Generative artificial intelligence has burst onto the business scene with the promise of radical transformation. However, behind the initial enthusiasm, a more complex reality emerges: there is a significant gap between what companies expect from service level agreements (SLAs) and what AI providers actually offer. This phenomenon, analyzed in depth by Gartner experts during the Data and Analytics conference in Sydney, reveals a gap that challenges corporate trust and demands a strategic review of contractual relationships.

The Origin of the Mismatch: Probabilistic Models vs. Deterministic Expectations

Arun Chandrasekaran, distinguished vice president analyst at Gartner, noted that enterprise customers are often "perplexed, surprised, or even astonished" to discover that AI contracts lack the usual guarantees found in traditional enterprise software. The root of the problem lies in the very nature of the technology: generative AI models are probabilistic, making it difficult to predict their behavior in real-world environments. As a result, providers limit their liability to calibrate their risk exposure, offering less protective SLAs in areas such as availability, legal liability, or data security.

This situation contrasts with the established standards of traditional SaaS providers, who have built solid contractual frameworks over decades. For companies looking to implement generative AI in their workflows, understanding these differences becomes critical to avoid unpleasant surprises.

The Economics of AI: From Cost per User to Token Consumption

The SLA debate extends to the economic realm. Chandrasekaran warned that AI costs are rising due to exponential growth in token usage and the shift toward consumption-based pricing models. A paradigmatic example is GitHub Copilot Pro, which moved from a per-user model to a token-based one as of June 1. This change creates uncertainty in organizations, which often lack tools to adequately measure token consumption and assess the impact on total cost of ownership over the long term.

The Gartner analyst clarified that, although SaaS is being disrupted by AI, its short-term impact may be overstated. SaaS providers retain advantages such as barriers to entry, business knowledge, and regulatory compliance, making them difficult to replace. However, the per-user or per-license pricing model is under pressure, especially with the rise of AI agents that autonomously orchestrate workflows. This drives the search for new monetization models, such as outcome-based or workflow-based ones, although large providers face the dilemma of cannibalizing their current revenue.

AI Maturity in Enterprises: A Still Nascent Path

Pieter den Hamer, vice president of AI research at Gartner, provided revealing data: only 17% of companies have reached an advanced level of AI maturity, with cross-business deployments. The remaining 51% are at a medium level, generating some value but struggling to demonstrate return on investment. Most still operate with isolated pilot projects and irregular governance models.

This immaturity is reflected in the lack of preparation to negotiate adequate SLAs. Companies, often conservative, are not willing to abandon existing SaaS ecosystems, but they need to adapt their strategies to integrate AI safely and cost-effectively. In this context, configuring secure VPNs and firewalls remains a necessary foundation, but AI cybersecurity requires a broader approach.

AI Literacy as an Antidote to Shadow AI

Den Hamer emphasized the importance of AI literacy to move toward responsible adoption. With the rise of shadow AI (unsupervised use of AI tools), companies must train their employees not only in the effective use of the technology but also in understanding risks and internal policies. Fostering critical thinking is essential to avoid over-reliance on systems whose behavior remains probabilistic.

The combination of weak SLAs, opaque pricing models, and limited organizational maturity creates a breeding ground for business frustration. However, it also opens opportunities for companies to adopt a more strategic approach, negotiating contracts that reflect their real needs and developing internal capabilities to measure the value and risk of AI.

Implications for the Technology Ecosystem

The gap between the promise and reality of AI affects not only large corporations. Tech SMEs, which often act as innovation engines, must also navigate this uncertain landscape. AMD's acquisition of MEXT for predictive memory optimization (see analysis) and the launch of AWS Context as a nuanced data lake for AI agents (read more) are examples of how the ecosystem is trying to close this gap by offering more robust and predictable infrastructures.

For cybersecurity professionals, ethical hacking and penetration testing become key tools to assess the security of AI systems, especially when SLAs do not adequately cover risks.

Original source: ComputerWorld. Analysis and adaptation by ForgeNEX.