I recently spent some time reflecting on the announcements from Google Cloud Next 2026, as well as a series of vendor briefings and a handful of enterprise architecture engagements, where the same question kept coming up across different venues: once an organization has agents, who governs them? For two years, the enterprise AI conversation has been a conversation about models — whose is largest, whose is cheapest, whose context window stretches furthest. Virtually no one was talking about data and semantic context.
After getting some perspective, I was forced to consider that model obsession might have finally fizzled out under the grim reality of non-existent ontologies and limited to no semantic context for enterprise data. The interesting question is no longer which model an enterprise runs. It is who controls the connective context layer — the agentic control plane — that decides what those agents know, what they are allowed to do and who is accountable when a thousand of them are running at once. Whoever owns that layer owns the next decade of enterprise AI and judging by the “marketecture” of every major vendor at Next 2026, the industry has reached the same conclusion.
The urgency here is clearly not a slide-ware exercise. Gartner has reported an exponential surge in enterprise inquiries about multi-agent systems and predicts that 40% of enterprise applications will embed task-specific agents by the end of 2026, up from less than 5% a year earlier. Yet the same analysts deliver an equally important counterweight: Gartner also expects more than 40% of agentic AI projects to be canceled by the end of 2027, citing escalating cost, an expanded risk surface and governance that no one built in advance. The 2026 Gartner Hype Cycle for Agentic AI makes the diagnosis plain — governance, security and FinOps capabilities are proliferating precisely because enterprises are alarmed about accountability and control as agents grow more autonomous and interconnected. Exponential demand colliding with non-existent guardrails is the environment Google walked into. So, what is the path forward to a control plane an enterprise can actually trust?
I’m not ardent supporter of single-ecosystem architectures. That’s not the world we live in and interoperability has always prevailed as the final arbiter of truth. Beneath all the agent drama, however, Google’s message was fundamentally architectural. The company repositioned Gemini less as a standalone model and more as the connective and contextual tissue binding data systems, applications and agent runtimes, and assembled Big Query, Alloy DB, Spanner and its managed Spark service into a new category it calls the Agentic Data Cloud. As Constellation Research observed, the standardization of data on Apache Iceberg has put the data layer itself in play, and Google responded by stacking its assets into a cross-cloud lakehouse and a knowledge catalog, complete with migration tooling pointed squarely at Snowflake and Databricks.
Three pillars define the offering. The first is a federated data layer built on the principle of reach, not relocation. By integrating Cross-Cloud Interconnect directly into the data plane and pairing it with the Apache Iceberg REST Catalog, Google lets agents query data residing on AWS or Azure as though it were local, with no egress fees and extends bi-directional federation in preview to Databricks’ Unity Catalog, Snowflake’s Polaris and the AWS Glue Data Catalog, according to Google’s own technical briefings and independent analysis. Google data cloud managing director Yasmeen Ahmad summarized in Google’s Next ’26 announcement with characteristic economy: you don’t move the data, you connect it.
The second pillar is a semantic layer — the Knowledge Catalog, an evolution of Dataplex — which uses Gemini to tag assets, infer relationships and map business meaning so that agents are grounded rather than, as one analysis put it, fast but blind. Critically, its retrieval is permission-aware, meaning agents can only retrieve and act on assets they are explicitly authorized to see — a design choice that fuses context delivery and access control into a single operation. The third pillar is a build layer, the Data Agent Kit, which ships as portable skills, MCP tools and IDE extensions that drop into VS Code, Claude Code, Gemini CLI and Codex, deliberately declining to impose a new proprietary interface.
This is a credible and, to Google’s credit, a mostly real offering. A control plane, however, is a claim, not a feature, and the term deserves more focus and detail than vendors typically provide. An agentic control plane is not a product it is a semantically governed set of domain services and underlying structured and unstructured data. How we federate agentic access and data with intention and governance means everything.
A control plane governs how a system behaves rather than performing the work itself. For agents, a genuine control plane must deliver at least five functions, and an interoperable one must deliver them across vendor, model and cloud boundaries rather than only within a single domain or scope.
The first is identity. Agents are a new class of non-human actors, and an enterprise must be able to authenticate them and manage their actions. Microsoft’s competing Agent 365, unveiled at Ignite 2025, is built explicitly around a registry of which agents exist, plus access control and security — as an Ignite 2025 industry analysis noted, that identity is foundational. The second is context and semantics, the half of the problem the data clouds have collectively rushed toward. The third, and the most consistently underplayed, is action governance — control not merely over what an agent can read, but over what it can do: the writes, the state changes, the transactional operations. The fourth is observability and lifecycle management, the simulate-evaluate-monitor-optimize loop across an agent fleet, where Google’s integrated offering is, by most accounts, the most complete a hyperscaler has yet shipped. The fifth is economics; the reason so many projects are forecast to fail is partly cost, and FinOps for agentic AI is now an expressly named discipline on Gartner’s Hype Cycle.
Interoperability cuts across all five, and here the industry has done something genuinely impactful and useful: it has agreed on protocols. The Model Context Protocol, originated by Anthropic and since donated to the Linux Foundation under multi-vendor governance, standardizes how an agent connects to tools and data. The Agent2Agent protocol, originated by Google and likewise moved to the Linux Foundation, governs how agents discover and delegate to one another across organizational boundaries. Forrester predicts that 30% of enterprise app vendors will launch their own MCP servers in 2026, and Gartner’s Anushree Verma positions standardized protocols as the enabler of the seamless interoperability that, by 2028, will let networks of specialized agents collaborate dynamically across applications.
What is key here — and what enterprise leaders miss — is that open protocols deliver portable messages, not a portable control plane. Two agents can exchange tasks across clouds in A2A all day long, but identity, semantics, action governance, observability and cost remain platform functions. A2A and MCP have ensured that the communication protocol has been commoditized. The final frontier and the competitive moat is not the communication and access protocol, it is the semantic context and the business ontology
Google deserves real credit for embracing open standards where it counts. It adopted MCP across its own services, repositioned Apigee as an MCP bridge that turns any standard API into a governed agent tool and built its federation story on the open Iceberg REST Catalog rather than a proprietary format. Technology Business Research (TBR) characterized this as a meaningful strategic shift: a company historically defensive about keeping data inside BigQuery now signals that it cares less about where data physically resides than about ensuring Gemini is the semantic context layer generating value on top of it.
That repositioning is exactly the lock-in risk an enterprise must carefully consider, and two limitations matter significantly and deserve an architect’s attention. The first is that federation is not the same as unified control. In my view, TBR’s analysis is totally on point: The Knowledge Catalog addresses upper-stack governance but is not an operational catalog in the way that Databricks’ Unity Catalog, Snowflake’s Polaris and AWS Glue are — those systems govern the underlying Iceberg tables. Google reads into them; it does not replace them. The second is that the focus of lock-in has simply moved up the stack to the semantic context and ontology layers. Moor Insights & Strategy and others all have cautionary tales that exiting Google-managed semantics, Gemini agents or BigQuery abstractions may prove harder than migrating the data itself. The semantics and the orchestration are now the sticky layer. I think this is a logically coherent and impressive strategy, but for every gain, something is lost. That loss is exactly the moment where an enterprise either preserves its independence or succumbs to lock-in for convenience and expedience.
There is a maturity gap also worth mentioning here as well. One widely-circulated analysis of Next 2026 carried its verdict in the title — the agent stack is ready, the semantic engine isn’t — arguing that the Knowledge Catalog, however promising, is not yet the governed business-context layer a true enterprise operating system demands and remains more aspirational than operational. With much of the federation and catalog functionality still in preview, optimism is the right approach from my perspective, not “all-in” commitment.
The competitors are not building the same artifact, and the differences are instructive. The data-cloud catalogs — Databricks Unity Catalog, Snowflake Polaris and Cortex, AWS Glue, Microsoft Fabric — govern data and, increasingly, semantics; the entire field now accepts that agents need context, not merely access, as industry analysis of the field documents. Their structural limit is that catalog constraints are frequently informational rather than strictly enforced, and metric-oriented semantic layers model measures rather than actions or state changes. They excel at conversing with data and remain weaker at agents that act. The agent-management planes, exemplified by Microsoft’s Agent 365, approach the problem from fleet control — registry, identity, observability — and are excellent for organizations living inside Microsoft 365, bounded by that same dependence.
Palantir Foundry represents a genuinely different category. Where catalogs register tables and semantic layers define metrics, Foundry is built around an ontology that models entities, their typed relationships and the actions that can be taken against them — semantics in service of operational execution, not merely analytics. That distinction is the single most important idea for anyone designing an agentic control plane today. As Atlan frames it, a semantic layer hands agents governed metrics, which solves half the problem; agents that reason across domains and act need a knowledge-representation layer underneath — what things are, how they relate and what operations are possible. A control plane that governs reads but not writes, metrics but not actions, is fundamentally limiting for agents, and semi-autonomous action is the entire point. It is also worth noting, the semantic layer itself is now standardizing: the Open Semantic Interchange initiative, launched in late 2025 by Snowflake, dbt Labs, Salesforce and a coalition of partners under an Apache 2.0 license, finalized its v1.0 specification in early 2026. Just as MCP and A2A commoditized the agent communication protocols, OSI aims to commoditize semantic portability.
As always, the path forward is clear enough to state but extremely demanding to execute. An interoperable agentic control plane is not a product an enterprise purchases from a single vendor; it is an architecture it composes — open standards at the commoditized layers, owned assets at the differentiating one. Drawing on both the Next 2026 announcements and recent architectural engagements, I would urge leaders to prioritize four design commitments.
**First, standardize on open formats at the storage layer. **Apache Iceberg and its REST Catalog deliver genuine data portability, and this is the one element of Google’s model worth adopting wholesale, precisely because the broader industry already has. Second, standardize on open protocols at the agent layer— A2A between agents and MCP to tools and systems — so that a Gemini agent, a Claude agent and a partner’s agent can interoperate without any one of them owning the others. Third, own the semantic and ontology layer in the middle. Don’t just model metrics but entities, relationships and the typed actions agents may perform; this is what delivers semantic portability and keeps the vendor lock-in at bay and in the enterprise’s own hands rather than a vendor. Fourth, own the control-plane core components — identity, registry, observability and policy — so that governance remains independent of any single platform.
Any vendor relationship that requires managed semantics will make it intentionally harder to migrate data. The architectural response should never be to place those semantics in any single vendor’s control in the first place. Federation buys data portability; an owned ontology buys semantic portability; open protocols buy agent portability. Composed together, they close the gap that the analysts identified.
The vendors will continue to make the case that the control plane is a product. The analysts — Gartner on governance and failure rates, Forrester on protocol proliferation, TBR and Moor on the limits of federation — are collectively telling enterprise leaders something more useful: it is an architectural decision, and the organizations that treat it as one, that build adaptive governance before their agentic minions outpace them and that preserve the option to change their minds, will be the ones still in command of their AI a decade from now.
Google Cloud Next 2026 is a genuinely strong architecture, and there is no doubt that it is the most complete agentic control-plane offering any hyperscaler has yet shipped. It is also the clearest illustration to date of why no enterprise should outsource its control plane to anyone. The shift from owning models to owning the control plane is not just underway; for organizations serious about operating at the speed of an agent-driven business, it is inevitable. The winning move at this point is to show up with an architecture, not a purchase order.
This article was made possible by our partnership with the IASA Chief Architect Forum. The CAF’s purpose is to test, challenge and support the art and science of Business Technology Architecture and its evolution over time, as well as grow the influence and leadership of chief architects both inside and outside the profession. The CAF is a leadership community of the* IASA**, the leading non-profit professional association for business technology architects.*
This article is published as part of the Foundry Expert Contributor Network.Want to join?