Skip to content
Tech News
← Back to articles

The real cost, security, and culture problems behind enterprise AI agents

read original more articles

Presented by Red Hat At VentureBeat's recent AI Impact event, where the discussion centered on what separates enterprises that scale agentic AI from those that stall in pilot mode, Brian Gracely, senior director of portfolio strategy at Red Hat, detailed what companies actually run into once agents reach production. He dove into cost discipline, the security blind spots unique to autonomous systems, and the organizational friction that determines whether agent adoption spreads beyond early champions.Enterprises are overestimating how far behind they are on AI agentsMany enterprise leaders, especially those following industry keynotes and AI announcements, worry that they’re already falling dangerously behind competitors deploying agents at scale. But according to Gracely, much of that anxiety reflects a misconception about how quickly organizations learn once they begin building. Teams often move up the learning curve far faster than they expect.That rapid progress creates a different challenge, however. As agent usage expands, AI costs rise just as quickly, turning cost management from an engineering concern into a recurring boardroom discussion.Agentic AI usage is orders of magnitude higher than during the chatbot era, making AI costs a growing concern for enterprises. At the same time, organizations are becoming increasingly aware of their dependence on a small number of model providers. According to Gracely, that combination is driving many enterprises to explore alternatives that give them greater control over costs and infrastructure."The two or three top providers are already telling the market that they're losing money, and they're trying to go public to make up those gaps," he explained. "At some point, the dependency on that means you're either going to buy at a very high-cost level, or you're going to figure out alternatives to control what you're doing."Right-sizing AI models is the fastest lever for cutting agent costsThe biggest cost issue is that enterprises overspend by defaulting to the most capable model available regardless of task complexity."If I'm simply trying to resolve an insurance claim, I don't need to know about the history of Western civilization in my model, I don't need to know World Cup soccer scores," Gracely said.Semantic routing is the mechanism many companies use to make that judgment automatically, classifying requests and sending each to a model sized for the task without requiring users to choose, while infrastructure techniques like caching repetitive queries cut how often a request needs to reach GPU compute at all. Together, he said, these tools remove the assumption that efficiency and innovation pull in opposite directions."There's a lot you can do at a GPU infrastructure level, and quite a bit you can do in terms of flexibility of models," he explained. "Those give excellent choices in terms of the levers you're trying to pull, whether you need efficiency or you need innovation. That shouldn't be a binary choice."The financial discipline needed for token spend is similar to the FinOps practices that took years to mature in order to take control of cloud compute spending. Those underlying frameworks will transfer even as the vocabulary changes, Gracely said, especially as organizations push for internal education on model selection so teams stop defaulting to the most prominent option for tasks that don't need it."The same way we first had to teach the financial people what an EC2 instance is and what an S3 bucket is, you're going to have to start explaining tokens to them," he said. "We don't always need a Rolls-Royce. We don't always need caviar, because we're trying to do basic types of things."Patch speed is now critical as AI tools find vulnerabilities fasterAI-powered vulnerability discovery is forcing enterprises to rethink how quickly they can identify, validate and deploy patches. Long-established patch management cycles may no longer be fast enough in an environment where AI can uncover — and attackers can exploit — new vulnerabilities much more quickly."Most companies are probably going to have a window of somewhere between seven and 14 days to stay ahead," he said. "There are groups, Red Hat included, that are going to build patches for these, but the embargo window is going to be short."AI is also changing what defenders need to look for. Rather than simply uncovering isolated critical flaws, AI security tools can identify combinations of seemingly minor vulnerabilities that become dangerous only when chained together. As both software complexity and vulnerability discovery accelerate, Gracely argued that the ability to rapidly manage and update software is becoming a strategic capability rather than simply an operational one.Subject matter experts and compliance teams decide whether agents scaleIn the end, organizational adoption comes down to the need for deep, sustained involvement from the subject matter experts whose knowledge the agent is meant to encode, which makes earning their buy-in a prerequisite rather than an afterthought."You have to think about the incentives, what you do for people who participate in this work so they don't feel threatened that it's going to take away their job, and how you incentivize people in the long run to cooperate with that innovation," he said.Sponsored articles are content produced by a company that is either paying for the post or has a business relationship with VentureBeat, and they’re always clearly marked. For more information, contact [email protected].