Enterprise AI infrastructure spending is expected to reach $309 billion by 2032. The winners won’t be determined by who has the best models; it’ll come down to who controls the infrastructure layer that makes AI operational at scale.
Security vendors are making the most aggressive moves. Palo Alto Networks, CrowdStrike and Cisco each report AI-driven security revenue growing 70 to 80% year-over-year while traditional infrastructure sales decline. The pattern is clear: Security is becoming the control plane for enterprise AI.
“The complexity of AI workloads is straining existing infrastructure to its breaking point,” Ali Ghodsi, CEO of Databricks, notes in a blog post. “Enterprises need fundamentally new approaches to manage AI at scale.”
The evidence is mounting. According to IDC, 73% of enterprises cite infrastructure inadequacy as their primary barrier to AI adoption. Meanwhile, adversaries are weaponizing AI faster than enterprises can deploy defenses. The infrastructure wars have begun.
AgenticOps emerges as the new battleground
AgenticOps isn’t one vendor’s vision. It’s an industry-wide recognition that traditional IT operations can’t manage AI agents operating at machine speed with human permissions. Cisco kicked off the category at Cisco Live 2025, but Microsoft’s AI Orchestration, Google’s Model Operations and startups like Weights & Biases are already racing to own it. The battle lines are drawn.
The technical requirements are brutal. Enterprises deploying 50,000 AI agents need infrastructure that handles cross-domain data access, real-time governance and multi-team collaboration. Traditional tools break at 5,000 agents. The math doesn’t work.
“For the very first time, security is becoming an accelerant to adoption, rather than an impediment,” Jeetu Patel, Cisco’s president and CPO, told VentureBeat in a recent interview. The shift is fundamental: Security teams now enable AI deployment rather than blocking it.
Three pillars define enterprise-grade AgenticOps: unified data access across all domains, collaborative environments where NetOps and SecOps teams work together and purpose-built models that govern agent actions. Forrester research confirms multi-domain visibility as critical. Vendors who master all three components will be the ones to dominate. But most struggle to deliver even one effectively.
The death of perimeter security
Traditional firewalls can’t protect AI workloads. The evidence is overwhelming. Palo Alto’s Prisma Cloud processes 2 billion security events daily at runtime. Fortinet’s Security Fabric connects more than 500 integration points because perimeter defense has failed. Check Point’s Infinity operates on zero-trust principles, assuming a breach at every layer.
Extended Berkeley Packet Filter (eBPF) changed the game. This Linux kernel technology enables security enforcement without the 40% performance hit of traditional approaches. Cisco’s $2.8 billion Isovalent acquisition validated the approach. Cilium, Isovalent’s open-source project, now secures production workloads at Netflix, Adobe and Capital One. The 15,000 GitHub stars reflect enterprise adoption, not developer interest.
Craig Connors, Cisco’s VP and CTO of security, framed the shift in a recent VentureBeat interview: “Security policy now applies across every layer, from workload to silicon.” The implication is clear. Security becomes an integral part of infrastructure, not an overlay.
Hardware acceleration seals the transformation. Silicon-embedded security operates at nanosecond latency. The math is brutal: Software-defined security adds 50-200 milliseconds. Hardware security adds 50 to 200 nanoseconds. That’s a million-fold improvement. Vendors without silicon capabilities can’t compete.
The 72-hour exploit window
Adversaries weaponize vulnerabilities in 72 hours. Enterprises patch in 45 days. This gap generates 84% of successful breaches. Every security vendor is racing to close it.
CrowdStrike’s Falcon Prevent blocks exploits before patches exist. Qualys VMDR delivers real-time vulnerability management. Tanium Patch promises sub-hour automated response. Cisco’s Live Protect applies kernel-level shields within minutes.
The economics are undeniable. Ponemon Institute research shows that each hour of delayed patching costs $84,000 in breach risk. Automated platforms deliver a return on investment (ROI) in 4.7 months. CISOs can’t ignore the math.
“Time is everything in cybersecurity,” emphasizes Shlomo Kramer, CEO of Cato Networks. “Automation isn’t just about efficiency; it’s about surviving attacks that human teams can’t respond to quickly enough.”
The observability wars intensify
The $28 billion Splunk acquisition signals a larger truth: Observability determines who wins the AI infrastructure battle. Datadog processes 18 trillion events daily. New Relic monitors 10 billion transactions per minute. Dynatrace tracks 2.5 million cloud applications.
The stakes are existential. Enterprises deploying AI without observability are flying blind. “You can’t secure what you can’t see,” states Etay Maor, senior director of security strategy at Cato Networks. “Observability isn’t optional, it’s the very foundation of secure digital transformation.”
Generative UI represents the next frontier. Instead of dashboards, AI creates interfaces in real-time based on the exact problem being solved. ServiceNow, Splunk and emerging players like Observable are betting that dynamic interfaces replace static dashboards within 24 months.
Market consolidation accelerates
The infrastructure giants are assembling their armies through acquisition. Cisco paid $28 billion for Splunk. Palo Alto acquired Cider Security, Dig Security and Talon for a combined $1.2 billion. CrowdStrike bought Reposify, Humio, and Preempt. Broadcom’s $69 billion VMware acquisition reshapes the entire landscape.
Platform velocity now determines survival. Unified architectures cut development time from years to months. What took 18 months to deploy now launches in 8 weeks. Engineering teams are voting with their feet, joining companies that ship at startup speed with enterprise scale.
The AI infrastructure market is expected to consolidate from over 200 vendors to fewer than 20 platforms within 36 months. Gartner predicts 60% of current vendors won’t exist by 2027. The message is brutal: Control the full stack or become irrelevant.
The bottom line
AgenticOps represents the most significant architectural shift since the advent of cloud computing. Enterprises that build AI infrastructure assuming continuous compromise, infinite identities and machine-speed attacks will thrive. Those clinging to perimeter defense and human-speed response will join Blockbuster and Kodak in the digital graveyard.
The vendors solving this challenge — whether Cisco, Palo Alto, Microsoft or emerging players — will control the next decade of enterprise technology. The race is on. The clock is ticking. Winners are already emerging.
The post How CISOs became the gatekeepers of $309B AI infrastructure spending appeared first on Venture Beat.
