Only 11% of organizations are running agentic systems in production. That gap between strategy decks and working systems has a specific shape: "agent-ready" is three infrastructure problems stacked on top of each other, where each layer constrains everything above it. Teams that ship agent systems and teams that just announce agent strategies tend to diverge at these seams. And the divergence usually starts at the bottom.

Model capability has outrun data accessibility. That's the bluntest way to describe the foundational layer. Deloitte's research found that 48% cite searchability and 47% cite reusability as barriers to their AI automation strategies. Data teams have fought these problems for years. An agent checking inventory against pricing rules against compliance constraints needs structured, machine-consumable data from three different places simultaneously. Most organizational data lives in ETL pipelines and warehouses designed for human analysts running scheduled queries. Agents just made the cost of not fixing it impossible to route around.

This matters for everything that follows, because the next layer up, connectivity, is getting standardized fast. The Model Context Protocol now has 97 million monthly SDK downloads and adoption by ChatGPT, Gemini, Copilot, and VS Code. Its November 2025 spec added OAuth 2.1 authorization, server discovery, and structured annotations describing whether a tool can modify data. MCP solves a real problem cleanly: how agents discover and invoke tools across systems.

The stacking matters, though. Wire up MCP servers to systems whose underlying data isn't structured for machine consumption, and you've built a beautifully standardized pipe to a dry well. And even when data flows, the MCP spec itself is explicit about where its responsibility ends: implementors should build their own consent flows, access controls, and data protections. MCP standardizes the interface. It does not enforce permissions or govern data once it crosses into a host application's context.

The top layer, orchestration, is where the recent framework shakeout gets interesting. Microsoft merged AutoGen and Semantic Kernel into a unified Agent Framework, putting AutoGen into maintenance mode. LangGraph settled into durable, stateful orchestration for long-running workflows, now in production at companies like Klarna, Uber, and LinkedIn. LangChain itself directs developers to LangGraph for agents.

The features that survived consolidation tell you what production requires: durability, state management, human-in-the-loop checkpoints. An agent workflow without checkpointing that fails at step fourteen of twenty restarts from scratch, or worse, fails silently and produces partial results that look complete. At scale, that's a reliability cliff that makes the whole system untrustable. The frameworks that didn't solve for this got absorbed or archived.

Orchestration sophistication still depends on the layers beneath it being solid. BNY's path is instructive: before enabling 20,000 employees to build agents through their Eliza platform, they spent years constructing custom orchestration infrastructure, an internal AI supercomputer, and a model-risk review process demanding interpretable output from every deployment. They built from the bottom up.

The observable pattern in the market runs the other direction. Framework adoption is surging, MCP servers are proliferating, and nearly half of organizations still can't make their own data searchable. Teams are investing in orchestration and connectivity before the data those layers depend on is machine-consumable. Knowing which layer you're actually stuck on is worth more than any strategy slide about what agents will eventually do.