AI as Infrastructure in Energy IT: 2025 Procurement and Governance

Yogi Schulz’s Top‑10 reflections on information technology in 2025 crystallize a simple but profound idea: AI moved from a feature to an infrastructure layer that reshaped procurement, power planning, cybersecurity, and day‑to‑day operations across the energy industry.

Background / Overview​

2025 was the year many organizations stopped treating artificial intelligence as a collection of point tools and started treating it as a long‑lived, capital‑intensive platform that demands planning for power, site permitting, data governance, and vendor dependence. Yogi Schulz’s ten reflections — ranging from generative AI’s maturation to edge computing’s rapid expansion — map directly to the operational challenges energy companies already face: remote sites, heavy telemetry, long equipment lifetimes, and high regulatory scrutiny.
Independent verification of several core claims is possible and useful. Public reporting and analyst coverage confirm both (1) major new model releases and product variants during 2024–2025 and (2) an historic surge in data‑centre investment and planning tied to AI workloads. At the same time, many headline dollar figures and optimistic vendor ROI claims are conditional, staged over multiple years, and should be treated as contractual starting points rather than deliverable guarantees.

---

1) AI dominated every conversation — what that meant in practice​

AI stopped being a lab experiment and became a governance and capital planning problem for boards and CIOs. Energy firms found themselves negotiating not only software license terms, but also power purchase agreements (PPAs), substation upgrades, and long‑term capacity commitments with hyperscalers and colocation providers.
This shift has three direct implications for Windows‑centric IT teams in energy:

• Treat compute and site power as infrastructure items in the same way you treat pipelines and substations.
• Require procurement language that specifies delivery milestones, utilization targets, and exit/portability terms.
• Start cross‑functional planning cycles (IT, OT, legal, energy procurement) to align timelines and responsibilities.

---

2) Generative AI advanced processes and creativity — model landscape and verification​

Major model families advanced rapidly in 2025: OpenAI’s GPT‑4o (and iterative improvements), Anthropic’s Claude 3.x series, and Google’s Gemini 2.5 family were all part of the year’s headline releases. These releases materially increased multimodal and reasoning capability available to enterprise workflows.
What to verify when a vendor promises an “AI feature”:

• Ask for model identifer and version (for example, GPT‑4o, Claude 3.7, Gemini 2.5) and confirm what provisioning tier (cloud hosted, private tenancy, or on‑prem inference) they use.
• Request a model card and dataset provenance to understand training data regimes and any known limitations or guarded behaviors.
• Test hallucination rates and grounding for your critical data using representative queries before production rollout.

Analysis: these models can compress engineering cycles (code scaffolding, report drafting, technical research), but the risk of uncontrolled outputs in safety‑critical domains remains. Retrieval‑augmented generation (RAG) and strict grounding are essential for any use that affects field operations or regulatory filings.

---

3) Massive data‑centre expansion for AI infrastructure — scale and constraints​

The boom in generative AI drove unprecedented demand for GPU and accelerator capacity, prompting record capital plans from hyperscalers, dedicated "neocloud" builders, and some AI firms choosing to own portions of their stack. Independent industry trackers documented tens of billions of dollars in announced multi‑year commitments and a spike in planning for multi‑gigawatt data‑centre campuses.
What is verified:

• Energy and infrastructure analysts recorded significant growth in data‑centre electricity consumption and new site permitting activity tied to AI workloads.
• Large headline commitments (multi‑billion programs) are real as announcements but are frequently staged, contingent on financing, and dependent on local grid permitting. Treat them as conditional until site‑level milestones are met.

Operational consequences for energy firms:

• Data‑centre projects create new revenue streams (PPAs, grid upgrades) but also concentrate risk around single counterparties.
• Windows IT teams supporting corporate and OT stacks must plan for new interdependencies — for example, data‑centre outages can affect vendor access and telemetry ingestion if not designed with multi‑region resilience.

---

4) AI experimentation — what pilots taught enterprise teams​

Widespread experimentation has been valuable for learning but also exposed recurring failure modes: poor data quality, weak telemetry provenance, tokenized cost surprises, and a shortage of staff experienced in operating models and inference pipelines at scale. Pilots frequently fail to produce compelling business cases until organizations address foundational data quality and governance problems.
Common pilot findings:

• Hallucinations and misleading outputs are frequently traced back to poor schema documentation and uncurated time‑series data sources.
• Many early ROI models do not account for ongoing model inference costs, egress fees, or the internal staff time required for model governance.
• Talent shortages remain acute for engineers who can bridge MLOps, OT protocols, and secure Windows domain administration.

Practical pilot discipline (short checklist):

• Define measurable KPIs (cost per prediction, error bounds, operator time saved).
• Require explicit exit criteria and a cost‑per‑query forecast.
• Insist on vendor export of raw telemetry in a standard format to avoid lock‑in.

---

5) Proliferation of IoT and smart devices — scale, cost, and the AI necessity​

The number and variety of IoT endpoints surged, especially across wells, pipelines, and remote facilities. Devices became cheaper and smarter, driving an explosion of telemetry that in practice requires AI for effective analysis at scale. Forecasts and market commentary in 2025 indicated strong adoption curves and increasing edge processing to reduce egress and latency.
Key operational points:

• Edge preprocessing is now a de‑facto requirement to limit bandwidth and control costs.
• Standardize telemetry schemas and retention policies to reduce hallucination risk when that data is used in model prompts.

Security and lifecycle management remain the hardest parts: secure boot, image signing, certificate lifecycle automation, and remote remediation are non‑negotiable for fleets operating in harsh environments.

---

6) Low‑code / No‑code platform advances — democratization versus governance​

Low‑code/no‑code platforms accelerated application delivery, allowing business teams to replace slow IS projects with rapid apps. However, many organizations rolled these out without a Center of Excellence or sufficient governance, producing brittle, unscalable solutions that created operational and security risks.
Benefits:

• Faster time‑to‑value for internal dashboards, approvals, and small workflow apps.
• Reduced pressure on centralized developer teams for non‑mission‑critical automation.

Risks:

• Lack of lifecycle governance, version control, and security sign‑off can lead to compliance and availability issues.
• Low‑code artifacts often embed secrets and make dependency mapping difficult.

Recommendation: establish a CoE with CI/CD integration, security gates, and portability standards before broad rollout.

---

7) AI‑infused vendor solutions — signal versus noise​

Every SaaS vendor added AI claims in 2025. Some features were practical (domain‑specific retrieval, RAG with auditable sources), while many were marketing additions that offered marginal value. Independent practitioner reviews show highly variable outcomes by domain, with the best benefits realized where vendors ground model outputs in enterprise data and provide model‑level governance.
Vendor procurement checklist:

• Demand model cards, deterministic SLAs (latency and cost), and dataset provenance.
• Require exportable raw data and a fallback mode when AI services are unavailable.
• Insist on versioning and audit trails for any AI outputs used in compliance or reporting.

---

8) Cybersecurity reinvented with AI and quantum‑safe tools​

Cybersecurity matured in two complementary directions in 2025: widespread adoption of AI‑driven detection/response tools, and the start of enterprise migration planning for post‑quantum cryptography (PQC). NIST’s PQC standards and guidance from national agencies accelerated vendor support for hybrid classical/PQC schemes.
Why this matters now:

• Attackers weaponize AI to scale social engineering and obfuscate payloads; defenders must adopt AI to keep pace.
• Long‑lived archives, legal records, and firmware images are high‑value targets for future quantum decryption; identify and prioritize these assets for PQC migration now.

Immediate actions:

• Inventory cryptographic assets and classify by longevity and sensitivity.
• Require crypto‑agility in vendor contracts and begin hybrid PQC testing for critical flows.
• Adopt zero‑trust identity and device posture controls across Windows and OT environments.

---

9) Blockchain beyond cryptocurrency — where it actually works​

In 2025 blockchain deployments matured into pragmatic, permissioned ledger use cases: supply‑chain provenance, auditable contracts, and decentralized identity saw real operational adoption, while many speculative pilots folded or were scaled back. The technology is not a universal remedy but can materially shorten traceability in multi‑party processes when governance is well‑designed.
Practical guidance:

• Use permissioned DLTs with clear governance for cross‑company provenance problems.
• Avoid treating blockchain as a substitute for well‑engineered integration or sound contractual practices.

---

10) Explosion of cloud and edge computing integration — the hybrid reality​

Edge compute adoption accelerated because of latency, resilience, and egress cost pressures, while cloud remained foundational for model training and orchestration. Hybrid and multi‑cloud topologies became the pragmatic norm for large energy firms seeking to balance cost, performance, and vendor risk. Analyst forecasts in 2025 indicated strong market growth for edge investments and hybrid architectures.
Operational implications for Windows IT:

• Standardize on orchestration and image‑signing tooling for edge fleets.
• Bake in secure remote patching and a tested disaster recovery plan for distributed nodes.
• Model the total cost of ownership including device replacement cycles, network transit, and security operations.

---

Strengths, systemic risks, and the verification checklist​

What was strong and real in 2025:

• Rapid improvements in model capability and multimodal reasoning that unlocked new, practical workflows.
• A growing industrial supply chain for AI compute — hyperscalers, neoclouds, and on‑prem options expanded customer choice.
• Clear, actionable guidance on PQC and early vendor support for hybrid approaches.

Systemic risks that require active mitigation:

• Concentration risk: a small set of providers controls much of frontier compute and specialized hardware. Diversify procurement and demand portability.
• Power and permitting bottlenecks: data‑centre projects depend on PPAs and substation capacity that are nontrivial to secure. Treat site readiness as a gating item.
• Governance shortfalls: rushed AI features without explainability, dataset provenance, or contractual SLAs produce audit and safety risks. Insist on model‑level governance.

Verification checklist for procurement and pilots:

• Require model version identifiers and model cards from vendors.
• Demand egress pricing and deterministic latency guarantees for inference workloads.
• Obtain vendor commitments on data export and portability as a contractual clause.
• Inventory cryptographic keys and identify long‑lived secrets for PQC prioritization.

---

Practical roadmap for Windows‑centric IT leaders in energy​

Short term (0–12 months)

• Tighten telemetry provenance: document schemas, retention, and transformations for time‑series sources.
• Pilot retrieval‑augmented generation (RAG) with controlled datasets and defined KPIs.
• Start a cryptographic asset inventory with a PQC classification for long‑lived data.

Medium term (12–36 months)

• Negotiate hybrid contracts that combine cloud burst, reserved instances, and colocation for predictable inference loads.
• Establish a low‑code/no‑code CoE to enforce portability, security signoffs, and lifecycle ownership.
• Invest in edge orchestration tooling with signed images, automated certificate rotation, and remote remediation.

Long term (3–7 years)

• Evaluate campus ownership only for very large, stable workloads; otherwise prefer flexible procurement that reduces capex exposure.
• Maintain a multi‑vendor posture to hedge geopolitical and supply‑chain risk.
• Formalize governance for AI procurement that includes exit playbooks and auditability.

---

Conclusion​

Yogi Schulz’s Top‑10 reflections are not rhetorical flourishes; they align with verifiable industry shifts in 2025 — model evolution, data‑centre expansion, IoT scale, edge integration, and the start of PQC adoption. Organizations that treat AI as infrastructure, invest in telemetry and model governance, and build explicit procurement and resilience playbooks will convert 2025’s turbulence into durable advantage. Conversely, those that chase “AI features” without addressing underlying data, security, and vendor dependencies risk costly failures. The practical winners in the coming years will be teams that combine domain knowledge of energy systems with disciplined data engineering, procurement rigor, and crypto‑aware security planning.

---

Source: EnergyNow.com TOP 10 RELECTIONS on Information Technology Developments in 2025 - Yogi Schulz - Energy News, Top Headlines, Commentaries, Features & Events - EnergyNow.com