Enterprises Admit: Most AI Agents Run at Half Capacity or Less
AI News Desk
·
VentureBeat
··
7 min read
Enterprise companies deploy AI agents without adequate controls, and 86% of GPUs run at half capacity or less.
Enterprise companies are running AI agents ahead of the controls needed to manage them — and they deployed that way knowingly. That is the central finding from VentureBeat Research's June survey of 573 technical leaders at companies with 100 or more employees, fielded across five parallel surveys of the agentic stack. Enterprises are now retrofitting to catch up with their own standards, and they are budgeting for it: Roughly six in 10 enterprises plan to switch or add vendors in each of five control layers within the next 12 months, and roughly a third — depending on the layer — plan to move within the quarter, the research finds.
There are five main layers where enterprises are building: identity for agents (which agent is allowed to do what, under whose credentials); evaluation of agent output (whether the work is any good); cost telemetry (what each agent costs to run); the context layer (the business data and definitions agents draw on to answer); and the orchestration control plane (the software that coordinates multi-step agent work). Enterprises are already paying the price for deploying agents ahead of adequate control functions. Fifty-four percent of companies had an agent security incident or near-miss caught before harm in the past 12 months.
Twenty-seven percent exercise only reactive control of agent spend — they learn what an agent costs when the invoice arrives, with no per-agent budget or ceiling in place. Here are the five findings that anchor the set — one finding per layer of the tech stack — and what the data suggests doing first in each. Expensive hardware is idle: 86% of GPU operators report utilization of 50% or less.
Eighty-six percent of enterprises that run their own GPUs report utilization of 50% or less. Wall Street has spent the quarter debating whether the AI buildout is overbuilt. This is buy-side measurement, from the enterprises doing the buying, and the research says the most expensive hardware in buildings of these enterprises runs at no more than half its capacity.
The measurement gap compounds it: A minority 44% rigorously track what their AI compute actually costs and returns. Everyone else is only estimating. And the enterprise shopping process continues regardless: 45% of these enterprises say the emerging compute option they are most likely to evaluate in the next 12 months is an AI-specialized cloud (CoreWeave, Lambda, Crusoe, Nebius).
However, under 2% of these enterprises report using one of these neoclouds today. Most deployed 'agents' do single-prompt work: 71% say a quarter or fewer complete multi-step tasks on their own. Seventy-one percent of enterprises say a quarter or fewer of their deployed 'agents' can complete multi-step work on their own; the rest are single-prompt chatbots.
Only 10% say true agents are the majority of what they run. To be sure, the respondents reported that they are in a position to know these things: 81% said they recommend or decide AI purchases at their companies. That finding — that most agents are actually just chatbots in trenchcoats — lands amid adoption claims across the industry running well ahead of what enterprises are actually running.
Gartner predicted 40% of enterprise applications will be integrated with task-specific AI agents by the end of 2026, up from less than 5% in 2025. It also warned that the most common misconception is referring to these AI assistants as agents, a misunderstanding known as 'agentwashing.' The data suggests that enterprises should measure the utilization and per-workload cost of the GPUs they already own before committing budget to new compute — whether that's an AI-specialized cloud contract, new accelerators, or more GPUs. 66% let agents push to production on automated evals alone — or are engineering toward it.
5% fully trust those evals. Two-thirds of enterprises fall into one of two camps: 34% already allow an AI agent to push a code or system change to production based on automated evaluation results alone, with no human reviewing it, and another 33% are actively engineering their pipelines to allow that within the next 12 months. Only five percent fully trust the automated evaluations that would make that decision.
The distrust is earned. Half of enterprises shipped an agent that passed internal evaluations and then caused a customer-facing failure in the past year; a quarter watched it happen more than once. Asked to name the biggest weakness in their current evaluations, more enterprises chose 'poor alignment with real-world outcomes' than any other answer — 29% of respondents.
And most of the checking happens before an agent ships, then stops. Once agents are live with real users, only 23% of enterprises run real-time quality checks on the answers those agents produce. Another 51% monitor system health only — uptime, request traces, and gateway logs — which tells them the agent is running, and nothing about whether its answers are right.
69% run credential sharing somewhere in the agent fleet — and those companies get hit far more often. Sixty-nine percent of companies allow agent credential sharing somewhere in their agent fleet during runtime – meaning multiple agents operating under one API key or service account. Those companies were far more likely to get hit: Organizations with credential sharing anywhere in the fleet experienced a security incident or near-miss at a 63.5% rate (47 of 74), against 40.9% (9 of 22) where every agent has its own scoped identity.
The takeaway for enterprises is this: Give every agent its own scoped identity, starting with the agents that touch production systems. 57% traced a confident, wrong agent answer to their own missing or inconsistent business context. Fifty-seven percent of enterprises traced at least one confident, wrong agent answer in the past six months to missing or inconsistent business context: wrong metrics, stale definitions, absent documents.
Most of them watched it happen more than once. The quarter where agent technology 'portability' became a priority. In our spring orchestration survey wave, the top concern about provider-controlled orchestration was security and permissioning limits (32%).
By June, vendor lock-in led at roughly a third, with security limits at 28%. Those are two snapshots one quarter apart, and here’s one possible explanation for why portability became a top issue for enterprises. The posture data matches the mood: 51% now expect their primary control plane for enterprise agents to be hybrid — provider-native plus external orchestration — by the end of 2026, up from 34% in the spring survey wave.
Enterprises reporting that they rely purely on provider-managed agent services fell from 12% to 7%. Five layers, no incumbents, 12 months. The synthesis across all five surveys reveals a huge 'buying' window.
In each of the five control layers, 57% to 64% of enterprises plan to switch or add vendors within 12 months — 64% in infrastructure and in evaluations, 59% in agent security, 57% in retrieval and context — and 26% to 38%, depending on the layer, plan to move within a quarter. No layer has an established incumbent: The most common evaluation tooling is the model provider's built-in evals, tied with no dedicated tooling at all (17% each); 82% of respondents name provider-native or hyperscaler controls as their primary agent security layer; and provider-native retrieval leads the context technology layer (RAG, etc) as well. Why this matters: The findings highlight a crucial mismatch between enterprise ambitions and AI agent deployment realities.
As companies rush to deploy AI agents, they're often doing so without the necessary controls in place, leading to idle hardware, security incidents, and unreliable performance. This situation presents both challenges and opportunities. For developers and businesses, there's a clear need to prioritize robust control mechanisms, such as scoped identities for agents, rigorous evaluation processes, and comprehensive cost telemetry.
For the broader industry, these findings underscore the importance of developing more sophisticated, enterprise-ready AI solutions that can handle complex tasks and provide transparent, measurable outcomes. As the market continues to evolve, one open question is how enterprises will balance the need for control with the desire for flexibility and portability in their AI deployments. Will they lean on provider-native solutions or seek out specialized vendors?
The answers will likely shape the future of AI adoption in the enterprise.