Monday Morning Brief | Week of July 6th
Drunks and Fireworks... it's not much different that stakeholders and my normal daily dumpster fire of problems. This is how Procurement rolls. Happy 4th!
Welcome back after a long weekend of cheeseburgers and fireworks. Hopefully, you made it through unharmed. I realize this is a big vacation week and half of you will read this from a lake house with one bar of signal and a open can of vacation juice while the other half are quietly refreshing a renewal quote you swore you would handle before the holiday.
No judgment. Anyone who tells you they’re not in the same boat is lying or on vacation…
Let us start with a funny story…
The software companies whose whole pitch was that AI agents will replace your headcount watched their own stock get taken to the woodshed, because investors finally asked the same question you have been asking on every renewal call: if the agent does the work, why am I still paying per seat.
On June 29 the enterprise software index had its worst day of the year, and the same vendors are now inventing brand new fees to charge you when your agent touches the data you already pay them to store. Meanwhile, actual cybersecurity vendors got breached… through a sales battlecards tool. If you wrote this as fiction, your editor would send it back for being too on the nose.
It’s already starting off as a good week! More on this below…
If you’ve been reading, you know the deal by now… six stories, a contracting section with a fresh AI clause you can steal, a vendor fiscal calendar that tells you exactly whose sales rep is sweating this month, and every date worth putting on your calendar.
No fluff.
No corporate doubletalk.
Let’s go (but scream it like Tom Brady!).
INDIRECT + SAAS
The SaaS selloff is your renewal leverage. Use it before the vendors calm down.
If you renew any seat-based software this quarter, the single most useful thing that happened last week is that your vendor got scared. On June 29, enterprise software valuations cratered, with ServiceNow, Salesforce, Workday, and Adobe all down more than 35 percent on the year and ServiceNow trading at a forward earnings multiple of about 25 against a five year median near 145 (GuruFocus, June 29). The market is betting that agents erode seat revenue. That fear is your opening.
Here is the twist you need to watch on the paper. The same vendors are answering the seat erosion problem by building tollgates. ServiceNow rolled out Action Fabric, a layer that meters and charges you every time an outside AI agent touches data you already store in their platform, with pricing set per action (PYMNTS). Workday meters external agents per call through its Agent Gateway. SAP is routing agent traffic through its own hub. Translation for your budget: the thing you bought to save labor now carries a new usage line that did not exist in last year’s order form. If your redline does not address agent access, you are signing a blank check.
But at the same time, take a moment… enjoy this a bit. The disruptor got disrupted by its own slide deck.
Watch what they do about it, because that is the genuinely funny part. Having promised a world where agents roam free and do all the work, they are now sprinting to bolt a toll booth onto every door those agents walk through. They hyped the highway, cut the ribbon, let everyone on, then started charging by the mile. That is not the posture of a company calmly steering the future it invented. That is the posture of a company that lit the fire, realized it never sold fire insurance, and is now quietly trying to expense the fire truck to you. None of it makes them evil. It makes them nervous… and nervous vendors sign better deals. So enjoy the show for exactly one minute, then open the redline while they are still rattled.
DO THIS WEEK
Pull every seat based renewal closing before September and split the conversation in two. First, press for a real discount now while the vendor is defending its seat count, and ask for a multiyear price lock rather than a one year concession. Second, add one sentence to the order form: authorized AI agents acting on the customer’s behalf may access customer data at no incremental per action or per call charge for the term. If they will not agree, get the metered rate capped in writing before you sign, not at true up.
FEDERAL + FAR
The FAR rewrite hit the Federal Register. Comments close July 23, and yes, commercial buyers should care.
Even if you never touch a federal contract, the clause library you quietly copied into your commercial templates is being renumbered under you. On June 23, the FAR Council published the first four proposed rules of the Revolutionary FAR Overhaul, covering FAR Parts 1, 2, 3, 4, 5, 6, 7, 10, 18, 24, 26, 29, 33, 37, 39, 40, 41, 49, 52, and 53, and the comment window is the bare minimum 30 days, closing July 23, 2026 (White House, June 25). If your contracting officer starts citing Part 40 for security requirements and your matrix still points at Part 39, that mismatch is now yours to explain.
Two changes matter for how you actually negotiate. Public award announcements are no longer required below 5.5 million dollars, up from 4.5 million, so competitive intelligence you used to pull from award notices gets thinner (GovExec, June 23). Separately, effective for defense contracts entered after June 30, the certified cost or pricing data threshold jumped to 10 million dollars, which reshapes what pricing support a defense supplier owes you (Government Contracts Law). This is a rare moment where the rulebook is genuinely open to comment. Silence is a choice.
DO THIS WEEK
Run a find and replace audit on your contract templates and compliance matrices for hard coded FAR and DFARS clause numbers, because new solicitations are already using the revised numbering. If any part of your business sells to or buys from the government, read the four proposed rules at regulations.gov and file a comment before July 23. A two paragraph comment from a real practitioner carries more weight than you think, and it is free.
TRADE + TARIFFS
USMCA did not get renewed, and a 10 percent surcharge quietly sunsets around July 24.
If you source anything from Canada or Mexico, two clocks are running and both land this month. On July 1, the United States declined to renew USMCA in its current form, which does not kill the agreement but drops it into an annual review process that can run through 2036 (CNBC, July 1). Qualifying goods stay duty free for now, so this is not a cliff. It is something worse for planning purposes: a prolonged stretch of not knowing the rules, with automotive rules of origin and Chinese transshipment squarely on the table.
The nearer term item is the money one. The 10 percent Section 122 surcharge on goods that do not qualify under USMCA is scheduled to expire around July 24, after which non qualifying goods could revert toward standard most favored nation rates of roughly 3 to 4 percent, while the 50 percent Section 232 tariffs on steel and aluminum stay in force regardless of origin (Steptoe). If you have been paying that surcharge because qualifying looked like too much paperwork, the math on getting compliant just changed, and the merchandise processing fee exemption is still sitting there for USMCA qualifying goods.
DO THIS WEEK
Pull your top 20 cross border SKUs by spend and confirm, in writing from the supplier, whether each one qualifies under USMCA rules of origin today. For anything non qualifying, ask your customs broker to model landed cost after the July 24 surcharge change before you cut the next PO. Then add a tariff and origin change trigger to any long term supply agreement you sign this quarter, so a rules of origin shift becomes a repricing conversation, not a silent margin hit.
DIRECT + SUPPLY CHAIN
RAMmageddon is now hitting your invoices. Memory jumped up to 89 percent in one quarter.
We’re probably going to talk about this a lot for a while.
Anyone who buys hardware, servers, or anything with memory in it needs to stop treating this as a tech press story. Consumer and commodity DRAM prices rose by as much as 89 percent quarter over quarter in Q2 2026, with a 16 gigabyte DDR4 module going from about 137 dollars to 207 dollars in a single quarter (Wccftech, June). This is not a normal cycle. Samsung, SK Hynix, and Micron are pouring wafer capacity into high bandwidth memory for AI data centers, and every HBM wafer is a wafer denied to the ordinary DRAM in your laptop fleet and server refresh.
The signals last week were loud. Micron’s CEO said the shortage runs through 2027 and only eases in 2028. Apple hiked prices on June 25 across iPads, Macs, and more, and the stock had its worst day in over a year on the news. Samsung, SK Hynix, and Micron are also now facing a price fixing class action tied to the shortage. Practically, that means OEMs like Dell, HP, and Lenovo are pushing 15 to 20 percent hardware increases and shortened quote validity windows. The buyer who waits for prices to normalize is making a bet that every analyst says will lose through at least 2027.
DO THIS WEEK
Pull forward any hardware refresh you can justify in the next two quarters and lock it now with your reseller, because early orders are effectively setting deployment schedules. Standardize on a short list of approved memory and server configurations so a shortage does not force a last minute redesign. On any purchase order, insist on firm pricing with a fixed quote validity date rather than price at time of shipment, and ask your reseller to reserve and hold inventory against your roadmap.
AI SPEND
Your unlimited AI seat deal is gone. GitHub Copilot moved to usage pricing, and the bills are landing.
If your company is scaling AI agents, the budgeting model you built on per seat logic already broke, you just may not have seen the invoice yet. Per token prices fell roughly 98 percent since early 2024, and enterprise AI bills still went up an estimated 320 percent, because agentic workflows burn 5 to 30 times more tokens per task than a chatbot query (Henon, sourced to industry data). Uber burned through its entire annual AI budget by April. The share of FinOps practitioners responsible for managing AI spend went from 31 percent to 98 percent in a year (Optimum Partners). This is now a procurement problem, not an engineering curiosity.
The pricing model is moving under you in real time. GitHub Copilot shifted to usage based pricing credits on June 1, and the broader pattern is that roughly 85 percent of SaaS providers have moved to hybrid or consumption pricing tied to usage (elvex). The trap has a name now, token maxing, which is defaulting every task to the most expensive frontier model with no routing or governance. The fix is not buying less… it is contract terms that give you visibility and a ceiling before the always on agents run up a bill nobody approved.
DO THIS WEEK
For every AI or agent product on consumption pricing, get three things in the contract: a monthly spend cap or hard alerting at a threshold you set, committed use discount tiers you can grow into rather than commit to blind, and the right to route workloads to cheaper models without penalty. Ask finance for a monthly token variance report the same way you get a cloud dashboard. If a vendor cannot show you per team usage, that opacity is the product working as designed, and it is negotiable.
THIRD PARTY RISK
A sales tool got breached and took roughly 200 companies with it, including the security vendors.
This is the story that should make you open your vendor integration list today. Between June 11 and June 24, attackers compromised Klue, a market intelligence and battlecards SaaS tool, harvested OAuth tokens through a legacy credential, and pivoted into the connected Salesforce environments of downstream customers, hitting close to 200 organizations (Rescana). Reported victims included LastPass, Huntress, Recorded Future, Tanium, Jamf, Gong, and HackerOne (Bright Defense breach log). The security companies you buy from got hit through a fourth party nobody was watching.
The mechanism is the lesson. Nobody broke down Salesforce’s door. A trusted integration held an OAuth token, and that token was the door. Salesforce disabled the Klue integration on June 17, but by then the data had walked. Industry breach data now puts the blast radius at more than five downstream victims per vendor incident, and the average public disclosure lag near 117 days (Black Kite). Your annual security questionnaire did not catch this, because the risk was a live token, not a policy on paper.
DO THIS WEEK
Pull the list of third party apps with OAuth grants into your CRM and core systems this week, and revoke every integration nobody can name an owner for. For the ones you keep, confirm the vendor rotates and scopes credentials and does not carry legacy ones. Then check your contracts for a breach notification clock measured in hours, not the vague reasonable time that let this sit. Continuous monitoring beats the annual questionnaire, because a vendor clean in Q1 can be the entry point in Q2.
CONTRACTING CORNER
Standard disclaimer from the guy with the law degree who is not being your lawyer: this is what I have learned redlining these deals,... And this is not legal advice. Tie your review to what actually happened this week, because that is where the leverage and the risk are both hiding. Four tips, each anchored to a story above.
1. The AI clause to steal this week: data, training, and zero retention
Tied to the AI spend and agent tollgate stories. Any product that routes your data through a model needs an explicit answer on training. The market standard position in 2026 is opt out at minimum, opt in for any model training, with zero retention as the fallback when the vendor will not commit (GC AI). Language you can adapt:
“Vendor shall not use Customer Data to train, fine tune, or improve any model except to generate output for Customer. Vendor shall not retain Customer Data for any model training purpose. Any authorized AI agent acting on Customer’s behalf may access Customer Data without additional per action or per call fees during the term.”
That last sentence is the one that answers the Action Fabric and Agent Gateway metering. Put it in the order form, not just the linked terms, because linked terms change without your signature.
2. Cap indemnity to real insurance, not 12 months of fees
Vendors love to cap indemnifiable claims at the fees you paid, which on a small deal can be a rounding error against a real IP or data claim. Tie the liability cap for indemnification to the vendor’s actual errors and omissions coverage instead. If they carry 5 million dollars in coverage, the cap for indemnifiable claims should be 5 million, not 60 thousand in annual fees (Levy, Contracting with AI Vendors). This aligns the incentive: the vendor either keeps real coverage or accepts real exposure. Here is the 2026 gotcha, though, standard insurers have started adding generative AI exclusions to commercial policies, so a vendor’s indemnity can be genuinely unfunded (Honigman). Ask for a certificate of insurance and confirm AI related claims are not excluded before you rely on that indemnity.
3. Breach notification measured in hours, and OAuth hygiene as a covenant
Tied to the Klue breach. The clause that failed those 200 companies was almost certainly a vague notification standard. Specify a hard clock, notice within 48 or 72 hours of the vendor becoming aware, plus the right to disable integrations immediately on suspicion. For anything with an OAuth grant into your systems, add a covenant that the vendor rotates and scopes credentials, does not retain unused legacy credentials, and notifies you of any credential compromise affecting the integration. A questionnaire is a snapshot. A covenant is a promise you can enforce.
4. Calendar the auto renewal, because you lose leverage on day one without it
The most boring tip is the one that saves the most money. Standard auto renewal clauses lock you into a renewal at the existing price plus an escalator unless you give 60 to 90 days notice, and the teams that do not calendar that date walk into the renewal with zero leverage (GC AI). With the SaaS selloff making vendors nervous about seat counts, the notice window this year is not just an exit, it is your invitation to renegotiate price and terms while they are motivated. Build a renewal tracker with the notice date, not the renewal date, as the trigger.
WHOSE REP IS SWEATING THIS MONTH
Every major enterprise vendor whose fiscal year or fiscal quarter closes within the next 60 days, meaning through early September, with the current business context that moves your leverage and one thing to do this week. Quarter and year end is when the discount authority is highest and the rep is most motivated. Know the date and you set the tempo.
Palo Alto Networks Fiscal year ends July 31
Leverage read: This is the big one. Their entire fiscal year closes July 31, they just raised full year guidance after a standout Q3, and Nikesh Arora is pushing customers hard toward platformization, with CyberArk and Chronosphere freshly integrated (Q3 results, June 2). Reps have annual quota and platform count targets riding on your signature.
Do this week: If you have any PANW spend, your rep needs the deal before July 31. Bundle your renewals into a platformization conversation and trade a multiyear commitment for a real discount and a firm price lock, not a one time credit.
Cisco Fiscal year ends around July 25
Leverage read: Cisco closes its fiscal year on the last Saturday of July, roughly July 25. On top of the normal year end push, memory cost inflation is squeezing hardware margins, which cuts both ways: they want the booking, but list creep is real.
Do this week: Time any hardware or enterprise agreement renewal to the final two weeks of July. Ask for the year end incentive explicitly, and if Splunk is in the mix, make them cross sell for the discount rather than the other way around.
Salesforce Q2 fiscal year 2027 ends July 31
Leverage read: Salesforce stock has lagged peers on the fear that Agentforce cannibalizes seats, and Agentforce runs on consumption pricing at roughly 10 cents per action (pricing overview). A nervous vendor at quarter end is a flexible vendor.
Do this week: Push for flex credits you can grow into rather than a large committed Agentforce spend, and get a price protection cap on per action rates. Use the quarter close to lock any core CRM renewal at a real discount now.
Workday Q2 fiscal year 2027 ends July 31
Leverage read: Workday has been the most cautious major on AI messaging, but it is now metering external agents per call through Agent Gateway and bundling Sana as its front door. Quarter end lands July 31.
Do this week: Before your agent traffic scales, get the per call metering rate capped and confirm authorized agents can access your Workday data without a surprise usage line. Anchor renewals to the July 31 close.
Oracle Q1 fiscal year 2027 ends August 31
Leverage read: Oracle is riding high on AI cloud and remaining performance obligation growth, so they are less discount hungry on OCI. License and support renewals are a different animal and still very negotiable at quarter end.
Do this week: Separate the OCI enthusiasm from your on premise license and support renewal. Audit any unlimited license agreement position before August 31 so you are not certifying under time pressure at their quarter close.
Accenture Fiscal year ends August 31
Leverage read: Accenture’s full year closes August 31, and consulting is under visible margin pressure as generative AI deflates billable hours. Year end is when statement of work and rate card flexibility is highest.
Do this week: Reopen rate cards and open statements of work before August 31, and ask directly for a generative AI productivity credit, since they are using the tools to deliver your work faster.
Microsoft Fiscal year 2027 began July 1
Leverage read: Microsoft’s fiscal year ended June 30, so reps are now carrying fresh annual quota. Counterintuitively, the start of the year is a strong window: reps want to bank pipeline early, and their next quarter end is September 30.
Do this week: If you have an Enterprise Agreement or Copilot expansion in flight, engage now while reps are hungry to build the year’s pipeline, and hold your leverage for the September 30 quarter close if they stall.
Also closing July 31, worth a call if you hold spend:
● Zscaler, Nutanix, and Intuit all close their fiscal year on July 31. Full year quota, maximum discount authority.
● CrowdStrike, Snowflake, and Dell all close a fiscal quarter July 31. Quarter end incentives apply.
● AWS, SAP, IBM, and ServiceNow run on the calendar, so their next close is September 30, just past this window. Start positioning now so you are not rushing a Q3 deal in late September.
Two negotiation angles the news just handed you:
● The June 29 software selloff means seat based vendors are defending renewals. Trade a multiyear commitment for a genuine discount while the fear is fresh, and lock price before they stabilize.
● The memory shortage means hardware quotes have short shelf lives. Treat any hardware discount as perishable and get firm pricing with a validity date, not price at shipment.
DATES THAT MATTER (NEXT 30 DAYS)
Everything worth a calendar hold between now and early August, with why it matters to you specifically, not just what it is.
Now through July 24
The Section 122 10 percent surcharge on non USMCA qualifying goods is scheduled to sunset around July 24. If you import from Canada or Mexico, this is the window to confirm qualification and remodel landed cost before the change, not after.
July 23
Comments close on the first four Revolutionary FAR Overhaul proposed rules. This is your one clean shot to influence the biggest federal acquisition rewrite in four decades, and the comment is free to file at regulations.gov.
Around July 25
Cisco’s fiscal year ends. If you have Cisco hardware, enterprise agreements, or Splunk in play, this is peak discount authority. Have your ask ready before the last week.
July 31
The heavy date. Palo Alto Networks, Zscaler, Nutanix, and Intuit close their fiscal year, and Salesforce, Workday, CrowdStrike, and Snowflake close a quarter. If any of these renewals sit in your queue, the rep’s motivation peaks here. Do not let the date pass unused.
Dell closes its fiscal quarter, colliding with peak memory price pressure. If a server or fleet refresh is coming, this is a timing and pricing conversation, not a wait and see.
On the horizon:
August 31 Oracle’s fiscal quarter and Accenture’s fiscal year both close. Just outside 30 days, but ULA audits and consulting rate card resets take longer than a week to prepare, so start now.
Already in effect:
June 30 The certified cost or pricing data threshold for defense contracts rose to 10 million dollars for contracts entered after June 30. If you buy from defense suppliers, expect changes in what pricing support they will volunteer.
Ongoing:
The USMCA annual review process is live, with United States and Mexico bilateral talks continuing past the July 1 deadline. Treat North American sourcing as a prepare and decide situation for the rest of the year, not a wait and see one.
That’s a wrap. Now, go fix something for someone who failed to plan properly.
SOURCE INDEX
Primary sources first, cited inline above and listed here in full. Where a primary filing was summarized, the summarizing source is noted.
1. White House, OMB Advances Revolutionary FAR Overhaul (June 25, 2026) https://www.whitehouse.gov/releases/2026/06/omb-advances-revolutionary-far-overhaul-with-formal-publication-of-regulatory-changes/
2. Federal Register, FAR Overhaul Parts 1, 2, 4, 33, 39, 40, 53 (June 23, 2026) https://www.federalregister.gov/documents/2026/06/23/2026-12559/federal-acquisition-regulation-revolutionary-federal-acquisition-regulation-overhaul-parts-1-2-4-33
3. Federal Register, FAR Overhaul Parts 6, 7, 10, 18, 26, 37, 41 (June 23, 2026) https://www.federalregister.gov/documents/2026/06/23/2026-12560/federal-acquisition-regulation-revolutionary-federal-acquisition-regulation-overhaul-parts-6-7-10-18
4. SBA Office of Advocacy, Newly Released FAR Proposed Rules (June 25, 2026) https://advocacy.sba.gov/2026/06/25/newly-released-federal-acquisition-regulation-proposed-rules/
5. Government Executive, Federal acquisition overhaul moves to proposed rules (June 23, 2026) https://www.govexec.com/management/2026/06/federal-acquisition-overhaul-proposed-rules/414348/
6. Government Contracts Law, FY2026 NDAA CAS and Cost or Pricing Data Thresholds https://www.governmentcontractslaw.com/2026/01/swept-away-fy26-ndaa-updates-to-cas-and-certified-cost-or-pricing-data-thresholds/
7. CNBC, U.S. will not renew USMCA (July 1, 2026) https://www.cnbc.com/2026/07/01/trump-usmca-canada-mexico-trade-treaty.html
8. Steptoe, North American Trade at a Crossroads on USMCA Review https://www.steptoe.com/en/news-publications/stepwise-risk-outlook/north-american-trade-at-a-crossroads-on-the-deadline-of-usmca-review.html
9. Plante Moran, USMCA review 2026: what manufacturers should do now https://www.plantemoran.com/explore-our-thinking/insight/2026/07/usmca-review-2026
10. Wccftech, DRAM prices surge up to 89 percent in Q2 2026 https://wccftech.com/memory-shortages-destroy-consumer-segment-dram-prices-surge-89-percent/
11. Wikipedia, 2025 to present global memory supply shortage (Micron CEO, Apple) https://en.wikipedia.org/wiki/2025%E2%80%93present_global_memory_supply_shortage
12. The Register, Expect more DRAM price hikes (June 2, 2026) https://www.theregister.com/storage/2026/06/02/expect-more-of-those-dram-price-hikes-as-memory-shortage-continues-to-bite/5250049
13. GuruFocus, Software Giants Face Valuation Contraction (June 29, 2026) https://www.gurufocus.com/news/8936415/software-giants-face-valuation-contraction-amid-ai-concerns-now
14. PYMNTS, ServiceNow, SAP and Workday Make AI Agents Pay to Play https://www.pymnts.com/artificial-intelligence-2/2026/servicenow-sap-and-workday-make-ai-agents-pay-to-play/
15. Henon Insights, Token prices fell 98 percent, enterprise AI costs tripled https://henon.ai/insights/token-prices-fell-98-enterprise-ai-costs-tripled-now-companies-are-asking-why
16. Optimum Partners, AI Token Costs and how they might wreck your budget https://optimumpartners.com/insight/ai-token-costs-and-how-they-might-wreck-your-budget/
17. elvex, AI Token Cost Enterprise: Stop Budget Blowouts in 2026 https://www.elvex.com/blog/ai-token-cost-enterprise-budget-control
18. Rescana, Klue Supply Chain Breach (June 2026) https://www.rescana.com/post/klue-supply-chain-breach-exposes-oauth-tokens-and-salesforce-data-in-multi-stage-cybersecurity-incident-june-2026
19. Bright Defense, Recent Data Breaches log (Klue victims) https://www.brightdefense.com/resources/recent-data-breaches/
20. Black Kite, 2026 Third Party Breach Report https://blackkite.com/reports/third-party-breach-report-2026
21. Palo Alto Networks, Fiscal Q3 2026 results (June 2, 2026) https://www.paloaltonetworks.com/company/press/2026/palo-alto-networks-reports-fiscal-third-quarter-2026-financial-results
22. GC AI, A SaaS Agreement Has up to 50 Clauses. Six Carry the Risk. https://gc.ai/blog/saas-agreement
23. Levy, Contracting with AI Vendors (2026) https://storage.ghost.io/c/44/95/449506ca-034e-480f-9725-fcde08ef1cc1/content/files/2026/03/Contracting-with-AI-Vendors.pdf
24. Honigman, The AI Insurance Gap and What It Means for Technology Contracts https://www.honigman.com/the-matrix/ai-insurance-gap-what-it-means-for-technology-contracts
Procurement Unmedicated is written by Dan Shibilia. Forward it to the one


