
Presented by Red Hat
At VentureBeat’s recent AI Impact event, the focus of the discussion was on what separates businesses that are scaling Agent AI from those that are in pilot mode, with Red Hat’s Senior Director of Portfolio Strategy Brian Gracey detailing what companies actually face once agents are in production.
He delved into cost discipline, the security blind spots inherent in autonomous systems, and the organizational frictions that determine whether agent adoption spreads beyond initial champions.
Enterprises overestimate how far behind AI agents they are
Many enterprise executives, especially those watching industry keynotes and AI announcements, worry that they are dangerously behind competitors already deploying agents at scale. But according to Gracely, much of this concern reflects a misconception about how quickly organizations learn once they start building. Teams often move up the learning curve faster than they expect.
This rapid progress presents a different challenge. As agent use expands, the cost of artificial intelligence rises at a similar pace, turning cost management from an engineering challenge to a regular boardroom discussion.
Agency AI use is orders of magnitude higher than in the chatbot era, making AI costs a growing concern for businesses. At the same time, organizations increasingly realize that they are dependent on a small number of model providers. According to Gracely, this combination is prompting many enterprises to explore alternatives that give them more control over costs and infrastructure.
"Two or three of the top providers are already telling the market that they are losing money and are trying to go public to fix those gaps." he explained. "At some point depending on it means you will either end up paying too much or find alternatives to control what you do."
Right-sized AI models are the fastest lever to reduce agent costs
The biggest cost problem is that businesses overspend by choosing the most capable model available regardless of the complexity of the tasks.
"If I’m just trying to settle an insurance claim, I don’t need to know the history of Western civilization in my model, I don’t need to know World Cup soccer scores," He said politely.
Semantic routing is a mechanism many companies use to automatically make this judgment, categorize requests, and send each one to a task-dimensional model without requiring users to make a choice, while infrastructure techniques such as caching repeated requests reduce how quickly a request needs to reach GPU computing. Together, he says, these tools eliminate the assumption that efficiency and innovation pull in opposite directions.
"There’s a lot you can do at the GPU infrastructure level, and quite a bit in terms of flexibility of models," he explained. "These give great options in terms of the levers you’re trying to pull, whether you need efficiency or innovation. This should not be a binary choice."
The financial discipline required for token spending is similar to FinOps practices that have evolved over the years to control cloud computing costs. These core frameworks will move even as the vocabulary changes, Gracie said, especially as organizations push for internal learning in model selection, so teams stop defaulting to the most prominent option for tasks that don’t need it.
"Just like we first teach finance people what an EC2 instance is and what an S3 bucket is, you should start explaining tokens to them," he said. "We don’t always need a Rolls-Royce. We don’t always need spawn because we’re trying to do basic types of things."
Patch speed is important now as AI tools find vulnerabilities faster
AI-powered vulnerability detection is forcing enterprises to rethink how quickly they can identify, approve and deploy patches. In an environment where artificial intelligence can already detect new vulnerabilities more quickly and attackers can exploit them, long-established patch management cycles may not be fast enough.
"Most companies will likely have a window of between seven and 14 days to come forward." he said. "There are groups that will patch for these, including Red Hat, but the embargo window will be short."
AI is also changing what defenders need to look for. Instead of simply detecting isolated critical flaws, AI security tools can identify combinations of seemingly small vulnerabilities that are dangerous only when chained together. As both software complexity and vulnerability detection accelerate, Gracie argued, the ability to rapidly manage and update software is becoming a strategic capability rather than just an operational one.
Subject matter experts and compliance teams decide whether to scale agents
Finally, organizational adoption results in the need for deep, ongoing involvement of subject matter experts whose knowledge the agent intends to codify, making gaining their buy-in a prerequisite rather than an afterthought.
"You promoters have to think about what you’re doing for the people involved so they don’t feel threatened that it’s going to take away their jobs, and how do you motivate people to cooperate with this innovation in the long run?" he said.
Sponsored articles are content produced by a company that paid for the post or has a business relationship with VentureBeat and is always clearly marked. Contact for more information sales@venturebeat.com.





