Your AI foundation should be designed for your fourth use case, not your first
An AI team builds a promising proof of concept. It works. A second use case follows. Leadership gets excited. And then someone asks the question that stalls everything: how do we turn this into a platform we can actually manage?
That question usually lands on IT’s desk months after the first use case was already running. The AI team moved fast. Now IT needs to figure out security, compliance, scalability, and integration, all at once, for applications they weren’t involved in designing.
In episode 8 of the MDCS.AI podcast series, The Right Fit, Jara Osterfeld (AI Solutions Engineer, Cisco) and Remco van der Horst (Strategic AI Consultant, Devoteam) unpack why this gap between use case and platform is where most enterprises lose momentum. And why closing it requires two things most teams underestimate: a shared vocabulary for infrastructure decisions, and security built into the foundation from day one.
Two hundred parameters and no shared language
Most organizations don’t start from a blank canvas. Existing systems, existing policies, existing teams. AI doesn’t replace any of that. It lands on top of it, and that makes every infrastructure choice more complex.
Jara Osterfeld sees the pattern play out. A team builds a first use case, maybe even a first AI agent. The proof of concept delivers results. Then comes the next question: how do I scale this to more users, more use cases, and a platform I can manage, monitor, and keep compliant?
“You have so many choices to make, not just in the use case but also in the infrastructure, that it often becomes overwhelming.” – Jara Osterfeld
Remco van der Horst adds the business perspective. The two biggest blockers he encounters are the sheer volume of decisions and the fear of making the wrong one. Data sovereignty, process ownership, compliance risk. Teams know they need to move, but the number of parameters freezes them in place.
And there’s a timing problem. AI use cases often get developed behind the scenes by business teams. By the time IT is brought in to build a secure, manageable platform, the expectations are already set and the pressure is on. That misalignment between build speed and platform readiness is where delays start.
Boxes that give teams a vocabulary
The Right Fit approach tackles this head-on. Instead of asking enterprises to navigate hundreds of parameters, it offers a set of standardized infrastructure options mapped to workload types. Remco calls them “boxes” that people can actually talk about.
“You suddenly have a vocabulary.” – Remco van der Horst
A knowledge management system that retrieves internal documents needs a different foundation than a customer-facing chatbot serving thousands of users. By connecting use case profiles to pre-validated infrastructure configurations, teams stop debating individual specs and start making decisions together.
That shared vocabulary is what finally bridges the gap between AI teams, IT, and leadership. Instead of three groups using different terminology and different assumptions about what “ready” means, everyone points at the same set of options. Decisions that took months of back-and-forth now take weeks.
And Right Fit doesn’t mean choosing the biggest configuration available. As the podcast title suggests, it’s about fit, not size. You choose what matches your workload, your users, your compliance requirements, and your growth ambition. The fit will change as your organization evolves. A good foundation accommodates that change without requiring you to start over.
Security added later is security added too late
Here is where most AI infrastructure plans develop a crack. The first use case works. The platform grows. Someone adds a second agent, a third. And then the question surfaces: wait, how is all of this secured?
Remco puts it bluntly: the moment you try to add security after the fact, you already know you’re too late. And the problem only compounds. Organizations can already see that AI won’t stay small. Every use case added to a foundation without embedded security multiplies the rework, the risk, and the delay.
At a recent industry roundtable, Niels van Rees shared a telling example. A company discovered that the CEO’s salary had been uploaded to their internal AI system without proper data classification. The information was findable through the company’s internal chatbot, accessible to anyone who asked the right question. That’s what happens when data governance isn’t part of the AI foundation from the start.
Jara explains how Cisco approaches this. Security sits at every layer of the Cisco Secure AI Factory stack. It’s designed in, covering container security, network enforcement, guardrails on AI outputs, and identity policies for both users and agents. When you onboard your second, third, or fourth AI agent, you don’t start the security conversation from scratch each time. The foundation already handles it.
Right Fit plus security means fewer restarts
These two ideas reinforce each other.
Right Fit gives teams speed and clarity. It removes the paralysis of too many parameters. Security-by-design prevents each new use case from becoming a fresh infrastructure project that needs to be secured from the ground up.
Together, they make platforming predictable. You build on a foundation designed for growth instead of rebuilding every time the scope expands. Jara describes the philosophy: start with a platform that fits your first use cases, but think about where you’re heading. You don’t need 500 GPUs on day one. But your starting platform should be able to carry what comes next without retrofitting security or re-architecting the stack.
And what comes next should be auditable. Provable control, the ability to demonstrate compliance to anyone who asks, is becoming a baseline requirement for enterprise AI. A foundation built on validated, pre-integrated components makes that audit trail possible from day one. A patchwork of separately purchased components makes it a moving target.
Six questions to test your AI foundation
Before committing to infrastructure, six questions can cut through the complexity and help your AI team, IT, and leadership align:
- Which one or two use cases should reach production first, and why do they deliver the most organizational value?
- What growth do you expect in users, use cases, and agents within the next six to twelve months?
- Which policies need to be demonstrably enforced from day one? Think data classification, identity management, and regulatory compliance.
- What guardrails and “in control” requirements does the business need before AI goes into production?
- What do you need to be able to audit or prove if someone asks tomorrow? Documented intentions don’t count. Provable control does.
- Who owns the AI foundation, and how do you prevent IT from being brought in after the platform is already expected to work?
These questions aren’t technical deep dives. They’re designed to align teams around what the foundation needs to do before anyone selects a product or vendor.
If your AI ambitions keep growing but your decisions keep getting harder, that’s usually a sign you don’t need more hardware. You need a Right Fit foundation. We’re happy to think through your specific situation.
This blog is based on the MDCS.AI podcast episode “The Right Fit,” featuring Jara Osterfeld (Cisco) and Remco van der Horst (Devoteam).
Planning your next phase of AI infrastructure? Let’s talk about what sustainable scaling looks like for your situation.
