Enterprise AI is Raring to go. Are IT leaders Ready?

Will IT be the Bottleneck or AI enabler?

The IT role has never been for the faint hearted. Over the past 2 decades, IT teams have moved from a back-office support function to key enablers of business strategy and innovation.  Over this time, IT teams have enabled the transition from on-premise to cloud computing, from fixed desktop to mobile devices, from distributed data to big data, from protecting infrastructure to securing digital assets from sophisticated attack vectors.

For two decades, the prevailing IT posture has been to block what is unsafe, audit what is allowed or deny what is risky. That posture has been institutionally rational and, in many cases, the right one. However, when it comes to AI adoption, enterprises are moving fast and breaking rules. Employees are using AI, whether or not their employer has approved it. The denial posture, in other words, has stopped producing safety and is instead actively producing risk.

The new mandate is different, and harder. IT's job in 2026 is to enable all employees to use AI successfully, at scale, so they do not need to go around organizational policies to do their jobs.

2026 is the year of AI Agents. What does that mean for IT?

A recent WSJ headline states “Your Work Team Is Now a ‘Pod’ and Your Co-Workers Are AI Agents.” Which immediately begs the question on what is an agent and why should IT care?

Marc Andreesen on a recent Latent Space pod defined AI Agents in the context of the ubiquitous Unix architecture as “an LLM combined with a shell, filesystem, markdown-based memory, and a recurring execution loop (“cron”) that can act, persist state, modify itself, and use software tools autonomously.”

While traditional IT manages humans, service accounts or APIs, agents introduce thousands of semi-autonomous identities, each needing permissions, memory, tools, credentials and delegated authority. This creates credential sprawl, impossible-to-audit privilege chains, data trust problems and “who actually performed this action?” ambiguity for IT to manage. And unlike static SaaS software, agents can modify their own code and continuously evolve.

According to S&P Global Market Intelligence and McKinsey Digital Applied Team 31% of enterprises have at least one AI agent in production. The number of enterprises deploying agents and the number of agents per employee will skyrocket in the next 3 years.

It's not just Agents. Users are consuming AI in every surface

The introduction of Claude Code in May 2025, exactly a year ago, started a quiet revolution among developers. By Jan 2026, adoption reached 24% among North American developers. Enterprise subscriptions to Claude Code quadrupled between Jan and April 2026.

Claude Cowork was introduced in Jan 2026 for knowledge workers, and user growth is described as ‘explosive,’ faster than even the adoption of Claude Code. Users who do not typically code or SQL, are now downloading a CSV from their enterprise data warehouse, dropping it into Cowork for analysis, building AI apps and dashboards, and sharing them with their colleagues. And yes, that’s a gaping security hole that needs to be addressed.

AI adoption is happening on every surface - conversational voice AI agents have seen 340% YoY growth in 2026. 67% of Fortune 500 companies are now running production voice AI systems and 78% of top 50 banks have deployed production voice agents for at least one customer-facing use case. (AI Voice Research).

In this time of chaos, teams that prioritize speed win. In such an environment, the role of IT must evolve to remain relevant. You are no longer the gatekeepers, you are now the enablers of AI for your users. Your users are already using AI, your job is to enable AI scale safely across your organization, without compromising speed.

Wouldn’t we all like to have our cake and eat it too?

Congratulations, you are an IT leader that just purchased a Claude enterprise license for your employees. You are now faced with some very interesting questions, many of which your incredibly brilliant AI agent coworker will be unable to answer.

How do you rapidly deploy AI across to hundreds or thousands of employees, integrate existing databases, data warehouses, SaaS apps to AI, provide the right access controls to both humans and AI agents, build reliable workflows with deterministic outcomes when Claude can hit unpredictable daily usage limits, build model agnostic context for your AI to consume, all while managing costs as users test the limits of AI with token-maxxing strategies?

What AI Enablement Actually Requires: Connecting AI to Enterprise Data

The first problem that IT needs to address to deploy enterprise wide AI is how to connect their AI to enterprise data. Your business users have already been connecting their Google drives, uploading PDF’s, downloading enterprise data from SaaS apps and uploading CSV files in their AI’s. Engineers and the more technically savvy users are connecting AI to enterprise data through a mix of API’s, MCP Servers, and CLI’s.

The Model Context Protocol (MCP) was supposed to make connecting agents to enterprise data sources trivial. In practice, in most enterprises, it created a new problem: tool proliferation, inconsistent security models, and agents burning tokens trying to determine which of fifty available MCP tools to call for a given task.

API’s sit at inconsistent levels of abstraction, designed for human developers integrating systems, not for agents reasoning over them in real time.

CLIs are quietly gaining ground in agent architectures for a reason - they are composable, deterministic, text-native, and effectively unlimited in what they can do once an agent has shell access.

However, the real architectural need is not more endpoints to connect to. It is a single governed access layer between every AI surface and every enterprise data source, where authentication, scoping and observability live in one place rather than fifty.

What AI Enablement Actually Requires: Managing Enterprise Context

This is the most underrated, and arguably the most strategic issue. As intelligence itself becomes a commodity, every enterprise will rent it from whichever lab leads the benchmarks this quarter, and the leader will change.

What does not commoditize is the context layer that tells the model how your business works. Context is institutional memory, it is the schema relationships, the business logic, the permissioning model, the historical decisions, the unwritten explanation of why last quarter's numbers moved the way they did.

That context compounds over time and is specific to your organization. It determines output quality more than model choice does for nearly every enterprise task. The context layer is the AI-era equivalent of owning proprietary data in the last decade.

The default is to let the context live wherever the model lives embedded in a vendor's custom code, a forward-deployed engineer's institutional knowledge, or a model harness you do not control. Context that lives with the vendor is a switching cost you will pay every time the model leaderboard moves. Dumping everything an agent might need into the context window just makes it slower, more expensive, and more likely to hallucinate.

What AI Enablement Actually Requires:Managing Token Costs

Employees are increasingly token-maxxing, requiring new IT cost management strategies. In fact, LLM use bills are growing 7.2x YoY across heavy corporate users. The Uber CTO, Praveen Naga, recently commented that the company had run out of its full-year 2026 AI budget in just four months!

Token costs receive disproportionate attention because they are easy to measure, and they are not zero. Model right-sizing matters; not every task needs the frontier. Context discipline matters; caching, retrieval over context-stuffing, agent loop budgets, observability into spend per workflow, and eval-driven model selection are all real levers.

But the cost that quietly kills most pilots before they reach production is not the token bill. Most projects fail because of the sustained attention it demands of senior-engineering and IT leaders to stand up another stack, secure, integrate, govern and stabilize it through its first six months.

A CTO at a financial services firm said it to me bluntly recently: "It's not the cost. It's the attention cost." His benchmark for any AI investment was equivalent headcount avoided. If a tool saves enough developer effort to defer a $120,000-per-year hire, he will pay for it. If it doesn't, no amount of token-level efficiency will change his mind.

That is the ROI conversation IT leaders are actually having, and any framing of AI cost in terms of tokens is answering a question their audience has already moved past.

What AI Enablement Actually Requires: Data Governance

When most people hear "AI security," the conversation collapses immediately into identity. Identity does matter but it is a fraction of the surface that needs to be governed for an agent in production.

The questions IT actually needs answered for every agent deployment are sharper. Are the models training on our data, and is the no-train guarantee in writing? Can the models even see sensitive or PII data, or does that data stay in a privileged execution layer the LLM never touches? Are humans and agents both subject to identity passthrough, so they access only what they are entitled to?

What about the artifacts that an agent creates, such as dashboards, queries and reports? Do those inherit the permissions of the data underneath, or do they become a backdoor that exfiltrates data to users who should never have seen the source?

Is isolation per-session and per-agent, or is the workspace multi-tenant by default? Are logs retained, exportable, and audit-ready for the AI Council, the auditor, and the regulator? Most of this work is invisible in a slick AI agent demo, but this is what you need to run AI agents in production.

The Takeaway

Employees are already using AI in the enterprise, and the gap between companies that compound advantage versus those that get quietly hollowed out by shadow AI teams will be defined by deployment foundations, not model selection.

What good looks like is concrete enough to describe.

On integration, it looks like a single governed access layer between AI and enterprise data, not fifty MCP connectors competing for token budget.

On context, it looks like an institutional layer owned by the enterprise, compounding over time as a strategic asset, designed so that swapping models is a configuration change rather than a re-implementation.

On governance, it looks like sensitive data shielded from the model entirely, identity flowing through every call, artifacts inheriting source permissions.

On cost, it looks like discipline measured in attention saved and headcount avoided, with token efficiency as the floor rather than the ceiling.

The CIOs and CTOs who internalize that the model is the commodity and the deployment foundation is the durable asset will compound advantage through the rest of this decade. Those who continue to treat AI adoption as a procurement exercise that requires picking a vendor, signing a contract, hoping the engineers figure out the rest, will spend the decade rebuilding the same implementation every time the model leaderboard moves. The choice between bottleneck and bridge is one IT leaders get to make this year.