Infinite Logo Carousel
Infinite Logo Carousel

HyperFRAME Lens Research 2

State of the
Enterprise Infrastructure & Operations

1H 2026

Primary Research · June 2026

Research Overview

The HyperFRAME Research Lens: State of Enterprise Infrastructure & Operations is primary research illuminating how enterprises plan, deploy, secure, and scale the systems that underpin modern business. It's based on a global study of 520 enterprise I&O leaders across North America, EMEA, APAC, and South/Central America. The study benchmarks Infrastructure & Operations maturity across cloud strategy, compute modernization, cyber-resilience, observability, talent, and AI readiness. Published as open research updated every six months, the Lens establishes a foundational baseline for tracking how enterprise priorities, risks, and execution realities evolve over time — and serves as a companion to the State of the Enterprise AI Stack, reflecting the growing interdependence between infrastructure strategy and AI readiness.

Key Highlights

  • 72%

    rank security as the #1 barrier to scaling infrastructure, yet only 30% feel very confident in recovery speed after a cyber-attack or loss of cloud-based data.

  • 55%

    rely on hybrid cloud models, but only 23% of compute workloads are actually processed in hybrid environments — a clear intent-to-execution gap.

  • 79%

    of public/hybrid enterprises use multiple cloud providers, including 27% running four or more — a potential sign of architectural sprawl and operational complexity.

  • 40%

    are Mass Adopters who require validated business cases and proven ROI before investing — discipline now tempers the innovation rush.

  • 37%

    face a significant Kubernetes skills gap, and 49% struggle to find staff with both technical and legal AI expertise — a talent wall slowing progress.

  • 84%

    report that AI deployment has consumed more budget and operational resources than originally planned, straining I&O readiness.

Enterprise infrastructure is undergoing a period of profound disruption as organizations confront the combined pressures of cloud adoption, escalating cybersecurity threats, rising operational complexity, global data governance requirements, and the resource-intensive demands of enterprise AI. These forces are reshaping how Infrastructure & Operations (I&O) teams plan, deploy, secure, and scale the systems that underpin modern business.

At a time when execution speed and architectural integrity are becoming competitive differentiators, I&O decisions increasingly determine the success, resilience, and velocity of both technology initiatives and the enterprise itself. This report provides an empirical view into how organizations are navigating this transition, prioritizing investments, and confronting the constraints that continue to slow progress.

This 1 HyperFRAME Research Lens on the State of Enterprise Infrastructure & Operations provides a comprehensive analysis of the I&O landscape, including:

  • Infrastructure, Cloud & Networking: The prevalence of hybrid and multi-cloud architectures, the push toward unified management platforms, and the rise of SDN.
  • Compute & Mainframe Strategy: Workload distribution across public, private, and hybrid clouds, virtualization trends, container adoption, and mainframe AI readiness.
  • Storage, Cyber-resilience & Security: Why security leads every priority, the confidence gap in recovery, and the rise of immutable backups and SaaS data protection.
  • Observability & Operational Maturity: Pervasive tool fragmentation, alert fatigue, and the slow march toward AIOps and unified monitoring.
  • Talent & Vendor Strategy: The acute Kubernetes and network/security skills gaps, plus the shift from custom builds toward commercial off-the-shelf software.
  • AI Adoption & Governance: Budget overruns from AI deployment, regulatory readiness across the EU AI Act and beyond, and the talent barriers constraining competitive AI advantage.

Study Profile

To ensure findings reflect real-world constraints rather than vendor-led narratives, this study reflects perspectives across a diverse mix of organizations and regions:

  • Total Respondents520 qualified I&O leaders
  • Organizational ProfileUnder 1,000 to more than 50,000 employees
  • Geographic MixEMEA (26%), North America (25%), APAC (25%), South/Central America (24%)
  • Key Stakeholder Roles25% Strategic Owners, 25% Decision Leads, 23% Technical Sponsors
  • Functional ConcentrationIT (30%), Operations (28%), Information Security (20%)

Figure 3a: Most Significant Challenges to Deploying & Scaling IT Infrastructure

Figure 7 & 8: IT Budget Allocation for I&O Software — Today vs. Next 12–24 Months

Today Next 12–24 months
Less than 10%
10%
4%
10–19%
24%
15%
20–29%
28%
30%
30–39%
15%
25%
40–49%
11%
13%
50–59%
6%
8%
60–69%
4%
3%
70–79%
2%
2%
80–89%
1%
1%

Figure 17: Organizational Concern Levels for Types of Security Threats

HyperFRAME Research Lens: Enterprise Infrastructure & Operations 1 Raw Data

Welcome to the data-first view of the State of Enterprise Infrastructure & Operations. This section is designed for architects, researchers, and strategic planners who require the raw empirical evidence behind our analysis. Below are the foundational metrics covering cloud and compute strategy, budget, cyber-resilience, observability, talent, vendor strategy, and AI governance readiness.

If you'd like to discuss this data further, please contact us.

Which of the following best describes your organization’s overall approach to adopting new technologies?

  • Mass Market Adopter (proven business value)
    40%
  • Early Adopter (calculated risks)
    22%
  • Late Adopter (deploy to remain competitive)
    18%
  • Innovator (always first to deploy)
    11%
  • Laggard (low cost, no risk)
    10%

How would you describe your current IT infrastructure model?

  • Hybrid Cloud (mix of private/on-premises and public cloud)
    55%
  • Primarily Public Cloud (off-premises, cloud-native)
    25%
  • Primarily Private Cloud (on-premises, traditional data center)
    20%

(If using Public/Hybrid Cloud) How would you describe your current use of multiple cloud providers?

  • We use 2–3 public cloud providers
    52%
  • We use 4 or more public cloud providers
    27%
  • We use one primary public cloud provider
    21%

How significant a challenge to deploying and scaling your IT infrastructure are each of the following?

  • Security and compliance
    72%
  • Cost management and optimization
    60%
  • Operational complexity
    52%
  • Lack of talent / skills gap
    46%
  • Legacy technology or infrastructure
    45%
  • Scalability and elasticity
    34%

Percentage rating each factor a “Very significant” challenge.

Which challenge to deploying and scaling your IT infrastructure would you consider the most significant and/or difficult to overcome?

  • Security and compliance
    31%
  • Cost management and optimization
    19%
  • Operational complexity and tool sprawl
    18%
  • Lack of talent / skills gap
    14%
  • Scalability and elasticity
    10%
  • Legacy technology or infrastructure
    8%

Which of the following best describes your organization’s approach to networking?

  • Software-Defined Networking (SDN)
    35%
  • We rely on public cloud provider networking
    25%
  • Traditional, on-premises networking
    24%
  • SASE (Secure Access Service Edge) model
    16%

Which of the following best describes how your organization currently manages your compute, storage, and network resources?

  • Single unified platform (but still rely on other tools)
    45%
  • Multiple platforms (plan to migrate to a single platform)
    27%
  • Single unified platform (no other stand-alone tools)
    16%
  • Multiple platforms (and plan to stay that way)
    12%

How important is a unified, streamlined management platform for your compute, storage, and network resources?

  • Critically or very important
    52%
  • Somewhat important
    38%
  • Not important
    10%

Please estimate what percentage of your overall IT budget is currently allocated to infrastructure and operations software?

  • 20–29%
    28%
  • 10–19%
    24%
  • 30–39%
    15%
  • 40–49%
    11%
  • Less than 10%
    10%
  • 50–59%
    6%
  • 60–69%
    4%
  • 70–79%
    2%
  • 80–89%
    1%

Thinking ahead, please estimate what percentage of your overall IT budget will be allocated to infrastructure and operations software over the coming 12–24 months?

  • 20–29%
    30%
  • 30–39%
    25%
  • 10–19%
    15%
  • 40–49%
    13%
  • 50–59%
    8%
  • Less than 10%
    4%
  • 60–69%
    3%
  • 70–79%
    2%
  • 80–89%
    1%

What percentage of your data compute workload is currently processed in each of the following cloud environments?

  • Public Cloud
    48%
  • Private Cloud
    30%
  • Hybrid Cloud
    23%

What is the approximate percentage breakdown of your current compute workloads?

  • Virtual Machines (VMs)
    40%
  • Containers (Docker, Kubernetes)
    28%
  • Bare Metal / Physical Servers
    15%
  • Serverless (AWS Lambda, Azure Functions)
    12%
  • Other
    5%

How has your investment in virtualization technology changed over the past 12 months?

  • Remained stable
    33%
  • Somewhat increased
    29%
  • Significantly increased
    22%
  • Somewhat decreased
    11%
  • Significantly decreased
    5%

How do you anticipate your investment in virtualization technology will change over the coming 12–24 months?

  • Somewhat increase
    37%
  • Remain stable
    30%
  • Significantly increase
    20%
  • Somewhat decrease
    10%
  • Significantly decrease
    3%

What is the primary reason or driver for your organization’s adoption of containers and Kubernetes?

  • Increased developer velocity / CI/CD
    30%
  • Better resource utilization and cost savings
    25%
  • Application portability across environments
    23%
  • Improved resilience and availability
    16%
  • We are not using containers or Kubernetes in production
    7%

Does your organization currently utilize mainframe systems as part of your overall compute strategy?

  • Yes
    52%
  • No
    33%
  • Unsure
    15%

“Our existing mainframe environment provides all the necessary infrastructure and tooling to support our organization’s AI strategy” — how much do you agree?

  • Strongly agree
    33%
  • Somewhat or moderately agree
    31%
  • Neither agree nor disagree
    22%
  • Somewhat disagree
    10%
  • Strongly disagree
    5%

Which of the following best describes your organization’s long-term strategic vision for mainframe use over the coming 3–5 years?

  • Core component — actively modernizing apps and integrating cloud-native services
    51%
  • Stable legacy platform — maintain but not invest in new systems
    24%
  • Specialized tool for select high-volume transactional tasks
    11%
  • Technical debt to be retired — migrate workloads to cloud
    9%
  • Unsure
    5%

How important are the following in determining your organization’s storage strategy over the next 24 months?

  • Data security and governance
    62%
  • Performance (low latency, high throughput)
    53%
  • Cyber-resilience (immutability, ransomware/disaster recovery)
    52%
  • Scalability across on-premises, cloud, and hybrid
    49%
  • Total cost of ownership
    48%
  • Regulatory / Compliance
    39%

Percentage rating each factor “Critically or very important.”

Which would you consider the most important or primary driver for your organization’s storage strategy over the next 24 months?

  • Data security and governance
    25%
  • Performance (low latency, high throughput)
    20%
  • Cyber-resilience (immutability, ransomware recovery)
    19%
  • Total cost of ownership
    18%
  • Scalability across environments
    11%
  • Regulatory / Compliance
    7%

How confident are you in your organization’s ability to recover from a major cyber-attack or loss of cloud-based data with minimal downtime?

  • Moderately or somewhat confident
    53%
  • Very confident
    30%
  • Not very or not at all confident
    17%

Please rate your organization’s level of concern regarding the following types of security threats.

  • External hacks
    56%
  • Unpatched software
    53%
  • Misconfigured software
    46%
  • Outdated software
    45%
  • Internal or employee hacks
    38%
  • 3rd-party cloud providers
    37%
  • Shadow software or data
    33%
  • Hardware or BIOS attacks
    28%

Percentage reporting they are “Very concerned” about each threat.

Which of the following best describes your approach to managing storage, backup and recovery?

  • Multiple platforms/tools (from multiple vendors/providers)
    41%
  • Single platform/tool (from a single vendor/provider)
    26%
  • Multiple platforms/tools (but migrate towards a single vendor over time)
    23%
  • Not sure / still evaluating
    10%

Thinking about the next 24 months, what is your organization’s primary approach to using or managing storage, backup and cyber recovery?

  • Self-manage using remotely-hosted (cloud/SaaS) platforms
    43%
  • Self-manage using locally-hosted platforms
    31%
  • Rely on a 3rd-party provider (MSP / managed service)
    18%
  • Not sure / still evaluating
    8%

How important is the use of immutable backups for SaaS applications to your organization’s data resilience strategy?

  • Critically or very important
    56%
  • Somewhat important
    34%
  • Not important
    10%

Which SaaS applications does your organization currently use, and how are they backed up?

  • Microsoft 365 (Teams, Exchange, OneDrive)
    95%
  • Entra ID (Azure AD) / Identity Data
    89%
  • Salesforce (CRM, Sandbox, Health Cloud)
    82%

Frequency of deployment among respondents (not breadth). 10–15% of users across all apps are “unsure” how their data is backed up.

Thinking ahead 12–24 months, which SaaS applications do you plan to use, and how will they be backed up?

  • Microsoft 365
    41%
  • ServiceNow (ITSM, Workflows)
    39%
  • Salesforce
    37%
  • Google Workspace (Drive, Gmail)
    35%
  • Atlassian (Jira, Confluence)
    31%
  • Entra ID (Azure AD)
    31%
  • Microsoft Dynamics 365
    30%
  • GitHub / GitLab
    27%

Percentage planning a “both native and immutable” protection model — the emerging dominant strategy.

How would you describe your organization’s primary approach to monitoring and observability today?

  • Multiple (2–3) stand-alone platforms/tools
    46%
  • Multiple (4–5) stand-alone platforms/tools
    25%
  • Single unified 3rd-party platform/tool
    15%
  • Multiple (6 or more) stand-alone platforms/tools
    8%
  • Native monitoring (in-app) platform/tools
    5%
  • We are not actively monitoring our systems
    1%

How well-integrated are your observability tools with your CI/CD and deployment workflows?

  • Somewhat integrated
    44%
  • Very integrated
    29%
  • No integration at all (but we plan to)
    22%
  • No integration (no plan to integrate)
    5%

How significant a pain point are the following for your IT teams when responding to an outage or performance issue?

  • Lack of visibility / difficulty identifying root cause
    45%
  • Manual, time-consuming troubleshooting
    39%
  • Alert fatigue and false positives
    37%
  • Lack of skill
    33%
  • Lack of collaboration between teams
    32%
  • Conflicting priorities (or management guidance)
    30%
  • Access to cloud provider support team
    23%

Percentage rating each pain point “Very significant.”

Which of the following pain points is the most significant when responding to an outage or performance issue?

  • Alert fatigue and false positives
    26%
  • Lack of visibility / root cause
    19%
  • Manual, time-consuming troubleshooting
    17%
  • Lack of skills (internal)
    17%
  • Lack of collaboration between teams
    11%
  • Access to cloud provider support team
    6%
  • Conflicting priorities (or management guidance)
    3%

To what extent does your organization use AI for IT Operations (AIOps)?

  • Exploring AIOps, but not yet adopted
    33%
  • Piloting or using AIOps for specific use cases
    31%
  • Fully implemented AIOps for key functions
    21%
  • No current plans to use AIOps
    15%

Which best describes your organization’s use of AI technologies (AIOps) for suggesting and automating next best actions in operational settings?

  • Currently in operational use (select or limited use cases)
    41%
  • Planned/evaluating for deployment within 6–12 months
    25%
  • Currently in operational use (multiple use cases)
    15%
  • Planned/evaluating within 12–24 months
    11%
  • No current plans to deploy
    5%
  • Planned/evaluating beyond 24 months
    3%

How significant a skills gap does your organization face in each of the following?

  • Kubernetes and container orchestration
    37%
  • Observability and data analysis
    35%
  • Network and security expertise
    34%
  • Cloud platform
    32%
  • Automation and DevOps practices
    30%
  • Legacy management systems
    29%
  • Legacy technology systems
    27%
  • Mainframe System
    24%

Percentage reporting a “Significant skills gap” in each area.

Which of the following skills gaps would you consider the most significant or challenging to overcome?

  • Network and security expertise
    33%
  • Automation and DevOps practices
    26%
  • Cloud platform
    25%
  • Kubernetes and container orchestration
    23%
  • Observability and data analysis
    23%
  • Legacy management systems
    14%
  • Legacy technology systems
    9%
  • Mainframe systems
    4%

How significant are the following in influencing decisions on infrastructure procurement and/or vendor selection?

  • Cost, ROI, and TCO
    52%
  • Support for and connectivity to other platforms
    49%
  • Software lock-in
    40%
  • Support contracts
    38%
  • Support for AI capabilities and acceleration
    36%
  • Hardware lock-in
    34%
  • Vendor vision and roadmap
    33%

Percentage rating each factor “Very significant.”

Which of the following best describes your organization’s approach to managing your IT infrastructure?

  • Even mix of 3rd-party (managed) providers and internal teams
    29%
  • Primarily 3rd-party providers with some internal support
    24%
  • Primarily internal teams with some 3rd-party support
    21%
  • Exclusively 3rd-party (managed) providers (no internal team)
    13%
  • Internal teams only (no 3rd-party providers)
    12%

Please rank the most to least common type of software currently deployed within your organization’s IT infrastructure.

  • Proprietary solutions (custom or internally developed)
    49%
  • Open source solutions
    36%
  • Commercial off-the-Shelf solutions (COTS)
    15%

Percentage ranking each type as the #1 most commonly deployed (Rank 1).

How widely deployed do you expect COTS, Open Source, or Proprietary software to be within 12–24 months from now?

  • Commercial off-the-Shelf solutions (COTS)
    49%
  • Open source solutions
    37%
  • Proprietary solutions (custom or internally developed)
    23%

Percentage expecting each type to be the “Most widely deployed.”

Please state if you agree or disagree with the following on the impact of AI on IT budgets, implementations and/or innovation.

  • AI deployment has consumed more budget/resources than expected
    39%
  • Our I&O infra was not designed for current AI regulations & data privacy laws
    37%
  • Increasing on-prem/localized processing to comply with sovereignty mandates
    33%
  • Moved away from ‘black-box’ models toward explainable vendors
    32%
  • Paused/delayed AI features for ‘High-Risk’ assessments or bias audits
    28%
  • Established an AI Ethics Committee / ‘Human-in-the-loop’ protocols
    24%
  • Pace of IT implementation/innovation has remained unchanged
    18%

Percentage who “Strongly agree” with each statement.

Which of the following best describes your organization’s readiness to support the following AI regulatory frameworks?

  • EU AI Act (Risk-based classification, GPAI obligations)
    33%
  • Sector-Specific Rules (Healthcare / Insurer AI restrictions)
    33%
  • U.S. State Laws (California AB 1008, Colorado AI Act)
    29%
  • U.S. Federal Policy (2025 Executive Order / Preemption)
    27%
  • China’s Algorithm & Generative AI Measures
    16%

Percentage who “currently support this legal framework” (Level 1).

Which one framework best aligns with or would be considered the most important (primary) driver of your organization’s AI governance strategy?

  • EU AI Act (Risk-based classification, GPAI obligations)
    30%
  • U.S. Federal Policy (2025 Executive Order)
    25%
  • Sector-Specific Rules (Healthcare / Insurers)
    21%
  • U.S. State Laws (California AB 1008, Colorado AI Act)
    13%
  • China’s Algorithm & Generative AI Measures
    11%

How significant a challenge or barrier are the following regulatory-driven risks to your organization’s ability to develop and maintain a competitive AI advantage?

  • Talent / Skill Gaps (technical + legal AI expertise)
    49%
  • Operational Costs (monitoring, 3rd-party auditing, compliance reporting)
    46%
  • Regulatory Fragmentation (conflicting regional rules)
    45%
  • Liability Exposure (legal liability for AI-driven decisions)
    40%
  • Intellectual Property Risk (trade secrets vs. transparency)
    35%

Percentage rating each risk a “Significant challenge.”

Which of the barriers or risks above is the most significant or challenging to overcome to maintain a competitive AI advantage?

  • Talent / Skill Gaps
    26%
  • Regulatory Fragmentation
    22%
  • Liability Exposure
    18%
  • Operational Costs
    18%
  • Intellectual Property Risk
    16%
We use cookies to improve your experience on our website. By browsing this website, you agree to our use of cookies.