HyperFRAME Lens Research 2
State of the
Enterprise Infrastructure & Operations
1H 2026
Primary Research · June 2026
01
Research Overview
The HyperFRAME Research Lens: State of Enterprise Infrastructure & Operations is primary research illuminating how enterprises plan, deploy, secure, and scale the systems that underpin modern business. It's based on a global study of 520 enterprise I&O leaders across North America, EMEA, APAC, and South/Central America. The study benchmarks Infrastructure & Operations maturity across cloud strategy, compute modernization, cyber-resilience, observability, talent, and AI readiness. Published as open research updated every six months, the Lens establishes a foundational baseline for tracking how enterprise priorities, risks, and execution realities evolve over time — and serves as a companion to the State of the Enterprise AI Stack, reflecting the growing interdependence between infrastructure strategy and AI readiness.
Key Highlights
-
72%
rank security as the #1 barrier to scaling infrastructure, yet only 30% feel very confident in recovery speed after a cyber-attack or loss of cloud-based data.
-
55%
rely on hybrid cloud models, but only 23% of compute workloads are actually processed in hybrid environments — a clear intent-to-execution gap.
-
79%
of public/hybrid enterprises use multiple cloud providers, including 27% running four or more — a potential sign of architectural sprawl and operational complexity.
-
40%
are Mass Adopters who require validated business cases and proven ROI before investing — discipline now tempers the innovation rush.
-
37%
face a significant Kubernetes skills gap, and 49% struggle to find staff with both technical and legal AI expertise — a talent wall slowing progress.
-
84%
report that AI deployment has consumed more budget and operational resources than originally planned, straining I&O readiness.
Enterprise infrastructure is undergoing a period of profound disruption as organizations confront the combined pressures of cloud adoption, escalating cybersecurity threats, rising operational complexity, global data governance requirements, and the resource-intensive demands of enterprise AI. These forces are reshaping how Infrastructure & Operations (I&O) teams plan, deploy, secure, and scale the systems that underpin modern business.
At a time when execution speed and architectural integrity are becoming competitive differentiators, I&O decisions increasingly determine the success, resilience, and velocity of both technology initiatives and the enterprise itself. This report provides an empirical view into how organizations are navigating this transition, prioritizing investments, and confronting the constraints that continue to slow progress.
This 1 HyperFRAME Research Lens on the State of Enterprise Infrastructure & Operations provides a comprehensive analysis of the I&O landscape, including:
- Infrastructure, Cloud & Networking: The prevalence of hybrid and multi-cloud architectures, the push toward unified management platforms, and the rise of SDN.
- Compute & Mainframe Strategy: Workload distribution across public, private, and hybrid clouds, virtualization trends, container adoption, and mainframe AI readiness.
- Storage, Cyber-resilience & Security: Why security leads every priority, the confidence gap in recovery, and the rise of immutable backups and SaaS data protection.
- Observability & Operational Maturity: Pervasive tool fragmentation, alert fatigue, and the slow march toward AIOps and unified monitoring.
- Talent & Vendor Strategy: The acute Kubernetes and network/security skills gaps, plus the shift from custom builds toward commercial off-the-shelf software.
- AI Adoption & Governance: Budget overruns from AI deployment, regulatory readiness across the EU AI Act and beyond, and the talent barriers constraining competitive AI advantage.
Study Profile
To ensure findings reflect real-world constraints rather than vendor-led narratives, this study reflects perspectives across a diverse mix of organizations and regions:
- Total Respondents520 qualified I&O leaders
- Organizational ProfileUnder 1,000 to more than 50,000 employees
- Geographic MixEMEA (26%), North America (25%), APAC (25%), South/Central America (24%)
- Key Stakeholder Roles25% Strategic Owners, 25% Decision Leads, 23% Technical Sponsors
- Functional ConcentrationIT (30%), Operations (28%), Information Security (20%)
Figure 3a: Most Significant Challenges to Deploying & Scaling IT Infrastructure
Figure 7 & 8: IT Budget Allocation for I&O Software — Today vs. Next 12–24 Months
Figure 17: Organizational Concern Levels for Types of Security Threats
02
HyperFRAME Research Lens: Enterprise Infrastructure & Operations 1 Raw Data
Welcome to the data-first view of the State of Enterprise Infrastructure & Operations. This section is designed for architects, researchers, and strategic planners who require the raw empirical evidence behind our analysis. Below are the foundational metrics covering cloud and compute strategy, budget, cyber-resilience, observability, talent, vendor strategy, and AI governance readiness.
If you'd like to discuss this data further, please contact us.
Which of the following best describes your organization’s overall approach to adopting new technologies?
- Mass Market Adopter (proven business value)40%
- Early Adopter (calculated risks)22%
- Late Adopter (deploy to remain competitive)18%
- Innovator (always first to deploy)11%
- Laggard (low cost, no risk)10%
How would you describe your current IT infrastructure model?
- Hybrid Cloud (mix of private/on-premises and public cloud)55%
- Primarily Public Cloud (off-premises, cloud-native)25%
- Primarily Private Cloud (on-premises, traditional data center)20%
(If using Public/Hybrid Cloud) How would you describe your current use of multiple cloud providers?
- We use 2–3 public cloud providers52%
- We use 4 or more public cloud providers27%
- We use one primary public cloud provider21%
How significant a challenge to deploying and scaling your IT infrastructure are each of the following?
- Security and compliance72%
- Cost management and optimization60%
- Operational complexity52%
- Lack of talent / skills gap46%
- Legacy technology or infrastructure45%
- Scalability and elasticity34%
Percentage rating each factor a “Very significant” challenge.
Which challenge to deploying and scaling your IT infrastructure would you consider the most significant and/or difficult to overcome?
- Security and compliance31%
- Cost management and optimization19%
- Operational complexity and tool sprawl18%
- Lack of talent / skills gap14%
- Scalability and elasticity10%
- Legacy technology or infrastructure8%
Which of the following best describes your organization’s approach to networking?
- Software-Defined Networking (SDN)35%
- We rely on public cloud provider networking25%
- Traditional, on-premises networking24%
- SASE (Secure Access Service Edge) model16%
Which of the following best describes how your organization currently manages your compute, storage, and network resources?
- Single unified platform (but still rely on other tools)45%
- Multiple platforms (plan to migrate to a single platform)27%
- Single unified platform (no other stand-alone tools)16%
- Multiple platforms (and plan to stay that way)12%
How important is a unified, streamlined management platform for your compute, storage, and network resources?
- Critically or very important52%
- Somewhat important38%
- Not important10%
Please estimate what percentage of your overall IT budget is currently allocated to infrastructure and operations software?
- 20–29%28%
- 10–19%24%
- 30–39%15%
- 40–49%11%
- Less than 10%10%
- 50–59%6%
- 60–69%4%
- 70–79%2%
- 80–89%1%
Thinking ahead, please estimate what percentage of your overall IT budget will be allocated to infrastructure and operations software over the coming 12–24 months?
- 20–29%30%
- 30–39%25%
- 10–19%15%
- 40–49%13%
- 50–59%8%
- Less than 10%4%
- 60–69%3%
- 70–79%2%
- 80–89%1%
What percentage of your data compute workload is currently processed in each of the following cloud environments?
- Public Cloud48%
- Private Cloud30%
- Hybrid Cloud23%
What is the approximate percentage breakdown of your current compute workloads?
- Virtual Machines (VMs)40%
- Containers (Docker, Kubernetes)28%
- Bare Metal / Physical Servers15%
- Serverless (AWS Lambda, Azure Functions)12%
- Other5%
How has your investment in virtualization technology changed over the past 12 months?
- Remained stable33%
- Somewhat increased29%
- Significantly increased22%
- Somewhat decreased11%
- Significantly decreased5%
How do you anticipate your investment in virtualization technology will change over the coming 12–24 months?
- Somewhat increase37%
- Remain stable30%
- Significantly increase20%
- Somewhat decrease10%
- Significantly decrease3%
What is the primary reason or driver for your organization’s adoption of containers and Kubernetes?
- Increased developer velocity / CI/CD30%
- Better resource utilization and cost savings25%
- Application portability across environments23%
- Improved resilience and availability16%
- We are not using containers or Kubernetes in production7%
Does your organization currently utilize mainframe systems as part of your overall compute strategy?
- Yes52%
- No33%
- Unsure15%
“Our existing mainframe environment provides all the necessary infrastructure and tooling to support our organization’s AI strategy” — how much do you agree?
- Strongly agree33%
- Somewhat or moderately agree31%
- Neither agree nor disagree22%
- Somewhat disagree10%
- Strongly disagree5%
Which of the following best describes your organization’s long-term strategic vision for mainframe use over the coming 3–5 years?
- Core component — actively modernizing apps and integrating cloud-native services51%
- Stable legacy platform — maintain but not invest in new systems24%
- Specialized tool for select high-volume transactional tasks11%
- Technical debt to be retired — migrate workloads to cloud9%
- Unsure5%
How important are the following in determining your organization’s storage strategy over the next 24 months?
- Data security and governance62%
- Performance (low latency, high throughput)53%
- Cyber-resilience (immutability, ransomware/disaster recovery)52%
- Scalability across on-premises, cloud, and hybrid49%
- Total cost of ownership48%
- Regulatory / Compliance39%
Percentage rating each factor “Critically or very important.”
Which would you consider the most important or primary driver for your organization’s storage strategy over the next 24 months?
- Data security and governance25%
- Performance (low latency, high throughput)20%
- Cyber-resilience (immutability, ransomware recovery)19%
- Total cost of ownership18%
- Scalability across environments11%
- Regulatory / Compliance7%
How confident are you in your organization’s ability to recover from a major cyber-attack or loss of cloud-based data with minimal downtime?
- Moderately or somewhat confident53%
- Very confident30%
- Not very or not at all confident17%
Please rate your organization’s level of concern regarding the following types of security threats.
- External hacks56%
- Unpatched software53%
- Misconfigured software46%
- Outdated software45%
- Internal or employee hacks38%
- 3rd-party cloud providers37%
- Shadow software or data33%
- Hardware or BIOS attacks28%
Percentage reporting they are “Very concerned” about each threat.
Which of the following best describes your approach to managing storage, backup and recovery?
- Multiple platforms/tools (from multiple vendors/providers)41%
- Single platform/tool (from a single vendor/provider)26%
- Multiple platforms/tools (but migrate towards a single vendor over time)23%
- Not sure / still evaluating10%
Thinking about the next 24 months, what is your organization’s primary approach to using or managing storage, backup and cyber recovery?
- Self-manage using remotely-hosted (cloud/SaaS) platforms43%
- Self-manage using locally-hosted platforms31%
- Rely on a 3rd-party provider (MSP / managed service)18%
- Not sure / still evaluating8%
How important is the use of immutable backups for SaaS applications to your organization’s data resilience strategy?
- Critically or very important56%
- Somewhat important34%
- Not important10%
Which SaaS applications does your organization currently use, and how are they backed up?
- Microsoft 365 (Teams, Exchange, OneDrive)95%
- Entra ID (Azure AD) / Identity Data89%
- Salesforce (CRM, Sandbox, Health Cloud)82%
Frequency of deployment among respondents (not breadth). 10–15% of users across all apps are “unsure” how their data is backed up.
Thinking ahead 12–24 months, which SaaS applications do you plan to use, and how will they be backed up?
- Microsoft 36541%
- ServiceNow (ITSM, Workflows)39%
- Salesforce37%
- Google Workspace (Drive, Gmail)35%
- Atlassian (Jira, Confluence)31%
- Entra ID (Azure AD)31%
- Microsoft Dynamics 36530%
- GitHub / GitLab27%
Percentage planning a “both native and immutable” protection model — the emerging dominant strategy.
How would you describe your organization’s primary approach to monitoring and observability today?
- Multiple (2–3) stand-alone platforms/tools46%
- Multiple (4–5) stand-alone platforms/tools25%
- Single unified 3rd-party platform/tool15%
- Multiple (6 or more) stand-alone platforms/tools8%
- Native monitoring (in-app) platform/tools5%
- We are not actively monitoring our systems1%
How well-integrated are your observability tools with your CI/CD and deployment workflows?
- Somewhat integrated44%
- Very integrated29%
- No integration at all (but we plan to)22%
- No integration (no plan to integrate)5%
How significant a pain point are the following for your IT teams when responding to an outage or performance issue?
- Lack of visibility / difficulty identifying root cause45%
- Manual, time-consuming troubleshooting39%
- Alert fatigue and false positives37%
- Lack of skill33%
- Lack of collaboration between teams32%
- Conflicting priorities (or management guidance)30%
- Access to cloud provider support team23%
Percentage rating each pain point “Very significant.”
Which of the following pain points is the most significant when responding to an outage or performance issue?
- Alert fatigue and false positives26%
- Lack of visibility / root cause19%
- Manual, time-consuming troubleshooting17%
- Lack of skills (internal)17%
- Lack of collaboration between teams11%
- Access to cloud provider support team6%
- Conflicting priorities (or management guidance)3%
To what extent does your organization use AI for IT Operations (AIOps)?
- Exploring AIOps, but not yet adopted33%
- Piloting or using AIOps for specific use cases31%
- Fully implemented AIOps for key functions21%
- No current plans to use AIOps15%
Which best describes your organization’s use of AI technologies (AIOps) for suggesting and automating next best actions in operational settings?
- Currently in operational use (select or limited use cases)41%
- Planned/evaluating for deployment within 6–12 months25%
- Currently in operational use (multiple use cases)15%
- Planned/evaluating within 12–24 months11%
- No current plans to deploy5%
- Planned/evaluating beyond 24 months3%
How significant a skills gap does your organization face in each of the following?
- Kubernetes and container orchestration37%
- Observability and data analysis35%
- Network and security expertise34%
- Cloud platform32%
- Automation and DevOps practices30%
- Legacy management systems29%
- Legacy technology systems27%
- Mainframe System24%
Percentage reporting a “Significant skills gap” in each area.
Which of the following skills gaps would you consider the most significant or challenging to overcome?
- Network and security expertise33%
- Automation and DevOps practices26%
- Cloud platform25%
- Kubernetes and container orchestration23%
- Observability and data analysis23%
- Legacy management systems14%
- Legacy technology systems9%
- Mainframe systems4%
How significant are the following in influencing decisions on infrastructure procurement and/or vendor selection?
- Cost, ROI, and TCO52%
- Support for and connectivity to other platforms49%
- Software lock-in40%
- Support contracts38%
- Support for AI capabilities and acceleration36%
- Hardware lock-in34%
- Vendor vision and roadmap33%
Percentage rating each factor “Very significant.”
Which of the following best describes your organization’s approach to managing your IT infrastructure?
- Even mix of 3rd-party (managed) providers and internal teams29%
- Primarily 3rd-party providers with some internal support24%
- Primarily internal teams with some 3rd-party support21%
- Exclusively 3rd-party (managed) providers (no internal team)13%
- Internal teams only (no 3rd-party providers)12%
Please rank the most to least common type of software currently deployed within your organization’s IT infrastructure.
- Proprietary solutions (custom or internally developed)49%
- Open source solutions36%
- Commercial off-the-Shelf solutions (COTS)15%
Percentage ranking each type as the #1 most commonly deployed (Rank 1).
How widely deployed do you expect COTS, Open Source, or Proprietary software to be within 12–24 months from now?
- Commercial off-the-Shelf solutions (COTS)49%
- Open source solutions37%
- Proprietary solutions (custom or internally developed)23%
Percentage expecting each type to be the “Most widely deployed.”
Please state if you agree or disagree with the following on the impact of AI on IT budgets, implementations and/or innovation.
- AI deployment has consumed more budget/resources than expected39%
- Our I&O infra was not designed for current AI regulations & data privacy laws37%
- Increasing on-prem/localized processing to comply with sovereignty mandates33%
- Moved away from ‘black-box’ models toward explainable vendors32%
- Paused/delayed AI features for ‘High-Risk’ assessments or bias audits28%
- Established an AI Ethics Committee / ‘Human-in-the-loop’ protocols24%
- Pace of IT implementation/innovation has remained unchanged18%
Percentage who “Strongly agree” with each statement.
Which of the following best describes your organization’s readiness to support the following AI regulatory frameworks?
- EU AI Act (Risk-based classification, GPAI obligations)33%
- Sector-Specific Rules (Healthcare / Insurer AI restrictions)33%
- U.S. State Laws (California AB 1008, Colorado AI Act)29%
- U.S. Federal Policy (2025 Executive Order / Preemption)27%
- China’s Algorithm & Generative AI Measures16%
Percentage who “currently support this legal framework” (Level 1).
Which one framework best aligns with or would be considered the most important (primary) driver of your organization’s AI governance strategy?
- EU AI Act (Risk-based classification, GPAI obligations)30%
- U.S. Federal Policy (2025 Executive Order)25%
- Sector-Specific Rules (Healthcare / Insurers)21%
- U.S. State Laws (California AB 1008, Colorado AI Act)13%
- China’s Algorithm & Generative AI Measures11%
How significant a challenge or barrier are the following regulatory-driven risks to your organization’s ability to develop and maintain a competitive AI advantage?
- Talent / Skill Gaps (technical + legal AI expertise)49%
- Operational Costs (monitoring, 3rd-party auditing, compliance reporting)46%
- Regulatory Fragmentation (conflicting regional rules)45%
- Liability Exposure (legal liability for AI-driven decisions)40%
- Intellectual Property Risk (trade secrets vs. transparency)35%
Percentage rating each risk a “Significant challenge.”
Which of the barriers or risks above is the most significant or challenging to overcome to maintain a competitive AI advantage?
- Talent / Skill Gaps26%
- Regulatory Fragmentation22%
- Liability Exposure18%
- Operational Costs18%
- Intellectual Property Risk16%