5 steps to secure your infrastructure in the frontier model era Enterprises must secure AI infrastructure with proven, enterprise-grade practices as the number of AI agents is expected to exceed one billion by 2029, according to IDC. The industry's focus on scale overlooks the infrastructure layer that determines security, resilience, and compliance for sensitive workloads. Organizations should adopt secure-by-design systems, ensure high availability, and assume continuous vulnerability discovery to withstand threats from frontier models. The industry conversation around AI infrastructure has narrowed to a single dimension: scale. The focus is on GPUs, power, cooling and the massive physical footprint required to train and run AI agents and models. At the same time, organizations are adjusting to the speed and scale with which AI is identifying vulnerabilities — which is much faster than remediation can be started. However, almost no one is talking about the infrastructure layer that actually determines whether AI workloads remain secure, resilient and compliant. This is the layer that runs the world’s most sensitive, regulated, high‑value workloads. Thankfully, it already has the guardrails needed for an era where vulnerabilities are discovered faster than ever. But are they being set correctly? With more than one billion AI agents expected by 2029 https://www.idc.com/resource-center/blog/agentic-ai-is-critical-infrastructure/ , organizations need a plan for their infrastructure layer to withstand threats from new frontier models, maintain uptime and protect data sovereignty. As they scale AI deployments, enterprises must secure the infrastructure AI depends on. These five steps outline what organizations can do now to strengthen their infrastructure posture using proven, enterprise‑grade practices for current and future threats. Infrastructure must be secure by design, not secured after deployment. The systems that have historically supported the world’s most critical workloads — from global payments to national‑scale operations — were built with this principle at their core. If you’ve already invested in systems designed for mission-critical workloads, you’ve checked this first box. Enterprise‑grade systems have been engineered with multilayered security controls, pervasive encryption, confidential computing and hardware‑level protections that make exploitation dramatically harder. A frontier model in the hands of a bad actor can chain weaknesses faster than humans can patch them — unless the underlying infrastructure is built to absorb and deflect that pressure. When I meet with clients, I often tell them what our own security teams operate under: we assume vulnerabilities will continue to be discovered and we design for that reality. That mindset is what separates infrastructure that survives frontier‑model pressure from infrastructure that collapses under it. These systems continue to evolve with predictive failure analysis and accelerated recovery, allowing systems to continue operating even during investigation and remediation. If your infrastructure fails, your workloads will too. These systems depend on uninterrupted access to data and compute, and even seconds of downtime can compound operational and security risk. Enterprise‑grade platforms deliver near‑continuous availability through redundant hardware paths and intelligent system recovery. The easiest fix? Ample resources and an up-to-date infrastructure foundation. Too often, a security problem is really an availability problem that turned into a security problem. When systems fall behind on maintenance, capacity or recovery readiness, they create the exact openings a frontier model can exploit. A delayed maintenance cycle or a recovery process that takes too long becomes the opening a frontier model can exploit. Resilience is not just about uptime. It is a security control. And this will not be the last time a frontier model tests the limits of that resilience. Data resilience is equally critical. Cyber‑resilient storage systems with immutable backups and rapid recovery capabilities ensure that critical data remains protected and available even after a cyber incident or disaster. The idea that you can prevent every vulnerability is outdated. The more realistic model is continuous discovery — finding, prioritizing and addressing issues faster than they can be exploited. Organizations must operate as if vulnerabilities will be found faster than ever. Instead of relying on static defenses, they should emphasize layered controls, rapid triage, continuous delivery of fixes and coordinated disclosure. Frontier models in the hands of bad actors can amplify security challenges by connecting vulnerabilities. They can chain misconfigurations, outdated components and privilege gaps into a viable attack route in minutes. And the more outdated or inconsistent an environment is, the easier that chaining becomes. Modern operational‑intelligence tooling helps them surface that risk, prioritize what matters and act before an attacker can exploit the gaps. These platforms help organizations understand where they are exposed, identify which maintenance issues carry the highest operational and security risk, and reduce the blind spots that frontier‑model attackers are increasingly adept at exploiting. It’s critical to assess how you manage your vulnerabilities. Internal processes should address severe vulnerabilities within hours, regardless of whether they are discovered by humans, traditional tooling or AI‑driven techniques. As AI accelerates vulnerability chaining, this posture maintains operational integrity and reduces exposure. Leading organizations are integrating AI‑driven threat detection directly into their infrastructure. On operating systems like z/OS, AI‑based analytics can identify anomalous and potentially malicious data access, reducing investigation time and limiting impact. Beyond detection, autonomous security models are emerging that continuously govern risk, investigate threats and enforce resilience across identities, data, applications, cloud and networks. Across the industry, we’re seeing the rise of autonomous security frameworks that use AI to assess posture, detect threats and harden controls without waiting for human intervention. Combined with modern AI‑accelerated processors, these capabilities allow threats to be analyzed and mitigated directly within the infrastructure itself. No organization can face frontier model threats alone. These risks require coordinated industry action. Frontier models give both good and bad actors the ability to analyze codebases, chain vulnerabilities and probe infrastructure at a scale that no single enterprise can counter on its own. Across the industry, coalitions are emerging to assess and remediate vulnerabilities discovered by frontier-class models and to help enterprises build AI resilience. Initiatives like Project Glasswing, Project QuiltWorks and the Frontier AI Alliance are examples of how providers, consultancies and security firms are beginning to coordinate their response to AI-accelerated threats. Organizations can also benefit from independent assessments that evaluate readiness for agentic-enabled threats and identify gaps across their infrastructure. These assessments help teams understand where they are exposed, how frontier models might chain those exposures together, and what actions will reduce the likelihood of a high-impact event. Participating in these programs is one of the most concrete steps enterprises can take today to strengthen their AI infrastructure posture. AI is accelerating both innovation and risk. The organizations that succeed will be those that build on resilient, secure infrastructure, prioritize uptime as a security control, operate with continuous discovery, use AI to defend AI and participate in the global response to frontier‑model threats. In the end, your ability to scale AI safely comes down to the infrastructure you trust to run it. This article is published as part of the Foundry Expert Contributor Network. Want to join?