{{item.videoDuration}}
{{item.title}}
{{item.text}}
{{item.videoDuration}}
{{item.title}}
{{item.text}}
GenAI: A double-edged sword in cybersecurity
AI is helping reshape the cybersecurity landscape, introducing both challenges and opportunities. GenAI can leave organizations more vulnerable to phishing scams, sophisticated malware and rapidly evolving cyberattacks. At the same time, CISOs are leveraging that same technology for cyber defense, using GenAI for threat detection and response, threat intelligence and malware/phishing detection, according to PwC’s 2025 Digital Trust Insights Survey.
To capitalize on these capabilities, many organizations are turning to managed services providers (MSPs) to help integrate AI-enabled solutions that can provide around-the-clock monitoring and assist in handling emerging threats.
Choosing your AI strategy for success
CISOs have several options for integrating AI into their cybersecurity strategies: Running operations in-house, engaging managed services or opting for a hybrid approach. The choice depends on your goals, resources and risk tolerance.
- In-house operations: Enhancing your cyber defenses with AI developed in-house can give you control, helping you to align AI implementations with your specific needs and tailor solutions to your infrastructure. It does, however, require significant investment in AI talent, ongoing training and continuous system upgrades to help keep pace with evolving threats, potentially raising operational costs.
- Managed services: These third-party providers can offer access to a broader talent pool, advanced technologies and scalable solutions that can be difficult and expensive to build internally. It can also give you the benefit of economies of scale and the ability to apply industry leading practices proven effective across multiple organizations. MSPs offer 24/7 monitoring as well as help in fulfilling compliance and adapting to new threats. These services can help reduce your in-house burden, but it’s also essential to select the right provider.
- Hybrid approach: This model combines your in-house AI capabilities with external MSP experience for specialized tasks, helping organizations to scale operations, address talent gaps and fill specific needs like threat intelligence. Effective management and coordination between teams are important to help avoid inefficiencies and security gaps.
If you’re considering a managed services or hybrid approach, it’s important to carefully evaluate the capabilities and experience of any potential provider. The right MSP can not only complement your internal team, but also help bring valuable insights, advanced technologies and scalability to your AI-driven cybersecurity strategy. CISOs can ask key questions to assess an MSP’s ability to meet specific cyber needs and facilitate drive effective AI integration.
- How do you protect the security and privacy of our data when using AI solutions?
- How do you handle proactive alerts and what are your procedures and turnaround times for responding to threats?
- What AI-specific certifications and experience does your team have?
- Can you provide case studies or references from companies in our industry?
- How do you handle regulatory compliance for AI-driven cybersecurity?
- Have you embedded responsible practices around the design, including rigorous testing, monitoring and auditing of your AI solution?
- What metrics do you use to measure the success of AI-driven cybersecurity efforts?
Overcoming barriers to AI-driven security
While the potential for AI in cybersecurity is immense, security leaders should be cautious about integrating this technology into their defensive strategies. AI’s capabilities bring challenges that may slow down or block adoption. Our 2025 Global Digital Trust Insights Survey identified some key barriers that organizations face when implementing GenAI into their cyber defense frameworks, including existing systems integration, lack of trust, inadequate governance and lack of standardized policies.
These challenges can create substantial roadblocks for organizations eager to leverage GenAI for cyber defense. For AI to deliver in this area, you’ll want to address these concerns by investing in AI readiness, including upskilling teams, enhancing risk management frameworks and establishing clear policies that can promote responsible and effective AI use across the enterprise.
Expanding AI’s role in cyber defense
Despite these issues, CISOs are turning to AI to help strengthen their cybersecurity defenses across two major areas — operations and risk/governance. AI can not only help improve response times but also provide deeper insights into possible risks, making for more informed strategic decisions.
Operations: High volumes of security alerts from multiple systems, combined with detailed operating procedures, can come with human error and omission. AI is revolutionizing cybersecurity operations by automating routine tasks and enhancing the effectiveness of security teams. It’s particularly effective in detecting and responding to threats in real time. Here are some ways we’re seeing it used frequently.
- Playbook queries: Security analysts can leverage AI-enabled queries to interact with standard operating procedures. This searchable interface allows them to quickly access predefined sets of AI-driven scripts, guiding them through automated responses to specific threats. By offering real-time, context-specific recommendations, these playbooks can allow security teams to handle incidents faster, providing a more agile and effective response, particularly in fast-moving situations like malware outbreaks.
- Automating level-one tasks: Many organizations are deploying AI-enabled tools to handle the more routine and repetitive tasks that level one analysts traditionally manage, such as alert triage. By automating these tasks, AI can allow human analysts to focus on more complex and higher-risk threats, improving overall operational effectiveness and reducing burnout within security teams.
Automation case study
One of our clients is using Threat Enrichment Reconnaissance Robot and Correlation Engine (TERRanCE) to help automate elements of cyber defense. Rapid detection and containment can be the key to successfully mitigating and limiting the effect of a sophisticated attack before it can become a breach. The timeline here shows how our managed services team responded to a real threat to our client, a retail group with a regulated lending arm.
Risk and governance: Many organizations still run governance, risk management and compliance programs via spreadsheets and emails. Some struggle to consistently access the necessary data sources to help enable risk-based decision-making. Proper governance is important to increase AI’s potential while mitigating its risks. Our 2025 Digital Trust Insights Survey found that 78% of organizations have increased their investment in generative AI, particularly in governance. This investment is essential so that AI initiatives can be well-supported by both people and processes, leading to sustainable and effective implementation.
- Third-party risk management: AI-enabled systems are increasingly used to accelerate the assessment of the cybersecurity postures of third-party vendors and partners.
- Cyber risk quantification (CRQ): This more advanced capability that many organizations are working toward uses AI to measure cyber risk. CRQ helps companies prioritize investments and align cybersecurity with business objectives. While adoption is still growing, those implementing CRQ can gain a strategic advantage in focusing on areas with the greatest financial impact.
Driving AI-enabled cybersecurity forward
Given the increasing complexity of AI adoption, we recommend that CISOs take a multi-phase strategic approach when planning to leverage AI for cybersecurity.
Short-term action Rapidly deploy AI-enabled capabilities in security operations to enhance threat detection and response, vulnerability management, identity management, fraud detection and phishing detection. Prioritize speed and agility in implementation to gain an immediate advantage edge in cyber defense. |
Medium-term strategies Focus on automating regulatory compliance through AI platforms to help improve monitoring and efficiency. This includes establishing clear board governance frameworks for cybersecurity risks, developing and testing disclosure controls, and maintaining ongoing oversight of the disclosure process. Automation in this phase can help reduce human error and facilitate consistent compliance. |
Long-term vision According to our 2025 Digital Trust Insights Survey, only 15% of organizations can effectively measure the financial impact of cyber risks. Explore AI-integrated opportunities in cyber risk modeling and investment planning to better align security investments with organizational risk. By integrating cyber risk quantification into decision-making processes, you can achieve more strategic outcomes and better ROI. |
Charting the path forward
As AI helps reshape the cybersecurity landscape, CISOs should adopt a clear, forward-thinking strategy. The right approach — whether in-house, managed services or hybrid — will likely help future-proof the organization against evolving threats.
{{filterContent.facetedTitle}}
{{contentList.loadingText}}
{{contentList.loadingText}}
Follow us
