Joined the event of trust in business leaders for nearly two decades. VB Transformation brings together people who build real corporate AI strategies. learn more
Enterprise AI infrastructure spending is expected to reach US$300.9 billion by 2032. The winner will not be determined by who owns the best model; it will come down to who controls the infrastructure layer that makes AI run at scale.
Security providers are taking the most radical moves. Palo Alto Networks, CrowdStrike and Cisco each reported AI-driven security revenues up 70% to 80% year-on-year, while traditional infrastructure sales fell. The pattern is clear: security is becoming the control plane for enterprise AI.
“The complexity of AI workloads should resonate existing infrastructure to its breaking point,” Databricks CEO Ali Ghodsi noted in a blog post. “Enterprises need to fundamentally conduct new ways to manage AI at scale.”
The evidence is continuing. According to IDC, 73% of enterprises believe that insufficient infrastructure is a major obstacle to AI adoption. At the same time, opponents can weaponize artificial intelligence faster than enterprises to deploy defense capabilities. The infrastructure war has begun.
Agents emerge as new battlefield
An agent is not a supplier’s vision. This is an industry-wide awareness that traditional IT operations cannot manage human rights to AI agents running at machine speed. Cisco launched the category in Cisco Live 2025, but Microsoft’s AI orchestration, Google’s model operations and startups like Strige & Sialus are already competing to own it. The front is drawn.
Technical requirements are cruel. Enterprises deploying 50,000 AI agents need an infrastructure that handles cross-domain data access, real-time governance, and multi-team collaboration. Traditional tools are disconnected at 5,000 agents. Mathematics doesn’t work.
“This is the first time security has become an acceleration, not a barrier to adoption,” Cisco President and CPO Jeetu Patel told VentureBeat in a recent interview. The transformation is fundamental: security teams can now implement AI deployment instead of blocking it.
Three pillars define enterprise-level agents: unified data access across all domains, a collaborative environment where NetOps and secops teams work together, and a dedicated model for managing agent actions. Forrester Research confirms multi-domain visibility is crucial. The supplier who masters these three components will become the suppliers of the rulers. But most people are working hard to deliver effectively.
Peripheral safe death
Traditional firewalls cannot protect the workload of artificial intelligence. The evidence is overwhelming. Palo Alto’s Prisma Cloud handles 2 billion security incidents every day at runtime. Fortinet’s security structure connects more than 500 integration points because peripheral defense failed. Check Point’s infinity belongs to the zero-trust principle, assuming that each layer violates it.
The extended Berkeley Packet Filter (EBPF) has changed the game. This Linux kernel technology enables secure law enforcement without the 40% performance of traditional methods. Cisco’s $2.8 billion invoice acquisition verifies the approach. Isovalent’s open source project Cilium now ensures production workloads on Netflix, Adobe and Capital One. 15,000 Github stars reflect corporate adoption, not developers’ interests.
Craig Connors, Cisco’s vice president of security and CTO, made a shift in a recent VentureBeat interview: “Security policy now applies to every layer from workload to silicon.” The implications are clear. Security becomes an integral part of the infrastructure, not overwrite.
Hardware acceleration seal conversion. The safety of silicon-wrapped runs in nanosecond delays. Mathematics is cruel: software-defined security increases by 50-200 milliseconds. Hardware security increases by 50 to 200 nanoseconds. This is a million times the progress. Suppliers without silicon capabilities cannot compete.
72-hour utilization window
The opponent weaponizes vulnerability within 72 hours. Business patches within 45 days. The gap generated 84% of successful violations. Every security vendor is competing to shut it down.
CrowdStrike’s Falcon prevents blocks from being present before the patch exists. Qualys VMDR provides real-time vulnerability management. Tanium Patch is expected to respond automatically with hours of time. Cisco’s Live Protect applies kernel-level shields in minutes.
Economics is undeniable. Research from the Ponemon Institute shows that the risk of breach of delayed patches per hour is $84,000. The automation platform provides a return on investment (ROI) in 4.7 months. CISO cannot ignore mathematics.
“Time is everything about cybersecurity,” stressed Shlomo Kramer, CEO of Cato Networks. “Automation is more than efficiency; it’s about attacks that human teams cannot respond quickly.”
Observability wars intensify
The $28 billion Splunk acquisition marks a bigger fact: Observability determines who wins the battle for AI infrastructure. Datadog handles 18 trillion events every day. New relics monitor 10 billion transactions per minute. Dynatrace tracks 2.5 million cloud applications.
The bet exists. Enterprises that deploy AI without observability are flying blindly. “You can’t make sure you see what you’re seeing,” said Etay Maor, senior director of security strategy at Cato Networks. “Observability is not optional, but the foundation for a digital transformation in security.”
Generate UIs represent the next frontier. AI is not a dashboard, but creates interfaces in real time based on the exact problem solved. ServiceNow, Splunk and emerging players (such as observable) bets, the dynamic interface replaced the static dashboard in 24 months.
Market merger accelerates
Infrastructure giants are assembling their army through acquisitions. Cisco paid $28 billion for Splunk. Palo Alto acquired Cider Safety, Dig Security and Talon for $1.2 billion. CrowdStrike bought Repositify, Humio and preemptive. Broadcom’s $69 billion VMware acquisition reshapes the entire landscape.
Platform speed now determines survival. A unified architecture reduces development time from years. It has now taken 18 months to launch in 8 weeks. The engineering team is voting with their feet to transport companies at startup speeds.
The AI infrastructure market is expected to consolidate from more than 200 suppliers to less than 20 platforms within 36 months. Gartner predicts that 60% of current suppliers will not exist by 2027. The message is cruel: controlling the full stack or becoming irrelevant.
Bottom line
Agents represent the most important architectural shift since the advent of cloud computing. Assuming continuous compromise, businesses that attack unlimited identities and machine speeds will flourish. Those who insist on peripheral defense and human speed response will add blockbusters and Kodak in the digital cemetery.
Vendors that address this challenge (whether Cisco, Palo Alto, Microsoft or emerging players) will control the next decade of enterprise technology. The competition begins. The clock is ticking. Winners are already emerging.
