployed the same agents without that organizational grounding reported more cleanup work than they saved. EY also published a workload classification separating high-autonomy tasks (code review, docs, defect fixing, greenfield features) from human-required ones (architecture decisions, large refactors, cross-system integrations). The productivity is real. The integration architecture is the variable that determines whether you get 4x or negative ROI.

🛡️ Malicious AI Extensions Hit 900K Installs, Harvesting Chat Histories Across 20K Enterprise Tenants — Microsoft Security Blog
AI Security
Microsoft Defender confirmed 900,000+ installs of Chromium extensions impersonating AI productivity tools — ChatGPT sidebars, DeepSeek assistants — that silently harvest full LLM conversation histories, session tokens, and browsing data. Active telemetry confirmed the exfiltration across 20,000 enterprise tenants. A new wrinkle: some agentic browser configurations downloaded these extensions automatically, bypassing user approval entirely. The attack surface here is employees doing exactly what they're supposed to do — using AI tools to be productive — while the tools themselves are data exfiltration channels in disguise.

⚠️ Microsoft: 1.3 Billion AI Agents by 2027 — 53% of Companies Lack GenAI Security Controls Now — Microsoft Tech Community
Enterprise Readiness
Microsoft's security team published a new framework positioning agentic security as a structural paradigm shift, not an AI add-on to existing controls. The numbers are uncomfortable: 1.3 billion AI agents projected globally by 2027, while 53% of companies currently operate without GenAI-specific security controls and 80% of Fortune 500 firms are already deploying agents using consumer-grade tooling. The shift they're describing — from perimeter-based to behavior-based governance — is not a future project. Enterprises deploying agents today without behavior monitoring are already operating in the gap.

📡 More signal, less noise → www.thesignal.press