Skip to main content
AP
ai

Looking Back at 2025: The Year AI Stopped Being Magic and Started Being Infrastructure

A defense consultant's personal take on how AI went from flashy demos to something you could actually build on—and what that means for the real world.

December 28, 20257 min read min read
Looking Back at 2025: The Year AI Stopped Being Magic and Started Being Infrastructure

Looking Back at 2025: The Year AI Stopped Being Magic and Started Being Infrastructure

Remember When AI Was Just a Party Trick?

I was sitting in a Pentagon briefing room this time last year, watching yet another demo of ChatGPT doing something impressive but ultimately useless for actual defense work. The room was full of skeptical colonels and program managers who'd seen this movie before—flashy tech that couldn't survive contact with reality.

Fast forward to today. I'm writing this from a coffee shop near Crystal City, having just come from a meeting where we discussed deploying AI agents to manage supply chain logistics for a Navy program. No one was talking about whether it would work. They were talking about timelines, security requirements, and integration details.

That shift—from "can we?" to "how do we?"—is what defined 2025.

January: The Day Everything Got Cheaper

I remember exactly where I was when DeepSeek-R1 dropped. I was prepping for a client call about AI infrastructure costs, trying to justify why they should pay premium prices for OpenAI's models. Then my phone started blowing up.

DeepSeek, a Chinese lab no one had heard of outside AI circles, released a model that matched OpenAI's best reasoning capabilities at 95% lower cost. Nvidia's stock tanked $600 billion in a day. The message was clear: the AI cost curve wasn't just bending—it snapped.

What this meant in practice: Suddenly, projects that didn't pencil out economically six months earlier became viable. I watched procurement conversations shift from "can we afford this?" to "which vendor gives us the best bang for the buck?"

The funny thing? DeepSeek used export-compliant H800 chips—the ones we thought would give American companies a moat. Turns out, clever architecture can compensate for hardware limitations faster than policy can adapt.

Spring: When Reasoning Became Real

Remember when "chain-of-thought" was just a research paper concept? By spring, it was something you could actually buy.

OpenAI's o1-Pro launched in late January, and for the first time, we had models that could actually think through problems step-by-step before answering. The price was eye-watering—15 cents per thousand tokens—but the capability was undeniable.

I was working with a Navy program office at the time, helping them decide whether to go all-in with OpenAI or hedge their bets. DeepSeek made that decision easier. Vendor lock-in suddenly felt like a real risk, not just theoretical.

Then Google dropped Gemini 2.5 Pro with 1 million token context in March. That wasn't just a benchmark flex—it changed how we thought about architecture. Projects that assumed complex retrieval systems could suddenly just "throw the whole thing in context."

The reality check: Processing a million tokens was still expensive. For most real-world use, retrieval remained more economical. But the ceiling had shifted, and that changed the conversation.

Summer: The Security Wake-Up Call

August brought Black Hat and DefCon, and with them, the security reality check the AI industry desperately needed.

Researchers demonstrated prompt injection attacks that actually worked against production systems. They showed how to extract models from deployed APIs. They poisoned fine-tuning pipelines and created backdoors that survived alignment training.

I watched the room change at a defense AI security briefing that week. Every CISO who'd been skeptical of "AI security theater" suddenly had ammunition. The conversation shifted from "should we deploy AI?" to "how do we deploy AI without getting hacked?"

The gap between commercial AI deployment speed and defense security requirements widened overnight. IL4/IL5 authorization timelines couldn't compress without accepting risks that no program manager would touch.

Fall: Agents Actually Start Working

September brought the Agentic Commerce Protocol from Stripe and OpenAI. On paper, it was just API integration. In practice, it was validation that major companies were betting on autonomous agents as primary interfaces, not just backend automation.

Then in November, Allianz Nemo went live—seven specialized AI agents processing insurance claims with an 80% reduction in processing time. This wasn't sci-fi. It was narrow, task-specific, heavily monitored automation that delivered measurable business value.

What I learned watching this unfold: Multi-agent systems worked best when each agent had a narrow, well-defined job. The magic wasn't in general intelligence—it was in coordination, handoffs, and knowing when to escalate to humans.

The Defense Reality: What Actually Worked

As someone who spent 2025 advising defense clients, here's what I saw actually ship:

What worked:

  • Software-defined capabilities with continuous deployment (finally!)
  • Edge AI for tactical decision support (within very narrow domains)
  • Audit readiness automation (boring but valuable)
  • Supply chain risk analysis (AI is good at finding patterns in chaos)

What still struggled:

  • Autonomous weapons platforms (policy constraints are real)
  • General-purpose AI assistants for classified work (security concerns won't go away)
  • Cross-domain AI solutions (accreditation is still a nightmare)
  • AI for strategic intelligence (trust and explainability remain hard problems)

The timeline gap: Commercial AI moves at venture speed. Defense AI moves at acquisition speed. That 12-36 month gap between capability demonstration and fielded system? Still there for most programs.

The Security Paradox

Here's the uncomfortable truth: The AI capabilities defense most needs require security clearances the best AI companies can't get and infrastructure most commercial vendors won't build.

I've sat in meetings where brilliant AI researchers from top companies couldn't get into the room because they lacked clearances. I've watched defense programs struggle to adopt commercial AI because the vendors wouldn't build air-gapped versions.

This paradox isn't going away in 2026.

What 2026 Probably Brings (My Best Guess)

Near-certain:

  • Further cost compression (sub-penny-per-million-token inference is coming)
  • Agent orchestration maturing (multi-agent systems become standard)
  • Reasoning models becoming the default (chat-style completions get relegated to simple queries)
  • Edge deployment accelerating (models small enough to run on tactical hardware become capable enough to matter)

Likely:

  • Model consolidation (the market can't support 20+ frontier model providers)
  • Defense AI funding surge (FY26 budgets reflect lessons from 2025)
  • AI security incidents (something will break publicly)
  • Governance frameworks becoming mandatory (enterprise buyers start requiring compliance)

Possible:

  • GPT-6 disappointing everyone (capability improvements plateau)
  • Chinese AI surpassing US in specific domains (they're investing heavily)
  • An agentic AI safety incident (an autonomous agent causes measurable harm)
  • The first AI-enabled defense system achieving Initial Operating Capability

The Bottom Line: Boring Is Good

2025 was the year AI transitioned from impressive technology to boring infrastructure. That's not an insult—it's the highest compliment I can give.

Boring means reliable. Boring means it works. Boring means you can build businesses and mission-critical systems on it.

The foundation model race isn't over, but it's no longer the only race that matters. Orchestration, governance, security, cost efficiency—these are where the real competition is shifting.

For enterprise buyers, this is excellent news. More capable models, lower costs, better tools, clearer governance frameworks. The barriers to AI deployment dropped significantly this year.

For defense applications, the picture is more nuanced. The capabilities are real and improving. But the security, trust, and verification requirements remain hard problems. The gap between what's technically possible and what's operationally deployable hasn't closed as fast as the capability curve improved.

2026 will be about making production AI better, not just making AI better. Reliability over capability. Integration over innovation. Boring over brilliant.

And for those of us building systems that real people depend on—whether it's managing supply chains or supporting warfighters—that's exactly what we need.

Thanks for reading. This is my annual attempt to make sense of a year that moved too fast for anyone to fully track. If you're deploying AI in defense or enterprise environments and want to compare notes, reach out. If you think I got something wrong, tell me—I'm always learning.

Here's to another year of building technology that actually works in the real world.

Share this article

Related Articles

Claude Opus 4.5: Premium Reasoning at One-Third the Cost

Anthropic's Opus 4.5 delivers reasoning capabilities competitive with GPT-5 and Gemini 2.5 Pro at significantly lower cost. Here's what that means for enterprise AI deployment.

Read article

The OpenAI Model Spec: First Enterprise-Grade Guardrails for Autonomous AI

Read article

GPT-5 Is Here: What the 'Largest Model Yet' Means for Your AI Strategy

OpenAI's GPT-5 launches with 45% fewer hallucinations and automatic complexity detection. Here's what enterprise leaders need to know about model selection, cost tradeoffs, and compliance implications.

Read article