AI has moved decisively out of the lab and into enterprise operations, with F5’s latest State of Application Strategy Report showing that 78% of organisations now run AI inference themselves as a core workload. The findings suggest that control, governance and resilience are becoming as important as model quality in the next phase of AI adoption.
F5’s 2026 survey of enterprise IT and security leaders shows that AI is no longer being treated as a side experiment. Organisations are now running an average of seven AI models in production, while 77% say inference has become their dominant AI activity, overtaking model training.
That shift matters because inference is where AI delivers business value, turning trained models into live decisions, responses and recommendations.
“AI has moved from experimentation to operations,” said Kunal Anand, chief product officer at F5. “AI inference is becoming core to the business, which means AI delivery is now a traffic management challenge, and AI security is now a governance and control challenge.”
Hybrid multicloud is the default
The report also underlines how complex enterprise deployment has become. F5 says 93% of organisations operate across multiple clouds, while 86% distribute applications across hybrid multicloud environments.
In practice, that means AI workloads are being routed across on-premises systems, public cloud and colocation facilities, with teams needing stronger policy controls, fallback options and observability to keep performance stable.
Only 8% of organisations rely exclusively on public AI services, which suggests most enterprises prefer a mixed model that gives them more control over cost, accuracy and availability.
F5 argues that this diversified approach is now the norm, not the exception, as businesses look to reduce dependence on a single provider or architecture.
Security moves up the stack
Security is emerging as one of the defining challenges of production AI. F5 found that 88% of organisations have already faced AI-related security issues, while 98% are preparing for agentic AI systems that require identities, permissions and guardrails similar to those used for human users.
That shifts the control plane towards prompts, tokens and APIs, rather than only traditional infrastructure layers.
The report also says nearly 29% of organisations now see prompt layers as the primary delivery mechanism, with 23% prioritising token layers for delivery and security. This indicates that AI governance is becoming embedded deeper in application design, especially as enterprises seek to balance cost, speed and safety.
Why this matters
The broader market context supports F5’s view that inference is becoming the operational centre of AI. Help Net Security reported that enterprises are increasingly bringing inference in-house, mirroring the same 78% figure cited by F5.
Separately, the Cloud Security Alliance has warned that 2026 will be a year when agentic AI, not just large models, becomes the main security concern for enterprise defenders.
The report is clear: AI maturity is now a test of operational discipline, and the winners will be those that can deliver AI securely, reliably and at scale.
