The Ongoing Evolution of AI in Cybersecurity
Jonathan Ong, Senior Analyst, Cybersecurity Robin Ody, Practice Leader
The recent spotlight on GenAI has significantly impacted three primary areas: regulation, tools and threats, and talent.
Generative AI and agentic AI have captured public attention in the 2020s through their potential to transform work and daily life.
This AI revolution has been fuelled by abundant training data, hardware improvements like specialized AI chips, algorithmic breakthroughs in neural networks, and collaborative ecosystems between academia and industry; all supported by substantial global investment.
While AI encompasses numerous model types with varying applications across industries, generative AI (which creates novel outputs from existing data) and discriminative AI (which classifies existing data by learning decision boundaries) currently dominate cybersecurity applications.
AI"s promise to automate complex tasks makes it particularly attractive for cost-intensive areas like software development, data analytics, and cybersecurity.
The current AI boom has organizations implementing AI across numerous use cases, including cybersecurity, where both defenders and threat actors have utilized AI for years.
However, securing AI workloads and models represents a new frontier requiring evolution in three areas:
Applications that connect to large language models by implementing guardrails against data leakage, jailbreaking, and prompt injections
Models themselves against theft, tampering, and poisoning while strengthening fundamental security measures for developers with model access
Data through improved hygiene practices, governance, and provenance before embarking on custom AI training
As AI becomes increasingly central to business operations, organizations must adapt their security strategies to protect these valuable new assets while leveraging AI"s capabilities to enhance their overall security posture.
https://omdia.tech.informa.com/om128529/market-landscape-the-ongoing-evolution-of-ai-in-cybersecurity
Cybersecurity Decision Maker Survey 2024: Overall Findings (August 2024)
"Update: Cybercriminals still not fully on board the AI train (yet)," Sophos X-Ops (January 2025)
AI Readiness Report, Kyndryl (January 2025)