The basis remains the bi-weekly LinkedIn listing of Tom Van ‘t veld, Learning Innovator at OASE (powered by Xylos). Tom closely follows AI developments, and we translate his observations into what they concretely mean for organizations and the people working in them. Welcome to edition three.
EDITION 3 – MAY 11, 2026
Here are five stories from the past two weeks that are most beneficial to your organization.
Microsoft and OpenAI: end of monogamous relationship
The biggest business news of the past two weeks: Microsoft and OpenAI have thoroughly redesigned their partnership agreement thoroughly rearranged. Microsoft retains its license to OpenAI’s models until 2032, but it is now no longer exclusive. Amazon responded by setting up its own OpenAI deal via AWS Bedrock, and Microsoft itself, meanwhile, is deliberately pushing for a broader model offering. A great example of that multi-model approach: the new Legal Agent for Word combines Microsoft tooling with Claude under the hood.
For Belgian organizations, this makes the choice of which AI stack to put behind which use case more important than ever. The key questions for customers today revolve primarily around where your data is ultimately processed and how you manage your model mix consciously and flexibly. The end of exclusivity opens up space for multi-model strategies, and demands tighter management on the business side.
Copilot comes of age, including in Outlook and legal workflows
Microsoft made Copilot’s agentic features of Copilot in Word, Excel and PowerPoint widely available. Copilot now performs multistep operations in documents and presentations while the user retains control. In Edition 2, we were still holding back on this. After further testing, Tom has to admit to being swayed: the results do convince. One concern remains worth noting: an agent sometimes chooses a detour to perform a task, so for production files, a quick review is still part of it.
On top of that Copilot in Outlook agentic features to manage inbox and calendar, for now for Frontier customers with a gradual rollout to broader user groups. And then there’s the aforementioned Legal Agent for Word for contract analysis and redlining, currently available only in the U.S. Those who want to leverage agentic features without surprises are best continuing to invest in internal review processes and targeted adoption guidance.
The big AI rollouts: Accenture, Cloudflare and what lies in between
Accenture rolls out Microsoft Copilot to all its 743,000 employees, the largest enterprise Copilot deal to date. At the same time, Accenture announced Cloudflare announced it was laying off 1,100 people, about 20% of its workforce, to move toward an “agentic AI-first” business model. CEO Matthew Prince stresses that this is not a cost-cutting exercise, Cloudflare just posted revenue growth of 34%. Although that may sound like cold comfort to those affected.
Between those two extremes is where most Belgian organizations find themselves. Increasing productivity with AI rarely succeeds by simply handing out licenses. It requires a gradual rollout with training, communication, governance and clear agreements on the role of AI per job profile. Good guidance ensures that such a rollout actually pays off.
Cybersecurity: credentials are the new prey
Six research teams documented over nine months how Claude Code, GitHub Copilot, Codex and Google’s Vertex AI were hacked. The common thread: each attacker specifically targeted credentials held by the AI agent. The valuable prey for attackers is in all the systems the agent has access to.
Two illustrations of how large that attack surface has now become. Five thousand “vibe-coded” apps built with Lovable, Replit and Base44 were found to be on the open web without any authentication, resulting in medical records, financial data and internal strategy documents. Microsoft almost simultaneously made its own disclosed three critical vulnerabilities in Microsoft 365 Copilot and patched them immediately on the cloud side. That kind of proactive disclosure is part of mature platforms, and at the same time a reminder that each new AI layer also brings new concerns.
Meanwhile, the Mythos saga from last issue gets a continuation. Mozilla reported that in two months Mythos found 271 vulnerabilities in Firefox with virtually no false positives, and the NSA deploys Mythos for vulnerability research in common software, including Microsoft’s. The message for security teams is clear: AI agents in your stack require as much attention to identity and access management as to choosing the models themselves.
AI at school: time to take AI literacy seriously
From our own country came a telling statistic: half of Flemish high school students use AI weekly for schoolwork. Fourteen percent outsource assignments entirely to AI and 35% rarely check the output. The hopeful thing: the pupils themselves are asking for clear agreements.
The question is broader than education alone. AI literacy begins in school and continues to grow in the workplace. Those entering the job market now bring these habits with them, both the smart ones and the worrisome ones. For organizations, this is a two-way invitation: support teachers and educators on the entry side, and continue to train internal employees on the work side. AI skills are built through an ongoing competency pathway with regular in-service training.
We will be back in two weeks with the next edition.
About Tom Van ‘t veld
Tom has been working for Xylos for years, where he started as a Microsoft Office trainer and grew into the driving force behind innovative learning concepts. He is at the basis of OASE, Xylos’ online learning platform, and developed, among other things, the Digital Coach concept, a Microsoft Teams Escape Room app and the mAindset game that allows employees to playfully learn to promote AI. As a Learning Innovator, he has been increasingly focusing his gaze in recent years on what AI means for the way we learn and work. Respond or chat on? Find him at LinkedIn.
