A new report from F5 shows that most enterprises are running AI in production. The challenge now isn't adoption — it's management.
For years, organizations have been experimenting with AI. Testing it. Running proofs of concept. Building internal demos that never quite made it to production.
That era is over.
According to F5's 2026 State of Application Strategy Report, 78% of enterprises are now running AI inference as a core operational workload. That's not a pilot program. That's AI embedded in daily business operations — making decisions, routing traffic, and driving outcomes at scale.
And with that shift comes a set of problems most organizations didn't fully anticipate.
From Experimentation to Operations
The report surveyed more than 1,100 IT decision makers worldwide. The headline finding is clear: the AI conversation has moved from "should we?" to "how do we manage this at scale?"
Inference — running trained AI models to generate outputs — is now the dominant AI activity for 77% of respondents. Model training and tuning have largely taken a back seat. Organizations aren't just building AI anymore. They're operating it.
And they're operating a lot of it. The average enterprise now runs seven AI models in production simultaneously. Only 8% rely on a single model or provider. The rest are managing a portfolio of models spread across different vendors, use cases, and environments.
That's not a technology choice. According to the report, 90% of organizations use multiple models for technical reasons like API compatibility and failover, and 79% do so for business and strategic reasons like cost optimization and compliance. Nobody is running seven models because it's fun.
Complexity Is the New Normal
The infrastructure picture is equally complex. 93% of organizations are operating across multiple cloud environments, and 86% are running applications across on-premises, public cloud, and colocation environments.
Add AI workloads into that mix, and you've got a distributed system that needs the same architectural rigor as any other mission-critical infrastructure — routing, fallback logic, cost controls, security policies, and observability.
The report puts it plainly: AI inference is no longer a single endpoint. It behaves like a distributed system. And most organizations are still catching up to what that means.
Security Is Already a Problem
Here's a number worth paying attention to: 88% of respondents report having already encountered AI-related security issues.
This isn't a future risk. It's happening now. And as agentic AI enters the picture — autonomous systems that act on behalf of users and organizations — the security surface expands further.
The report found that 98% of organizations are already modifying their external-facing applications to work with AI agents. Nearly half are implementing identity-aware infrastructure to manage agent traffic. And 77% expect identity and access control to be a significant challenge as AI agents proliferate.
Traditional security models weren't built for this. When an AI agent takes an action, who is responsible? How do you audit it? How do you prevent privilege creep across dozens of automated workflows?
These aren't rhetorical questions. They're operational ones that teams are working through right now.
The Real Shift: AI as Infrastructure
Perhaps the most important takeaway from the F5 report isn't a statistic. It's a framing shift.
AI is no longer something you use. It's something you operate. And operating it requires the same governance, security, and delivery frameworks that enterprise teams have applied to applications for decades.
The report describes this transition directly: the focus has moved from choosing models to governing inference. Controlling inputs, managing prompt layers, enforcing policies, and observing outputs have become the highest-leverage activities — not model selection or training.
In short, inference is now an application delivery and security problem.
Organizations that get ahead of this — investing in observability, authentication, and unified control across every environment where AI runs — are the ones most likely to turn their AI investments into real business value. The ones that don't will find complexity and security risks compounding faster than their ability to manage them.
The lab phase is behind us. The operational phase is here.