A day seldom passes without any exposure to the term artificial intelligence (AI). But when our survey team conceptualized this topic, we were stunned to learn that there wasn’t much publicly available information that documented end users’ perspectives on the impact of AI on organizations’ cybersecurity efforts.

So, we’re pleased to share our comprehensive findings — and help answer the critical question: What value does AI bring to cybersecurity?

The Ponemon Institute 2018 Artificial Intelligence (AI) in Cyber-Security Study, sponsored by IBM Security, includes detailed and high-level cybersecurity discoveries, as well as a comprehensive look at the impact of AI technologies on application security testing. Here are our top 10 key findings from the study.

1. AI Could Help Cut Costs

For organizations across a wide variety of industries and geographies, the estimated average cost of addressing potential cyber exploits without AI is more than $3 million. Companies who are using AI, by contrast, spent an average of $814,873 on the same threats. Thus, a company can potentially save an average of $2.5 million in operating costs by utilizing AI technology.

2. AI May Minimize Data Breaches

When asked about the estimated likelihood of a data breach affecting more than 10,000 sensitive customer or consumer records at their organizations, 40 percent of respondents estimated that the probability was greater than 20 percent if they didn’t leverage AI technologies. However, a mere 2 percent of respondents estimated that the likelihood was greater than 20 percent when AI technologies were leveraged.

3. Organizations Plan to Increase AI Investment

Organizations expect to increase their investment in AI. As AI technology matures, investments will grow, according to 61 percent of respondents.

4. AI May Improve Productivity

Sixty percent of respondents were positive about the ability of AI-based security technologies to improve the productivity of their IT security personnel.

5. AI-Based Technologies Provide Deeper Security

Sixty percent of respondents stated that AI-based technologies provided deeper security than what humans alone could offer. However, only 34 percent of respondents said that the use of AI would decrease the workload of their IT security personnel.

6. AI Supports Identification and Authentication Technologies

AI provided the most support for technologies that identified and authenticated users. Sixty-five percent of respondents stated that AI supported technologies that identified and authenticated their users, and 54 percent of respondents noted that AI was utilized with technologies that provided security intelligence about network traffic and entities.

7. Speed Is the Most Significant Benefit of AI

Sixty-nine percent of respondents stated that the most significant benefit of AI was the ability to increase their speed in analyzing threats. This was followed by 64 percent of respondents who said the most significant advantage was the acceleration in the containment of infected endpoints and devices and hosts.

8. Human Supervision Is Still Required

Human supervision is still required when dealing with alerts. Respondents estimated that an average of 45 percent of alerts could be handled by AI without human supervision. On average, 41 percent of previously “undetectable” zero-day exploits can be detected because of AI.

9. AI Helps Identify Application Security Vulnerabilities

Sixty percent of respondents stated that AI identified their application security vulnerabilities — and a firm majority (59 percent) of respondents noted that AI increased the effectiveness of their organizations’ application security activities.

10. AI Saves Investigation and Detection Time

Respondents estimated that investigating and detecting application vulnerabilities took, on average, 195.88 labor hours per week when not facilitated by AI, but took, on average, 70.48 labor hours per week when facilitated by AI — saving organizations 125.40 labor hours per week on average.

If we further estimate that security analysts work an average of 40 hours per week, that’s an estimated saving of more than three full-time equivalents (FTEs) per week.

Download the Ponemon Institute Study to Learn More

Our study is chock-full of compelling results about the impact of AI on cybersecurity. Click here to download your complimentary copy now.

Finally, check out and share our new infographic. You’ll learn how your Security Operations Center (SOC) team can leverage AI to detect and respond to potential security incidents more effectively and consistently.

More from Artificial Intelligence

Generative AI security requires a solid framework

4 min read - How many companies intentionally refuse to use AI to get their work done faster and more efficiently? Probably none: the advantages of AI are too great to deny.The benefits AI models offer to organizations are undeniable, especially for optimizing critical operations and outputs. However, generative AI also comes with risk. According to the IBM Institute for Business Value, 96% of executives say adopting generative AI makes a security breach likely in their organization within the next three years.CISA Director Jen…

Self-replicating Morris II worm targets AI email assistants

4 min read - The proliferation of generative artificial intelligence (gen AI) email assistants such as OpenAI’s GPT-3 and Google’s Smart Compose has revolutionized communication workflows. Unfortunately, it has also introduced novel attack vectors for cyber criminals. Leveraging recent advancements in AI and natural language processing, malicious actors can exploit vulnerabilities in gen AI systems to orchestrate sophisticated cyberattacks with far-reaching consequences. Recent studies have uncovered the insidious capabilities of self-replicating malware, exemplified by the “Morris II” strain created by researchers. How the Morris…

Open source, open risks: The growing dangers of unregulated generative AI

3 min read - While mainstream generative AI models have built-in safety barriers, open-source alternatives have no such restrictions. Here’s what that means for cyber crime.There’s little doubt that open-source is the future of software. According to the 2024 State of Open Source Report, over two-thirds of businesses increased their use of open-source software in the last year.Generative AI is no exception. The number of developers contributing to open-source projects on GitHub and other platforms is soaring. Organizations are investing billions in generative AI…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today