AI adoption is booming but secure scaling not so much

96% of organizations are deploying AI models, and virtually no organization can move into the future without considering how ML and intelligent apps might soon affect its operations, according to F5. Only 2% of global organizations are highly ready to scale AI securely across operations.

The report compiles insights from 650 global IT leaders and additional research with 150 AI strategists, representing organizations with at least $200 million in annual revenue.

AI adoption outpaces governance

While 77% of companies demonstrate moderate AI readiness, most lack governance and cross-cloud security, exposing them to risks. Meanwhile, 21% of companies fall into the low-readiness category, limiting their competitive edge as AI transforms industries.

F5’s research reveals trends illustrating the expansion of AI use by enterprises. All told, 70% of moderately ready organizations have GenAI in active use, and virtually everyone else is working on it. Additionally, 25% of apps, on average, use AI.

Highly ready organizations typically use AI in a much higher percentage, with portfolio-wide saturation expected. Low-readiness organizations use AI in less than one-quarter of their apps, typically in siloed or experimental settings. Moderately ready organizations currently have AI present in about one-third of applications.

65% use two or more paid models and at least one open-source model. The average organization uses three models, and the use of multiple models correlates with deployment in more than one environment or location. The majority of models in use are paid models such as GPT-4, but open-source alternatives are also popular. The top open-source models cited are Meta’s Llama variants, Mistral AI variants, and Google’s Gemma.

“As AI becomes core to business strategy, readiness requires more than experimentation—it demands security, scalability, and alignment,” said John Maddison, Chief Product and Corporate Marketing Officer at F5. “AI is already transforming security operations, but without mature governance and purpose-built protections, enterprises risk amplifying threats.”

Enterprises lack frameworks to secure open-source AI models

Only 18% of moderately ready organizations have deployed an AI firewall, with 47% aiming to have done so within a year. Just 24% of organizations practice continuous data labeling, indicating reduced transparency and increased risks of adversarial attacks.

Hybrid environments create governance gaps, leaving workflows and data exposed to vulnerabilities. The use of diverse AI models increase risks without proper control frameworks for open-source tools.

F5 outlines key actions for enterprises to enhance AI scalability and security, including:

• Diversify AI models: Use both paid and open-source AI tools while improving governance to mitigate risks.
• Expand AI use across workflows: Move beyond pilots and embed AI in operations, analytics, and security for enterprise-wide transformation.
• Integrate AI-specific security: Deploy protections like AI firewalls and formalize data governance processes, including data labeling, to safeguard workflows.

Organizations with high AI readiness can scale effectively, mitigate risks, and leverage innovation strategically. Those without maturity frameworks face operational bottlenecks, compliance challenges, and stifled growth.