Contact

Contact HaxiTAG for enterprise services, consulting, and product trials.

Showing posts with label enterprise AI applications. Show all posts

Wednesday, May 6, 2026

CyberAgent's Enterprise-Level AI Agent Deployment: Unpacking the 93% Active User Rate Through Voluntary Adoption Strategy

May 06, 2026

Case Overview and Core Themes

Company Background and AI Strategic Framework

CyberAgent, a leading Japanese internet company with diversified business operations spanning advertising, media and IP, as well as gaming sectors, stands as a representative enterprise in the Asia-Pacific technology, media, and entertainment industries. The company's journey into artificial intelligence began as early as 2016, when it established a dedicated AI laboratory (AI Lab) focused on AI research and development related to digital marketing. This early strategic investment laid a solid technical foundation and cultivated an organizational culture that would later prove instrumental in the successful deployment of enterprise-level AI agents.

In 2020, CyberAgent launched the "Kiwami Prediction AI" system, specifically designed for intelligent optimization of advertising creative production. By 2023, the company further established the "AI Operations Office" to oversee the construction of an enterprise-level AI application framework and governance system at the organizational level. This clearly delineated developmental trajectory demonstrates CyberAgent's strategic positioning of AI as a core organizational asset rather than merely a technological tool.

Core Deployed Products and Tool Ecosystem

In terms of specific product deployment, CyberAgent adopted a dual-core tool strategy. ChatGPT Enterprise serves as a general-purpose AI assistant, primarily addressing daily office scenarios including research analysis, content creation, and information organization. Codex functions as a professional-grade programming assistant, covering specialized development workflows such as code review, design discussions, documentation, and development planning. This clearly differentiated tool configuration strategy not only satisfies the diverse business needs of the enterprise but also ensures deep application value in specialized scenarios.

Central Theme: Voluntary Adoption and Culture-Driven AI Integration

The most remarkable aspect of the CyberAgent case lies in its distinctive approach characterized by a "non-mandatory, voluntary adoption" strategy. Without implementing any compulsory usage policies, ChatGPT Enterprise achieved a remarkable 93% monthly active user rate, with usage spanning virtually all departments and over 100 employees participating in more than ten training sessions. This achievement subverts the conventional wisdom that "mandatory enforcement is necessary to ensure adoption rates" in traditional enterprise software deployment, revealing instead the possibilities that emerge when AI achieves deep organizational penetration through cultural construction and knowledge sharing.

In-Depth Analysis of Application Scenarios and Effectiveness Assessment

Multi-Scenario Application Practices of ChatGPT Enterprise

Within daily office operations, the application of ChatGPT Enterprise exhibits remarkable breadth and depth. Research analysts leverage it for rapid market intelligence consolidation and competitive analysis. Content operations teams utilize it for copywriting and creative brainstorming. Product managers employ it for structured documentation of requirements and efficient meeting minutes generation. Crucially, ChatGPT Enterprise does not simply replace human work; instead, it assumes the role of a "thinking partner," helping employees gain multi-dimensional reference information in complex decision-making scenarios.

In terms of information security, CyberAgent fully leveraged the enterprise-grade security capabilities of ChatGPT Enterprise, including account management, usage visibility, and access control. The company established a comprehensive internal guideline system that clearly delineates acceptable information types for AI tool input while implementing strict protection for confidential data. This security governance framework achieves an effective balance between AI application scalability and data protection.

Deep Integration of Codex in Development Workflows

The introduction of Codex brought significant transformation to CyberAgent's development workflow. In design review processes, Codex can comprehensively evaluate and stress-test design proposals from multiple perspectives, helping teams achieve more thorough consensus before implementation and significantly reducing rework caused by design flaws. Developer Hidekazu Hora remarked: "Codex functions like a reliable partner, supporting the entire process from discussing implementation approaches to execution, effectively enhancing development speed."

In the code review dimension, Codex not only generates improvement suggestions but also assists teams in selecting optimal options among multiple alternatives. Notably, Codex's value extends beyond mere coding speed improvement to systematic enhancement of development quality. As Sou Yoshihara, a senior Codex power user from the AI Business Division, evaluated: "Compared with other programming models, Codex gives the impression of producing higher-quality proposals. It is not merely a tool but rather a methodology for optimizing the overall development process."

Signature Project Cases: Kiwami Prediction AI and WormEscape

The Kiwami Prediction AI project deeply applied Codex's MCP (Model Context Protocol) capabilities during its design and implementation planning phases, achieving high-integration AI capability with the professional development environment through the Cursor editor. This case demonstrates how AI Agent capabilities can be seamlessly embedded within existing professional development toolchains.

The development cycle for the WormEscape game was completed for a soft launch in approximately one month, with Codex playing a pivotal role. This case powerfully validates AI Agent's practical value in accelerating product development cycles while demonstrating that AI can effectively help developers rapidly overcome knowledge barriers even in areas where they lack prior experience.

Utility Analysis and Value Assessment

Dual-Dimensional Examination of Quantitative Metrics and Qualitative Benefits

From a quantitative perspective, the 93% monthly active user rate, participation exceeding 100 employees per training session across more than ten sessions, and usage coverage spanning virtually all departments—these metrics fully validate the high penetration and acceptance of AI tools within CyberAgent. However, what deserves greater attention are the driving factors and sustainability mechanisms behind this success.

From a qualitative dimension, CyberAgent's AI application achieves multi-layered value: enhanced decision quality—through multi-perspective analysis supporting more comprehensive judgment; improved collaboration efficiency—the application of Codex in design reviews significantly reduced internal communication costs and rework frequency; strengthened knowledge transfer—AI tools emerged as effective supplementary means for newcomers to rapidly familiarize themselves with business and technology; unleashed innovation capacity—employees liberated from repetitive tasks channeled more energy into creative endeavors.

The Success Logic Behind the Non-Mandatory Strategy

CyberAgent's choice to forgo mandatory adoption policies achieved high penetration rates through the following mechanisms:

Knowledge sharing mechanisms constitute the core driving force. Internal promotion of effective prompts and successful application cases created a virtuous knowledge dissemination network. Rather than being compelled to use AI, employees proactively learned and experimented after witnessing high-value applications by colleagues. This bottom-up diffusion model possesses stronger sustainability and deeper penetration than top-down administrative mandates.

Visibility-based incentives likewise played a significant role. The company established an internal usage ranking system; while data was not used for performance evaluation, it provided employees with benchmarks for self-reference and target pursuit. This transparent feedback mechanism satisfied employees' cognitive needs for self-improvement while avoiding resistance stemming from coercion.

Automated follow-ups ensured implementation continuity. For employees who had not used the tools for extended periods, the system automatically sent reminders via Slack, though these follow-ups represented gentle guidance rather than mandatory requirements. This design respected employees' learning pace while ensuring sustained tool promotion.

Tiered training systems addressed differentiated needs. Training courses spanning from beginner to advanced levels covered employees of varying roles and skill levels, ensuring everyone could find a suitable learning path.

The Art of Balancing Security and Scalability

In advancing AI applications, CyberAgent fully recognized the prerequisite importance of security governance. Through establishing clear internal guidelines, strict account management systems, and usage visibility functions, the company effectively controlled information security risks while expanding AI application scope. As Ken Takao, Manager of the Data Technology Department, summarized: "With enterprise features such as account management and visibility into usage, ChatGPT Enterprise made it possible to support business use of a wide range of information, excluding confidential data. As a result, the scope of AI use across the company has expanded, and many employees now integrate AI into their daily work."

Inspirational Significance and the Elevation of AI Intelligence Applications

Universal Lessons for the Industry

CyberAgent's practices provide invaluable reference frameworks for enterprise-level AI Agent deployment. First and foremost, the priority of cultural construction should proceed in parallel with technology deployment. The achievement of a 93% active user rate reflects, on the surface, the success of tools, but at a deeper level, represents a triumph of organizational culture. When employees perceive AI as a partner enhancing their capabilities rather than a surveillance mechanism or replacement threat, voluntary adoption becomes the natural outcome.

Secondly, gradual expansion outperforms radical replacement. CyberAgent did not attempt to replace all work with AI in a single stride; instead, it progressively expanded AI application boundaries through continuous scenario discovery and successful case sharing. This strategy reduced transformation resistance, cultivated employees' AI literacy, and created conditions for subsequently deeper integration.

Thirdly, the value positioning of tools determines the depth of application. Positioning AI as a "quality judgment improvement tool" rather than a mere "speed enhancement tool" elevated Codex's application value beyond simple efficiency calculations, extending into higher dimensions such as decision quality, workflow optimization, and professional capability enhancement.

Industry Trend Insights on AI Agent Development

The CyberAgent case reflects several significant trends in the AI Agent field. From the technology integration dimension, AI agents are evolving from independent tools toward deeply embedded workflow components. The integration of Codex with Cursor through the MCP protocol demonstrates how AI capability can be seamlessly connected with professional development environments to unlock greater value.

From the role positioning dimension, AI agents are transitioning from "executors" to "collaborative partners." Employee feedback consistently emphasized AI's auxiliary value in discussion, review, and decision-making processes requiring human judgment, rather than merely replacement functions at the execution level.

From the governance model dimension, enterprise AI applications are forming a三位一体 (three-in-one) advancement paradigm of "security first, value-driven, culture-supported." Pure technology deployment cannot guarantee success; radical promotion lacking security frameworks carries substantial risks; and strategies lacking cultural support struggle to sustain.

Prospects for Intelligent Applications Toward the Future

CyberAgent regards AI as a pivotal technology that may become part of the next-generation internet industry standard. This judgment carries profound strategic insight. When AI capabilities become part of the work infrastructure, enterprise competitive advantages will no longer derive merely from "whether AI is used," but rather from "how AI is deeply integrated to unlock unique value."

For enterprises planning AI Agent deployment, the CyberAgent case provides a clear success pathway: establish a forward-looking AI strategic framework (such as the creation of an AI Operations Office); construct a comprehensive security governance system (application of enterprise-grade security features and establishment of internal guidelines); design culture-driven promotion mechanisms (knowledge sharing, voluntary adoption, tiered training); pursue deep integration rather than superficial application (embed AI into core workflows to enhance decision quality and development quality).

Conclusion

The CyberAgent AI Agent enterprise-level deployment case serves as a profound textbook on successfully transforming cutting-edge AI technology into organizational productivity. Behind its 93% monthly active user rate lies the power of culture rather than the pressure of coercion. The quality improvements brought by Codex reflect deep practice of human-machine collaboration philosophy rather than simple tool replacement logic.

The core value of this case lies in revealing the success equation for enterprise AI Agent deployment: advanced technological tools + comprehensive security governance + voluntarily-driven cultural mechanisms = sustainable deep application. As AI Agent technology continues to evolve, CyberAgent's experience reminds us that the decisive factor in technological success often lies not in the technology itself but in the depth of integration between technology, organization, and culture.

Enterprise AI Inference Security Architecture: A Deep Dive into On-Premise Deployment vs. Public Cloud Services

April 23, 2026

When enterprises introduce AI capabilities, they face a fundamental security decision: Should they deploy models and inference services on their own infrastructure (on-premise/private deployment), or leverage public cloud AI inference services? This choice not only affects costs and performance but also profoundly determines the enterprise's data security posture, compliance capabilities, and risk exposure surface. Recently, Omdia's report "Rethinking Critical AI Infrastructure" shared significant research findings. Drawing from the report's key data insights and conclusions, along with fundamental security architecture principles, this article conducts a systematic analysis across four dimensions—threat models, compliance constraints, supply chain risks, and practical validation methodologies—to provide enterprise decision-makers with a clear security assessment framework and actionable verification pathways.

The Essence of LLM Inference Security: Where the Data Goes, the Risk Follows

The core security proposition of AI inference services is: To what extent does the enterprise's proprietary data (queries, context, feedback, internal information, knowledge, know-how, and core business data) leave its own control boundary?

Standard public cloud inference service workflow:

Enterprise Application → Send Prompt (with sensitive data) → Cloud Provider API → Model Processing → Return Results

In this process, both the enterprise's input data and output results pass through the cloud provider's infrastructure. Even though cloud vendors promise "not used for training," data remains exposed to risks across transmission channels, server-side logs, memory dumps, and operator access points.

On-premise/private deployment (including on-premises servers, enterprise-controlled private clouds, and local inference on endpoint devices) differs fundamentally:

Enterprise Application → Local Model → Return Results

Data physically remains within the enterprise boundary, fundamentally eliminating risks of transmission and third-party access.

Omdia's survey validates this understanding: 76% of enterprises worry about data breaches caused by cloud services, while 99% of enterprises use proprietary data in AI workflows. The tension between these two figures is the core driving force behind the security value of on-premise deployment.

Comparative Analysis from a Security Perspective: On-Premise vs. Public Cloud

Threat Model Comparison

Risk Dimension	Public Cloud Inference Service	On-Premise Deployment
Data Breach in Transit	Exists (TLS encrypts, but endpoints and keys managed by cloud provider)	None (data doesn't leave internal network or device)
Server-side Data Residue	Exists (logs, cache, debug dumps may retain user data)	Controllable (enterprise configures log policies independently)
Cloud Provider Internal Personnel Access	Exists (requires trust in cloud provider's employee behavior controls)	None (or reduced to enterprise internal IAM controls)
Multi-tenant Side-channel Attacks	Theoretically exists (GPU sharing, memory isolation risks)	None (exclusive resource allocation)
Compliance Data Cross-border	High risk (user data may route to overseas regions)	Avoidable (enterprise controls physical data location)
Model Supply Chain Security	Black box (enterprise cannot verify if model contains backdoors or bias)	Transparent (can use open-source or self-developed models, fully auditable)
API Key Leakage Risk	Exists (key management becomes new attack surface)	Not applicable

Special Considerations for Compliance Constraints

For regulated industries (finance, healthcare, government, legal), compliance requirements often directly exclude public cloud inference:

Data Residency Regulations: EU GDPR, China's Data Security Law, and US HIPAA all require that specific data not leave the country. While cloud providers can meet regional requirements, their global operational systems may still expose data to overseas support personnel.
Audit Traceability: On-premise deployment can provide complete internal audit logs (who, when, and what data was queried), while cloud service logs are controlled by the cloud provider, making it difficult for enterprises to obtain comprehensive audit trails.
Third-party Data Processing: Many enterprises' customer contracts explicitly prohibit providing data to third parties (including cloud providers as "data processors"). On-premise deployment can avoid triggering this clause.

Omdia's report notes that only 9% of enterprises believe their strategic AI partners fully meet their requirements, with security and compliance being the primary gaps.

Underestimated Risk: Model Supply Chain Security

Public cloud inference services typically offer "closed models" (e.g., GPT-5, Claude 4.6). Enterprises cannot:

Audit whether the model's training data contains infringement or bias
Verify whether the model contains backdoors or data poisoning attacks
Ensure the model's inference behavior complies with enterprise security policies

With on-premise deployment using open-source models (e.g., Kimi 1.5, MiniMax 2.5, Qwen 3.5), enterprises can:

Review model cards and training data sources
Run security scanning tools to detect backdoors
Perform additional security alignment fine-tuning on the model

This represents a new extension of supply chain security in the AI era—models are software, and closed-source models have zero supply chain transparency.

How to Make the Right Decision for Your Enterprise

Security decisions should not be based on intuition or vendor marketing. Below is a four-step validation framework to help enterprises quantitatively assess the security suitability of on-premise versus public cloud solutions.

Step 1: Data Classification and Risk Mapping

Operation: Classify all data that might enter the AI system into three levels:

Level	Definition	Examples	Recommended Deployment Mode
L3 - Extremely Sensitive	Disclosure would cause significant legal/financial/reputational damage	Patient health information, personal identity information, unpublished financial reports, source code	Mandatory on-premise (on-prem or edge)
L2 - Moderately Sensitive	Disclosure has some impact but is manageable	Internal meeting minutes, non-confidential product documents	On-premise preferred, or strict DPA with cloud provider
L1 - Low Sensitivity	Publicly available information	Public market data, published product descriptions	Public cloud acceptable

Step 2: Threat Modeling and Attack Path Analysis

For the selected public cloud inference service, map out complete attack paths:

[Employee Endpoint] → (API Key Leakage) → [Cloud API Gateway] → (Man-in-the-Middle Attack) → [Inference Server] → (Memory Dump) → [Log System]

Evaluate each path for:

Attack feasibility (technical门槛)
Potential impact (data exposure volume)
Existing control measures (guarantees provided by cloud provider)

If unacceptable risk paths exist (e.g., "cloud provider operations personnel can directly read user prompts"), on-premise deployment becomes a necessary condition.

Step 3: On-Premise Deployment Feasibility Validation (Pilot)

Select 1-2 typical AI use cases at L2/L3 level for on-premise deployment pilot:

Pilot Option A - Edge Inference:

Hardware: Employee existing endpoints (e.g., 16GB RAM laptops) or uniformly procured high-memory devices
Models: Open-source models with <10 billion parameters (e.g., Qwen-7B, Llama 3 8B), using 4-bit quantization
Tools: Ollama, llama.cpp, MLX
Validation metrics: Inference latency, zero data exfiltration (confirmed via network packet capture), user experience

Pilot Option B - Private Cloud Inference:

Hardware: Enterprise internal GPU servers (e.g., 2x A10)
Models: vLLM or TGI deployment framework
Comparison: Latency, throughput, and operational costs versus public cloud APIs

Step 4: Residual Risk Acceptance Decision

After validation, form a risk matrix:

Deployment Mode	Major Residual Risks	Acceptability Judgment
Public Cloud	Cloud provider internal access, compliance violations, opaque supply chain	L1 data only
On-Premise	Hardware failure, malicious internal employees, model capability ceiling	Mitigated through access control and monitoring

Key Decision Principle: Security is not "no risk," but "risk is controllable." For L3 data, the residual risk of on-premise deployment (internal personnel) is far lower than public cloud (external + internal), and should be mandatory.

Practical Case Analysis: Real-World Paths for Enterprise Security Validation

Based on Omdia's report and industry practices, here are security validation results from two typical industries:

Case 1: Multinational Financial Institution (Fortune 500)

Scenario: Using AI to analyze suspicious patterns in transaction flows
Data Sensitivity: L3 (customer account information, transaction amounts)
Initial Plan: Using a certain public cloud AI API for prototype testing
Issues Discovered:
Compliance team found cloud API logs retained account information in prompts, violating internal data retention policies
Security audit showed API calls might route through overseas data centers, violating data residency requirements
Validation Action: Deployed Llama 3 70B (post-quantization) on internal GPU clusters; inference latency increased by 15%, but fully compliant
Final Decision: All inference involving real transaction data migrated to on-premise; cloud APIs retained only for public data testing

Case 2: Medical AI Startup

Scenario: Extracting structured diagnostic information from physician notes
Data Sensitivity: L3 (Protected Health Information/PHI)
Initial Plan: Planning to use publicly hosted open-source model services
Issues Discovered:
HIPAA requirements mandate signing business cooperation agreements with cloud providers, but the startup couldn't afford audit costs
Some patient data carries "de-identification" risk; any transmission constitutes a violation
Validation Action: Running Mistral 7B model locally on MacBook Pro (64GB RAM); data never leaves the laptop
Final Decision: All PHI processing completed on-device; cloud services only handle anonymized statistical information

Security Is Not Black and White, But Structured Decision-Making Is Possible

Core Conclusions

Security boundaries are determined by physical data location. No matter how public cloud inference services encrypt or authenticate, they cannot change the fact that "data leaves the enterprise's control domain." For extremely sensitive data, on-premise deployment is the only choice that aligns with zero-trust architecture.
The security advantages of on-premise deployment extend beyond breach prevention to include auditability, controllability, and isolation. Enterprises can independently decide log retention, access permissions, and model versions, unaffected by cloud provider policy changes.
Model supply chain security is an emerging high-priority risk. Using closed-source cloud models means fully delegating inference logic security to third parties; enterprises cannot verify whether models contain backdoors, bias, or poisoning. On-premise deployment combined with open-source models provides full-stack transparency.
"Hybrid security architecture" is a pragmatic path. Not all data requires equal protection. Enterprises should establish data classification systems: L3 data mandates on-premise deployment, L2 data prioritizes on-premise but can accept strict DPAs, and L1 data can safely use public cloud services.

Omdia Report's Core Contributions on Security Issues

The report debunked two myths with empirical data:

Myth One: "Only super-large models have value, and super-large models must be cloud-based." The report indicates 57% of enterprise models have fewer than 10 billion parameters, and unified memory architecture can run hundred-billion-parameter models locally. The technical feasibility of on-premise deployment has been validated.
Myth Two: "Cloud provider security certifications are sufficiently reliable." The report shows only 9% of enterprises are completely satisfied with their partners, while 76% worry about data breaches. Security is not just about certifications; it's about trust and architectural choices.

Limiting Conditions (Honest Boundaries)

On-premise deployment is not without security challenges:

Internal Threats: After data localization, malicious or negligent internal personnel may directly access models and raw data. This requires strict IAM, audit, and DLP measures.
Device Physical Security: Loss or theft of endpoint devices (laptops, workstations) becomes a new risk surface. Full-disk encryption and remote wipe capabilities must be enabled.
Model Leakage Risk: Model files deployed in private environments are intellectual property themselves and require protection against unauthorized copying and exfiltration.
Update and Patch Management: Models and inference frameworks in on-premise deployment require continuous security updates, increasing operational burden.

Final Recommendations

For Enterprise Decision-Makers:

Immediately initiate data classification and AI use case risk assessment, clarifying "which data will never go to the cloud."
For L3 data, mandate on-premise inference pilots to verify technical feasibility and costs.
Don't default to cloud APIs as the first choice; instead, treat them as "low-sensitivity data exclusive channels."
Incorporate model supply chain security into procurement evaluation systems, prioritizing open-source models that can be deployed locally.

For Security Teams:

Include AI inference in data loss prevention monitoring to detect whether sensitive data is being sent to cloud AI APIs.
Establish security baselines for on-premise inference: encryption, access control, log auditing, and model integrity verification.
Conduct regular penetration tests of public cloud AI services (within authorized scope) to verify data isolation commitments.

One-Sentence Summary: The choice of security architecture is essentially the design of trust boundaries. Privatizing AI inference means contracting the trust boundary to within the enterprise's controllable scope—this is the most straightforward, yet most effective, security principle.

This analytical framework is based on Omdia's "Rethinking Critical AI Infrastructure" (January 2026) research data, supplemented by the NIST AI Risk Management Framework, OWASP LLM Security Cheat Sheet, and other publicly available standards.