
Presented by red hat
At VentureBeat’s recent AI Impact event, where the discussion focused on what separates companies that scale agent AI from those that stagnate in pilot mode, Brian Gracely, senior director of portfolio strategy at Red Hat, detailed what companies are really running into once agents reach production.
He dove into cost discipline, the security blind spots unique to autonomous systems, and the organizational friction that determines whether agent adoption extends beyond early champions.
Companies are overestimating their AI agent backlog
Many business leaders, especially those who follow industry keynotes and AI announcements, worry that they are already dangerously lagging behind competitors deploying agents at scale. But according to Gracely, much of that anxiety reflects a misconception about how quickly organizations learn once they start building. Teams often move up the learning curve much faster than they expect.
However, that rapid progress creates a different challenge. As the use of agents expands, AI costs are increasing just as quickly, turning cost management from an engineering concern to a recurring boardroom discussion.
The use of agent AI is much higher than during the chatbot era, making AI costs a growing concern for businesses. At the same time, organizations are increasingly aware of their dependence on a small number of model providers. According to Gracely, that combination is prompting many companies to explore alternatives that give them greater control over costs and infrastructure.
"The top two or three providers are already telling the market that they are losing money and are trying to go public to make up for those gaps." he explained. "At some point, dependence on that means you’re either going to buy at a very high cost level or you’re going to find alternatives to control what you’re doing."
Sizing AI models is the fastest lever to reduce agent costs
The biggest cost problem is that companies overspend by opting for the most capable model available, regardless of the complexity of the task.
"If I’m simply trying to settle an insurance claim, I don’t need to know about the history of Western civilization in my model, I don’t need to know the results of the soccer World Cup," Gracely said.
Semantic routing is the mechanism many companies use to make that judgment automatically, sorting requests and sending each one to a task-sized model without requiring users to choose, while infrastructure techniques like repetitive query caching reduce the frequency with which a request must hit the GPU compute. Together, he said, these tools eliminate the assumption that efficiency and innovation go in opposite directions.
"There are a lot of things you can do at the GPU infrastructure level, and quite a few things you can do in terms of model flexibility." he explained. "These offer great options in terms of the levers you try to pull, whether you need efficiency or innovation. That shouldn’t be a binary choice."
The financial discipline required for token spending is similar to FinOps practices that took years to mature to take control of cloud computing spending. Those underlying frameworks will transfer even as vocabulary changes, Gracely said, especially as organizations drive internal education on model selection so teams stop opting for the top choice for tasks that don’t need it.
"Just like we first had to teach financiers what an EC2 instance is and what an S3 bucket is, you’ll need to start explaining tokens to them." said. "We don’t always need a Rolls-Royce. We don’t always need caviar, because we try to do basic things."
Patch speed now critical as AI tools find vulnerabilities faster
AI-driven vulnerability discovery is forcing companies to rethink how quickly they can identify, validate, and deploy patches. Long-established patch management cycles may no longer be fast enough in an environment where AI can discover (and attackers exploit) new vulnerabilities much more quickly.
"Most companies will likely have a window of between seven and 14 days to stay ahead." said. "There are groups, including Red Hat, that are going to create patches for these, but the embargo window will be short."
AI is also changing what defenders should look for. Instead of simply discovering isolated critical flaws, AI security tools can identify combinations of seemingly minor vulnerabilities that become dangerous only when chained together. As both software complexity and vulnerability discovery accelerate, Gracely argued that the ability to manage and update software quickly is becoming a strategic capability rather than simply an operational one.
Subject matter experts and compliance teams decide whether agents escalate
In the end, organizational adoption boils down to the need for deep and sustained involvement of the subject matter experts whose knowledge the agent must codify, making gaining their buy-in a prerequisite rather than an afterthought.
"You have to think about the incentives, what you do for the people who participate in this work so that they don’t feel threatened that their jobs will be taken away, and how you incentivize people in the long term to cooperate with that innovation." said.
Sponsored articles are content produced by a company that pays to publish or has a business relationship with VentureBeat, and are always clearly marked. For more information, contact sales@venturebeat.com.





