Digital transformation has accelerated markedly over the last year, with a sevenfold increase in organisations ranked at the highest level of digital maturity, new research from F5 shows.
For F5’s second Digital Enterprise Maturity Index (DEMI) report, 713 responses from the 2024 State of Application Strategy Report were assessed against a set of six core technical capabilities: infrastructure, app delivery, data, Site Reliability Engineering (SRE) operations, observability and automation, and security.
This year, 29% of organisations qualified as “doers” and were deemed to be making significant strides forward in their digital transformation efforts. In the 2023 report, only 4% reached this level.
54% of organisations surveyed in 2024 were classified as “dabblers”, and just 17% were deemed digital “dawdlers”.
Hybrid and distributed infrastructures to the fore
In 2024, digital maturity was particularly evident in the hybrid and distributed nature of organisation’s infrastructure, system automation levels, and how effectively data is managed and stored to make it observable.
82% of “doers” are operating hybrid apps with components in at least two distinct environments, indicating advanced digital readiness and effective AI integration. This was the case for 51% of “dabblers” and 10% of “dawdlers”.
Furthermore, 59% of “doers” have also automated systems that can execute scripts based on conditions and push delivery and security policies. By contrast, only 37% of “dabblers” and 16% of “dawdlers” were operating in this way.
The DEMI Report also found that 74% of “doers” have automated their network security and 53% have done so for network infrastructure, compared to just 8% and 4% of “dawdlers”, respectively.
“Digitally mature organisations are increasingly defined by flexible infrastructures that stretch across core, cloud and edge locations,” said Lori MacVittie, Chief Evangelist and Distinguished Engineer at F5. “That means tackling the complexity introduced by different frameworks, as well as APIs and consoles. It is encouraging that this year’s ‘doers’ are rising to the challenge, investing in hybrid apps that allow them to optimise deployment for both performance and cost. This is also a key indicator of AI readiness.”
The growing influence of GenAI
Fundamental to that AI readiness is the observability of data – the raw material for AI models – and the ability to make it operational. According to this year’s DEMI report, 94% of “doers” are either maintaining multiple data stores or consolidating into a single data lake. Meanwhile, two-thirds (65%) of “dawdlers” said they had no strategy for data observability.
The use of Site Reliability Engineering (SRE) practices, which underpins the deployment of hybrid apps, was another sign of digital maturity and AI readiness.
Almost all “doers” (97%) have adopted or are planning to adopt an SRE approach, whereas the vast majority (86%) of “dawdlers” are not.
SRE operations fundamentally operate on a different set of principles that emphasize achieving business outcomes rather than avoiding operational incidents. That means implementing practices that support reducing mean time to resolution (MTTR) and availability of services, rather than trying to hit an unattainable uptime metric.
This year, there was a strong correlation between organisations utilising SRE and those able to deploy hybrid applications, scale AI-driven operations and maintain performance.
The DEMI report also noted that “doers” managed an average of 468 APIs, once again highlighting a sophisticated digital infrastructure prepared for AI integration.
“Data governance is now at the forefront of the digital transformation agenda,” explained MacVittie. “The way companies generate, collect, process and retrieve their data will be crucial to harnessing the power of AI, and it’s not a simple process. Most organisations still need to improve when it comes to getting their data in order, but there is clear recognition that this is fundamental to the long-term digital agenda.”
Mind the security gap
Another key trend from this year’s data showed that there was a significant gap between the most and least digitally mature companies when it comes to security. “Doers” not only implemented more robust security measures but were also more confident in their ability to repel threats.
When it came to the implementation of SDLC (secure development lifecycle), which integrates security into the development of software before the first line of code is written, “doers” scored 13.5/15, compared to 10/15 for “dabblers”, and 5.5/15 for “dawdlers”.
Similar scores were recorded for the adoption of zero trust security policies. Fueled by a growing reliance on AI, 92% of mature organisations said they have adopted zero trust principles, reflecting higher confidence levels in their security frameworks.
On a scale of 1-5, “doers” who had implemented zero trust said they were very confident (4.4/5) about their ability to repeal an application or API layer attack. “Dabblers” and “dawdlers” rated themselves 2.8/5 and 2.2/5 respectively.
“While AI is primarily an opportunity for organisations, its power in the hands of threat actors cannot be underestimated,” added MacVittie. “The ability to launch sophisticated attacks is increasingly becoming open to anyone with modest prompt engineering skills, and companies must respond accordingly. With increasingly complex and distributed infrastructure, as well as growing pools of data, security and digital maturity must go hand-in-hand.”
Discussion about this post