A day seldom passes without any exposure to the term artificial intelligence (AI). But when our survey team conceptualized this topic, we were stunned to learn that there wasn’t much publicly available information that documented end users’ perspectives on the impact of AI on organizations’ cybersecurity efforts.

So, we’re pleased to share our comprehensive findings — and help answer the critical question: What value does AI bring to cybersecurity?

The Ponemon Institute 2018 Artificial Intelligence (AI) in Cyber-Security Study, sponsored by IBM Security, includes detailed and high-level cybersecurity discoveries, as well as a comprehensive look at the impact of AI technologies on application security testing. Here are our top 10 key findings from the study.

1. AI Could Help Cut Costs

For organizations across a wide variety of industries and geographies, the estimated average cost of addressing potential cyber exploits without AI is more than $3 million. Companies who are using AI, by contrast, spent an average of $814,873 on the same threats. Thus, a company can potentially save an average of $2.5 million in operating costs by utilizing AI technology.

2. AI May Minimize Data Breaches

When asked about the estimated likelihood of a data breach affecting more than 10,000 sensitive customer or consumer records at their organizations, 40 percent of respondents estimated that the probability was greater than 20 percent if they didn’t leverage AI technologies. However, a mere 2 percent of respondents estimated that the likelihood was greater than 20 percent when AI technologies were leveraged.

3. Organizations Plan to Increase AI Investment

Organizations expect to increase their investment in AI. As AI technology matures, investments will grow, according to 61 percent of respondents.

4. AI May Improve Productivity

Sixty percent of respondents were positive about the ability of AI-based security technologies to improve the productivity of their IT security personnel.

5. AI-Based Technologies Provide Deeper Security

Sixty percent of respondents stated that AI-based technologies provided deeper security than what humans alone could offer. However, only 34 percent of respondents said that the use of AI would decrease the workload of their IT security personnel.

6. AI Supports Identification and Authentication Technologies

AI provided the most support for technologies that identified and authenticated users. Sixty-five percent of respondents stated that AI supported technologies that identified and authenticated their users, and 54 percent of respondents noted that AI was utilized with technologies that provided security intelligence about network traffic and entities.

7. Speed Is the Most Significant Benefit of AI

Sixty-nine percent of respondents stated that the most significant benefit of AI was the ability to increase their speed in analyzing threats. This was followed by 64 percent of respondents who said the most significant advantage was the acceleration in the containment of infected endpoints and devices and hosts.

8. Human Supervision Is Still Required

Human supervision is still required when dealing with alerts. Respondents estimated that an average of 45 percent of alerts could be handled by AI without human supervision. On average, 41 percent of previously “undetectable” zero-day exploits can be detected because of AI.

9. AI Helps Identify Application Security Vulnerabilities

Sixty percent of respondents stated that AI identified their application security vulnerabilities — and a firm majority (59 percent) of respondents noted that AI increased the effectiveness of their organizations’ application security activities.

10. AI Saves Investigation and Detection Time

Respondents estimated that investigating and detecting application vulnerabilities took, on average, 195.88 labor hours per week when not facilitated by AI, but took, on average, 70.48 labor hours per week when facilitated by AI — saving organizations 125.40 labor hours per week on average.

If we further estimate that security analysts work an average of 40 hours per week, that’s an estimated saving of more than three full-time equivalents (FTEs) per week.

Download the Ponemon Institute Study to Learn More

Our study is chock-full of compelling results about the impact of AI on cybersecurity. Click here to download your complimentary copy now.

Finally, check out and share our new infographic. You’ll learn how your Security Operations Center (SOC) team can leverage AI to detect and respond to potential security incidents more effectively and consistently.

More from Application Security

X-Force Identifies Vulnerability in IoT Platform

4 min read - The last decade has seen an explosion of IoT devices across a multitude of industries. With that rise has come the need for centralized systems to perform data collection and device management, commonly called IoT Platforms. One such platform, ThingsBoard, was the recent subject of research by IBM Security X-Force. While there has been a lot of discussion around the security of IoT devices themselves, there is far less conversation around the security of the platforms these devices connect with.…

4 min read

Patch Tuesday -> Exploit Wednesday: Pwning Windows Ancillary Function Driver for WinSock (afd.sys) in 24 Hours

12 min read - ‘Patch Tuesday, Exploit Wednesday’ is an old hacker adage that refers to the weaponization of vulnerabilities the day after monthly security patches become publicly available. As security improves and exploit mitigations become more sophisticated, the amount of research and development required to craft a weaponized exploit has increased. This is especially relevant for memory corruption vulnerabilities.Figure 1 — Exploitation timelineHowever, with the addition of new features (and memory-unsafe C code) in the Windows 11 kernel, ripe new attack surfaces can…

12 min read

Backdoor Deployment and Ransomware: Top Threats Identified in X-Force Threat Intelligence Index 2023

4 min read - Deployment of backdoors was the number one action on objective taken by threat actors last year, according to the 2023 IBM Security X-Force Threat Intelligence Index — a comprehensive analysis of our research data collected throughout the year. Backdoor access is now among the hottest commodities on the dark web and can sell for thousands of dollars, compared to credit card data — which can go for as low as $10. On the dark web — a veritable eBay for…

4 min read

Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers

17 min read - Overview In this post, IBM Security X-Force Red offensive hackers analyze how attackers, with elevated privileges, can use their access to stage Windows Kernel post-exploitation capabilities. Over the last few years, public accounts have increasingly shown that less sophisticated attackers are using this technique to achieve their objectives. It is therefore important that we put a spotlight on this capability and learn more about its potential impact. Specifically, in this post, we will evaluate how Kernel post-exploitation can be used…

17 min read