Extent of AI Tools Adoption | Impact of AI on Cybersecurity TeamsAI and Entry-Level ProfessionalsAddressing Knowledge and Training DeficitsAI Considerations for OrganizationsRelated Insights

AI adoption is impacting both organization operations and the workforce; the cybersecurity industry is no exception. ISC2 surveyed global cybersecurity professionals to better understand this impact.

Recognizing the growing influence that artificial intelligence (AI) has on the cybersecurity industry, ISC2 conducted a survey of 436 cybersecurity professionals to understand the global impact on the workforce and operations. We asked a series of questions intended to examine the adoption of AI security tools, as well as understand the current and perceived future implications of AI use on team effectiveness, entry-level jobs and cybersecurity training.

 

Extent of AI Tools Adoption

Almost a third (30%) of our respondents said that their teams have already integrated AI security tools (e.g., AI-enabled security solutions, generative AI and/or agentic AI for automated action, etc.) into their operations. In addition, 42% are actively considering the deployment of such tools, either at evaluation or actively testing phases. Only 10% of the survey respondents have no clear plans to integrate AI tools into their operations.

Some Cybersecurity Teams Have Integrated AI Security Tools; Most Are Evaluating/Testing 

The largest organizations (those with over 10,000 employees – 37%) are leading the charge in actively using AI tools as part of their cybersecurity operations, closely followed by mid-to-large (2,500–9,999) and smaller (100–499) organizations (both 33%). Mid-size (500–2,499) and the smallest organizations (1–99) are the lowest adopters, with just 20% of each segment actively using AI security tools. While some smaller organizations we surveyed have adopted AI security tools at a higher rate, this group still remains cautious. The smallest organizations (1–99 employees) are the most conservative, with 23% having no plans to evaluate AI security tools for use.

It's a similar story when we look at industries that are adopting, evaluating and testing AI tools to bring into their security operations. Industrial enterprises (38%), IT services (36%) and professional services organizations (34%) lead in the adoption of AI security tools. Financial services and the public sector have the lowest current adoption rates (21% and 16%, respectively).

 

Impact of AI on Cybersecurity Teams

In capable hands and with the right resources, AI-based security tools have the potential to enhance cybersecurity capabilities, increase efficiency and reduce human error, while increasing the ability to address the growing scale and sophistication of modern threats. The majority of respondents from organizations that are actively using AI security tools are experiencing this. Of this group, the majority (70%) are seeing positive results from their AI tools, supporting their team’s overall effectiveness. Only 2% have seen no measurable improvement and 14% have seen only a small amount of improvement. This profoundly positive outlook reflects ISC2 research from 2024 into AI adoption, where 82% of respondents to that study believed that AI would improve job efficiency for cybersecurity professionals.

Most of Those Who Have Integrated AI Security Tools See Increased Team Effectiveness 

When asked where they believed AI would have the most positive impact on security operations in the shortest amount of time, respondents pointed to network monitoring and intrusion detection (60%). This encompasses log and data-heavy functions where AI can undertake repetitive and time-intensive work, as well as produce faster responses and reaction times for detection. This was followed by endpoint protection and response (56%), vulnerability management (50%) and threat modeling (45%). These areas all involve analyzing large datasets and monitoring real-time network information for insights. Meanwhile, security testing (43%) can be a very time-consuming task for cybersecurity personnel, ensuring that tools and defensive measures are operating effectively and correctly.

In Which Areas of Security Operations Will AI Security Tools Have the Most Impact? 
 

AI and Entry-Level Professionals

One of the concerns often cited about the adoption of AI is that it will negatively impact staff headcount. This is particularly concerning for the hiring of entry-level professionals as these are employees who would often learn their craft doing many of the time-consuming, resource-hungry tasks that AI may take the lead on.

There was clear consensus among respondents that AI security tools will impact entry-level cybersecurity hiring. Some 52% said that AI will significantly or somewhat reduce the need for entry-level staff. As with any other department in an organization, cybersecurity is an evolving ecosystem that is reliant on having people from the early stages of a career to seasoned professionals. Respondents are clearly concerned that growing adoption of AI tools and technologies risks impacting this balance.

What Impact Will AI Security Tools Have On Entry-level Cybersecurity Roles? 

Despite this, 31% of respondents viewed the entry-level outlook more positively, seeing the rise of AI as an opportunity that will create new types of entry- and junior-level roles to counter the reduced demand elsewhere for early-career professionals.

On top of this, respondents were positive about the wider cybersecurity hiring situation in the face of AI adoption. Nearly half (44%) agreed with the statement that their organization’s cybersecurity hiring has not yet been impacted by AI security tool adoption. In contrast 21% disagreed, saying that AI has changed cybersecurity hiring plans and priorities in their organizations. However, 44% also agreed that their organizations are reconsidering the types of roles and skills needed to support the adoption and use of AI security tools.

AI Security Tools Could be Impacting Roles and Responsibilities 

The rise of AI in cybersecurity is already shaping entry-level role descriptions that blend traditional cybersecurity foundations with emerging skills in automation, data analysis, and AI system support. New and AI-augmented roles being advertised and discussed for entry-level cybersecurity professionals include:

  • AI-Assisted SOC Analyst - working with AI-enhanced Security Information and Event Management (SIEM) or Security Orchestration, Automation and Response (SOAR) tools
  • Security Data Analyst / Junior Threat Intelligence Analyst - focused on helping train and validate AI models by managing large datasets of threat indicators
  • Automation and Security Orchestration Assistant - supporting the development and maintenance of security automation scripts and workflows that AI platforms use to take action
  • AI Governance or Compliance Associate - entry-level support for ensuring AI systems used in security are operating in alignment with ethical and compliance expectations, as well as functioning properly more generally
  • Security Testing Assistant - testing the robustness of AI-driven security tools, including evaluating their response to adversarial inputs
  • Cloud Security Support Analyst – working with AI-enhanced cloud security monitoring tools to ensure the safety, availability and defense of key cloud services and data repositories
 

Addressing Knowledge and Training Deficits

Training arguably needs to keep pace to ensure the organization’s cybersecurity AI investment is fully utilized and to mitigate the risk of costly and security-exposing mistakes.

Regardless of the stage of adoption, organizations are doing their due diligence before integrating AI tools into their security operations. Some, those that have already incorporated or are in process of incorporating solutions, are even allocating budget for training security staff on the tools (30%), while 24% are relying on vendors to educate them.

When it comes to understanding, evaluating and selecting AI security tools and technologies, organizations are using multiple approaches, led by undertaking their own internal research (72%), using training and education (56%), taking advice and recommendations from vendors (45%) and one third (33%) are taking their cue from government agencies such as regulators, as well as public policy.

 

AI Considerations for Organizations

Organizations are at varying stages of cybersecurity AI adoption – from research through to everyday use. There is also a mixed – though mostly positive – perception of AI within cybersecurity. In light of this mix of optimism and conservative adoption, respondents have highlighted several key points in relation to the potential for AI to help them to deal with an increasing and evermore complex threat landscape.

AI is not the solution to all issues, illustrated by the hesitance among many respondents to move from evaluation to deployment. They do still see skilled and trainable personnel as essential to the successful operation of their cybersecurity teams. While they also see AI impacting demand for established entry-level roles, they also recognize the importance of new entry-level roles to support both AI use and the personnel development pipeline.

Advice for organizations and hiring managers:

  • Organization leaders, not just cybersecurity teams, need to understand the function and capabilities of AI security tools prior to their adoption, due to the potential impact on training and hiring decisions.
  • AI adoption should not be at the expense of a reduction in entry-level roles, as doing so will hinder the development of future talent; a lack of early career opportunities will mean that many will not gain foundational experience or mentorship opportunities.
  • Both entry-level and senior-level roles will require a change in skillset because of the growing use and evaluation of AI within the cybersecurity team.
  • The need for clearly defined use cases for AI security tools prior to integration is recognized by many cybersecurity professionals.

AI and people need to work in unison, requiring new and realistic roles that allow entry-level professionals to be part of the AI revolution as well as learning from their peers.

Related Insights