F5 Research Finds Most Enterprises Still Fall Short in AI Readiness, Face Security, Governance Issues That Block Scalability

F5, the global leader in delivering and securing every app and API, has unveiled its 2025 State of AI Application Strategy Report, revealing that only 2% of global organisations are highly ready to scale Artificial Intelligence (AI) securely across operations. The report compiles insights from 650 global IT leaders and additional research with 150 AI strategists, representing organisations with at least USED $200 million in annual revenue.

The F5 report unveils stark truths about the state of AI readiness for enterprises today and their ability to adapt at sufficient speeds to keep pace with new innovations. The most notable findings of the report reveal that while 77% of companies demonstrate moderate AI readiness, most lack robust governance and cross-cloud security, exposing them to risks. Meanwhile, 21% of companies fall into the low-readiness category, limiting their competitive edge as AI transforms industries.

F5’s research reveals trends illustrating the rapid expansion of AI use by today’s enterprises. All told, 70% of moderately ready organisations have generative AI in active use, and virtually everyone else is working on it. Additionally, 25% of apps, on average, use AI. Highly ready organisations typically use AI in a much higher percentage, with portfolio-wide saturation expected. Low-readiness organisations use AI in less than one-quarter of their apps, typically in siloed or experimental settings. Moderately ready organisations currently have AI present in about one-third of applications.

The report provides a snapshot of the latest trends in enterprises grappling with embracing AI. Nearly two-thirds of survey respondents (65%) use two or more paid models and at least one open-source model. The average organisation uses three models, and the use of multiple models correlates with deployment in more than one environment or location. The majority of models in use today are paid models such as GPT-4, but open-source alternatives are also popular. The top open-source models cited are Meta’s Llama variants, Mistral AI variants, and Google’s Gemma.

“As AI becomes core to business strategy, readiness requires more than experimentation—it demands security, scalability, and alignment,” said John Maddison, Chief Product and Corporate Marketing Officer at F5. “This report highlights actionable steps for organisations to operationalise AI with confidence. AI is already transforming security operations, but without mature governance and purpose-built protections, enterprises risk amplifying threats.”

F5 Identifies Cybersecurity Challenges in AI Adoption

The F5 report highlights critical cybersecurity concerns as organisations scale AI capabilities, revealing concerning trends about enterprises’ ability to tackle the complexity of securing AI workloads. Key cybersecurity trends identified in the report include:

• Organisations see AI as a viable cybersecurity asset: 71% of all respondents already use AI to augment security.
• AI-specific protections are lacking: Only 18% of moderately ready organisations have deployed an AI firewall, with 47% aiming to have done so within a year.
• Data governance weaknesses: Just 24% of organisations practice continuous data labelling, indicating reduced transparency and increased risks of adversarial attacks.
• Cross-cloud inconsistencies: Hybrid environments create governance gaps, leaving workflows and data exposed to vulnerabilities.
• Expanded attack surface:The use of diverse AI models exacerbates risks without proper control frameworks for open-source tools.

Recommendations to Improve AI Readiness

The report introduces the AI Readiness Index, a framework measuring six factors of operational maturity, including security and infrastructure alignment. F5 outlines key actions for enterprises to enhance AI scalability and security, including:

• Diversify AI models. Use both paid and open-source AI tools while improving governance to mitigate risks.
• Expand AI use across workflows. Move beyond pilots and embed AI in operations, analytics, and security for enterprise-wide transformation.
• Integrate AI-specific security. Deploy protections like AI firewalls and formalise data governance processes, including data labelling, to safeguard workflows.

Organisations with high AI readiness can scale effectively, mitigate risks, and leverage innovation strategically. Those without maturity frameworks face operational bottlenecks, compliance challenges, and stifled growth. The AI Readiness Index serves as a roadmap for enterprises to benchmark progress and implement actionable changes for secure scalability. Download the 2025 State of AI Application Strategy Report to benchmark your readiness, identify gaps, and accelerate secure AI scaling.