Laurent Giraid is a seasoned technologist and strategist with an extensive background in artificial intelligence and machine learning. His work focuses on the intersection of natural language processing and the ethical implementation of AI within complex enterprise ecosystems. As traditional software procurement models face disruption from rapid, AI-assisted development, Laurent provides a critical perspective on how organizations can balance the raw speed of innovation with the necessary rigors of IT governance.
In this discussion, we explore the shifting economics of the “build versus buy” debate, the specific software categories most vulnerable to custom replacement, and the growing phenomenon of shadow IT. We also examine the technical requirements for moving prototypes into production and the essential role of governed environments in securing long-term return on investment.
Building software was once reserved for large engineering teams, but AI has significantly lowered development costs. How should companies now evaluate the value of per-seat SaaS pricing against custom prototypes, and what specific operational metrics indicate that a build-first approach is the better financial decision?
The traditional math that favored buying over building has fundamentally flipped because the cost to code a piece of software has essentially dropped to zero. In the past, a custom internal tool might have cost six figures and months of labor, but today an operations lead can spin up a working prototype in just one or two days. While the cost of building has dropped by an order of magnitude, SaaS pricing has remained stubbornly flat, still charging per-seat for generic tools that often require additional expensive customization. To determine if building is the right move, companies should look at “time-to-value” and specific productivity gains; for instance, many teams report saving six or more hours per week after deploying custom solutions. When 78% of builders plan to increase custom tooling by 2026, it signals that the ROI of bespoke tools is now outperforming the rigid cost structures of general software vendors.
Generic workflow automations and admin tools often struggle to fit unique organizational structures. Why are these specific categories being replaced by custom builds more frequently than CRMs, and what steps are necessary to ensure these bespoke tools integrate seamlessly with existing enterprise data systems?
Workflow automations and internal admin tools are at the top of the replacement list, with 35% and 33% of teams respectively looking to build their own, because these tools must reflect the unique business logic and compliance needs of a specific company. A purchased tool optimizes for the “average case,” which often results in awkward workarounds and disconnected data silos that frustrate users. Replacing these is usually an additive process—rather than ripping out a massive CRM like Salesforce, teams are building custom layers that connect directly to their actual data sources to fix specific gaps. To ensure seamless integration, it is vital to move beyond “vibe-coded” prototypes that use sample data and instead focus on building within platforms that provide native connectivity to production environments. This allows the custom tool to function as a high-fidelity extension of the enterprise’s existing data architecture rather than an isolated island of information.
Many builders bypass IT oversight because they can develop tools faster than procurement can provision them. What are the primary security risks when these “shadow” tools connect to production data, and how can organizations implement a governance model that prioritizes speed without sacrificing data privacy?
The rise of shadow IT is a massive demand signal, with 60% of builders creating tools outside of IT oversight because they can build faster than procurement can move. The primary risk is the creation of an expanding security surface that IT cannot see, where tools are connected to production data without audit trails or role-based access controls. This is not a small financial risk; AI-associated data breaches can cost organizations more than $650,000 per incident. To fix this, organizations must move away from suppression and instead create “governed environments” where builders have the freedom to move fast within a pre-approved security framework. By providing a trusted playground with built-in permissions, IT can enable innovation while ensuring that every new automation remains visible and compliant.
While many prototypes look impressive, they often lack the audit trails and access controls required for production. What are the key technical requirements for transitioning a tool from an ungoverned prototype to a secure, enterprise-ready application, and how does providing access to real data sources influence this process?
Transitioning a tool from a prototype to a production-ready application requires three non-negotiable pillars: real-time connectivity to production data, a robust security and permissions model, and a formal review process for deployment. A prototype running on sample data is just a proof of concept, but it only becomes useful when it can interact with live systems like a Salesforce instance or a proprietary database. However, connecting to real data increases the stakes, making role-based access control essential to ensure that only authorized personnel can view or modify sensitive information. The 51% of builders who successfully ship production software are those who bridge this gap by moving their projects into a governed space where these technical guardrails are automated and standardized.
Data privacy and security remain the top concerns for executives overseeing AI-assisted development. How can teams build a “governed environment” that actually encourages innovation rather than stifling it, and what happens to the long-term ROI of software projects when accountability infrastructure is missing?
A governed environment encourages innovation by removing the “fear factor” for builders, allowing them to experiment knowing that the underlying infrastructure is already secure and compliant. With 73% of leaders citing data privacy as their top AI concern, governance is no longer a bottleneck but a prerequisite for scaling. When accountability infrastructure is missing, it becomes impossible to measure productivity metrics, leaving 35% of organizations unable to even prove their AI projects are working. Without these metrics and audit trails, the long-term ROI collapses because the tools cannot be audited for efficiency, and the risk of a costly security breach looms over every successful deployment. True ROI is only realized when speed is paired with a transparent governance model that justifies the shift from buying to building.
What is your forecast for the evolution of the build-versus-buy landscape in the enterprise?
I forecast that by 2026, the “build-first” mentality will become the standard operating procedure for any workflow that provides a competitive advantage, leaving “buying” restricted to only the most commoditized back-office functions. We will see a massive consolidation of shadow IT into unified, low-code governance platforms that allow non-engineers to ship production-grade software with the full blessing of the C-suite. As AI continues to drive the cost of development toward zero, the most successful enterprises will be those that stop acting like software consumers and start acting like software factories. The companies that fail to provide these governed building environments will find themselves trapped in expensive, generic SaaS contracts while their more agile competitors build bespoke, highly efficient engines of growth.
