Closing the AI Execution Gap in Cyber—A CISO Framework TechTarget and Informa Tech’s Digital Business Combine.TechTarget and InformaTechTarget and Informa Tech’s Digital Business Combine.Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities.Dark Reading Resource LibraryBlack Hat NewsOmdia CybersecurityAdvertiseNewsletter Sign-UpNewsletter Sign-UpCybersecurity TopicsRelated TopicsApplication SecurityCybersecurity CareersCloud SecurityCyber RiskCyberattacks & Data BreachesCybersecurity AnalyticsCybersecurity OperationsData PrivacyEndpoint SecurityICS/OT SecurityIdentity & Access Mgmt SecurityInsider ThreatsIoTMobile SecurityPerimeterPhysical SecurityRemote WorkforceThreat IntelligenceVulnerabilities & ThreatsRecent in Cybersecurity TopicsVulnerabilities & ThreatsCritical Site Takeover Flaw Affects 400K WordPress SitesCritical Site Takeover Flaw Affects 400K WordPress SitesbyElizabeth Montalbano, Contributing WriterNov 5, 20253 Min ReadApplication SecurityRisk 'Comparable' to SolarWinds Incident Lurks in Popular Software Update ToolRisk 'Comparable' to SolarWinds Incident Lurks in Popular Software Update ToolbyNate Nelson, Contributing WriterNov 5, 20254 Min ReadWorld Related TopicsDR GlobalMiddle East & AfricaAsia PacificRecent in World See AllThreat IntelligenceSilver Fox APT Blurs the Line Between Espionage & CybercrimeSilver Fox APT Blurs the Line Between Espionage & CybercrimebyNate Nelson, Contributing WriterAug 8, 20253 Min ReadThreat IntelligenceIran-Israel War Triggers a Maelstrom in CyberspaceIran-Israel War Triggers a Maelstrom in CyberspacebyNate Nelson, Contributing WriterJun 19, 20255 Min ReadThe EdgeDR TechnologyEventsRelated TopicsUpcoming EventsPodcastsWebinarsSEE ALLResourcesRelated TopicsLibraryNewslettersPodcastsReportsVideosWebinarsWhite papers Partner PerspectivesSEE ALLCybersecurity OperationsCyber RiskCyberattacks & Data BreachesCommentaryEnterprise cybersecurity technology research that connects the dots.Closing the AI Execution Gap in Cybersecurity — A CISO FrameworkClosing the AI Execution Gap in Cybersecurity — A CISO FrameworkClosing the AI Execution Gap in Cybersecurity — A CISO FrameworkCISOs must navigate five critical dimensions of AI in cybersecurity: augmenting security with AI, automating security with AI, protecting AI systems, defending against AI-powered threats, and aligning AI strategies with business goals. Neglecting any of these areas is a recipe for disaster.Adam Etherington, Rik TurnerNovember 5, 20255 Min ReadSource: OmdiaCOMMENTARYAI in Cybersecurity: A Framework for CISOs to "Mind the Blade"Artificial intelligence (AI) is a present-day reality reshaping the cybersecurity landscape. For chief information security officers (CISOs), the integration of AI into security frameworks is a double-edged sword. AI promises enhanced efficiency, predictive capabilities, and automation for internal security teams. Simultaneously, it also endows bad actors with new tools to exploit vulnerabilities across complex ICT supply chains. AI in Cybersecurity: 2025, the year deployment dwarfs readiness.AI adoption in IT and cybersecurity has quickly become pervasive. The latest Omdia cybersecurity decision maker survey of nearly 1,000 executives revealed that 93% of organizations are already leveraging AI-powered tools. Further, 91% of firms have scrambled to implement specific AI security policies as a knee-jerk reaction to AI’s ubiquity.But there are cracks showing. The very tools meant to improve ICT are themselves creating issues. Omdia research found that only 14% of CISOs feel fully prepared to integrate AI into their cybersecurity operations, especially Agentic. More alarmingly, supporting transformation projects from the chief information officer (CIO) or CEO is the single biggest challenge for more than 50% of CISOs, surpassing challenges from insider threats and ransomware attacks.Data privacy and identity security are the most significant concerns, accounting for nearly 70% of CISOs' worries globally. Ethical governance gaps, a shortage of skilled personnel, and budget constraints further complicate AI adoption. Additionally, many organizations struggle with knowing where and how to start, highlighting the need for clear frameworks and actionable road maps.AI is not a single technology or model: The nuance is important.Current deployments of AI in ICT and cybersecurity range from longstanding, robust machine learning to generative AI (large language models), and more recently, agentic AI (semi-autonomous). Each class of AI has different strengths and limitations across threat detection, response automation, and data analysis. CISOs need to reframe where and how AI is used across complex technology supply chains, including third parties, in line with evolving regulations, expanding threats, and more sophisticated attacks. Over 70% of firms surveyed have more than 20 standalone cybersecurity tools in use. Twenty percent have more than 50. Each tool will have some level of maturity across AI as an inbuilt capability or a data source for another tool. The challenge is immense. As a starting approach, Omdia research from decision makers reveals five frames of reference that must be applied across ICT, AI, and Cybersecurity as an integrated approach.Omdia's Five Dimensions of AI in CybersecurityTo effectively harness AI, CISOs must consider its role across five critical dimensions:Cybersecurity with AI (augmentation): AI can augment existing security operations, enabling analysts to access vast repositories of knowledge and identify threats more efficiently. Generative AI, for instance, can assist in sorting and analyzing data from tools like TDIR (threat detection and incident response), SIEM (security information and event management), and SOAR (security orchestration, automation, and response). However, it is crucial to maintain a "human-in-the-loop" approach to ensure AI outcomes are interpreted correctly and complemented by human judgment.Cybersecurity by AI (automation): AI has the potential to independently deliver cybersecurity capabilities, such as faster threat detection and response. This dimension has been evolving since the emergence of machine learning in cybersecurity around 2014/15, particularly with the rise of EDR (endpoint detection and response). Predictive security, powered by specialized AI models, can help organizations stay ahead of threats. However, automation must be balanced with transparency to build trust in AI systems.Cybersecurity for AI (tooling): As AI becomes more pervasive, protecting the AI systems themselves is paramount. Attackers are increasingly targeting algorithms and training data to manipulate outcomes. CISOs must invest in security tooling that safeguards AI models and accelerates incident response. The rapid adoption of AI-enabled applications demands a reframing of security strategies to keep pace with evolving threats.Cybersecurity against AI (defense): AI is a double-edged sword. While it can be used to enhance security, it is also exploited by attackers to create more sophisticated threats. For example, AI-powered deepfakes and automated DDoS attacks pose significant challenges. CISOs must deploy advanced detection technologies, often leveraging AI, to counter these threats effectively.Cybersecurity and AI (strategy and governance): AI strategies must align with business objectives to ensure innovation does not compromise security. CISOs are under pressure to exploit AI for commercial gains while navigating global economic uncertainties and competitive pressures. Developing a comprehensive AI cyber strategy that integrates governance, ethical considerations, and risk management is essential.Recommendations for CISOs to Grapple and Harness AI in CyberThis space is evolving, and Omdia continues to track, evaluate, and test vendor capabilities across endpoint, cloud, network, data, identity, and SecOps tools where "AI" is offered. There is a lot of AI washing and misrepresentations of capabilities today, not surprisingly, given the rate of market change and technology innovation.Omdia recommends that CISOs navigate the complexities of AI in cybersecurity in five areas:Prioritize readiness: Invest in training and infrastructure to support AI adoption. Building in-house expertise and fostering employee readiness are critical to bridging the readiness gap.Focus on governance: Develop ethical frameworks and governance tools to ensure AI systems are transparent, trustworthy, and compliant with regulations.Adopt predictive security: Leverage AI for threat intelligence, exposure management, and automated remediation. Predictive security can help organizations stay ahead of emerging threats.Protect AI systems: Implement robust security measures to safeguard AI models, algorithms, and training data from attacks.Align AI strategies with business goals: Ensure AI initiatives are clearly linked to business objectives to balance innovation and security.Final WordThe stakes have never been higher. As AI pops up in more places, including mission-critical enterprise platforms such as Salesforce, Oracle, SAP, and Microsoft, CISOs must act decisively to harness AI's potential while mitigating its risks. This requires a balanced approach that combines technological innovation with human expertise and ethical governance. Neglecting any of the five dimensions of AI in cybersecurity will result in missed opportunities and increased vulnerabilities.Related Links:Omdia CybersecurityOmdia Analyst Summit at Black Hat USA 2025Omdia Data and Identity Security Intelligence ServiceRead more about:OmdiaAbout the AuthorsAdam EtheringtonPractice Leader, Cybersecurity, OmdiaAdam is part of Omdia’s global Digital Enterprise Services practice. He leads international research, advisory, and analysis for cybersecurity and cloud B2B services. A regular speaker at industry events and executive roundtables, Adam thrives on driving deep insight through custom engagements with clients. Adam joined Omdia in 2020, bringing more than two decades of experience as an executive at some of the world’s largest telecoms and IT services vendors. His experience spans corporate strategy, product marketing, technical operations, market intelligence, sales, and strategic alliance roles. Adam holds a Bachelor of Economics from Macquarie University and an MBA from Deakin University (both in Australia). In 2022, he was awarded the 2021 Brookes Medal for outstanding academic achievement.See more from Adam EtheringtonRik TurnerSenior Principal Analyst, Cybersecurity, OmdiaRik is senior principal analyst in Omdia's IT security and technology team, specializing in cybersecurity technology trends, IT security, compliance, and call recording.  He provides analysis and insight on market evolution and helps end users determine what type of technology and which vendor they should be pursuing.Rik has also worked in Omdia's financial services technology team, with a specialization in capital markets technology. Prior to joining Omdia, he worked as an IT journalist, specializing in networking and security, and as a foreign correspondent in Brazil, where he worked, among others, for the Financial Times and The Economist.See more from Rik TurnerMore InsightsIndustry ReportsIDC MarketScape: Worldwide Exposure Management 2025 Vendor AssessmentThe Forrester Wave™: Unified Vulnerability Management Solutions, Q3 2025Miercom Test Results: PA-5450 Firewall WinsSecurity Without Compromise Better security, higher performance and lower TCOThe Total Economic Impact™ Of Palo Alto Networks NextGeneration FirewallsAccess More ResearchWebinarsHow AI & Autonomous Patching Eliminate Exposure RisksThe Cloud is No Longer Enough: Securing the Modern Digital PerimeterSecuring the Hybrid Workforce: Challenges and SolutionsCybersecurity Outlook 2026Threat Hunting Tools & Techniques for Staying Ahead of Cyber AdversariesMore WebinarsYou May Also LikeDiscover MoreBlack HatOmdiaWorking With UsAbout UsAdvertiseReprintsJoin UsNewsletter Sign-UpFollow UsCopyright © 2025 TechTarget, Inc. d/b/a Informa TechTarget. This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world’s technology buyers and sellers. All copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.’s registered office is 275 Grove St. Newton, MA 02466.Home|Cookie Policy|Privacy|Terms of Use

Closing the AI Execution Gap in Cyber—A CISO Framework

The tech landscape, driven by TechTarget and Informa Tech’s Digital Business Combine, is undergoing a significant transformation, primarily fueled by the integration of artificial intelligence (AI) into cybersecurity operations. This framework, articulated by Omdia, seeks to guide Chief Information Security Officers (CISOs) through the complex challenges and opportunities presented by this rapidly evolving technology. The core message is clear: without a deliberate and strategically executed approach, organizations risk falling behind, creating vulnerabilities, and ultimately, facing increased cyber threats.

The framework identifies five critical dimensions for CISOs to consider when incorporating AI into their cybersecurity strategies. These are: cybersecurity with AI, cybersecurity by AI, cybersecurity for AI, cybersecurity against AI, and cybersecurity and AI (strategy and governance). Each dimension represents a distinct area of focus, demanding specific investments, skills, and considerations.

Beginning with "Cybersecurity with AI," this dimension emphasizes the augmentation of existing security operations. AI’s capacity to sift through vast datasets—spanning threat intelligence, vulnerability scans, and security event logs—is leveraged to provide analysts with quicker insights and more informed decision-making. Generative AI, a newer development in this space, is particularly noted for its ability to assist in the sorting and analysis of information from tools like threat detection and incident response, security information and event management (SIEM) systems, and security orchestration, automation and response (SOAR) platforms. However, a key caveat is maintained: human oversight remains crucial to interpret AI outputs and supplement them with judgment.

"Cybersecurity by AI" focuses on the potential for AI to operate autonomously in delivering security capabilities. This area has been evolving since the rise of machine learning in cybersecurity—beginning around 2014/15—and the rise of endpoint detection and response (EDR) solutions. The framework highlights predictive security, powered by specialized AI models, as a means of proactively identifying and mitigating threats. Automation is a core theme within this dimension, but careful consideration is given to the need for transparency to build confidence in AI systems.

“Cybersecurity for AI” directly addresses the security of the AI systems themselves. As AI becomes increasingly prevalent, attackers are recognizing that targeting AI models and their underlying training data is a viable route to compromise. This dimension underscores the importance of implementing robust security measures to safeguard these critical assets. The rapid adoption of AI-enabled applications necessitates a reframing of security strategies to keep pace with the evolving threat landscape.

“Cybersecurity against AI” acknowledges the reciprocal nature of the relationship. AI is not solely a defensive tool; it is also a powerful weapon in the hands of attackers. Examples, such as AI-powered deepfakes and automated distributed denial-of-service (DDoS) attacks, demonstrate the increasing sophistication and potential damage caused by AI-enabled threats. Therefore, organizations must deploy advanced detection technologies, utilizing AI themselves, to counter these evolving threats.

Finally, "Cybersecurity and AI (strategy and governance)" recognizes that AI integration must be aligned with broader business objectives. CISOs are facing pressure to leverage AI for commercial gains while navigating economic uncertainties and competitive pressures. The framework stresses the need for a comprehensive AI cyber strategy encompassing governance, ethical considerations, and risk management.

Omdia’s research, which included nearly 1,000 executives, revealed that only 14% of CISOs feel fully prepared to integrate AI into their operations. Worryingly, supporting transformation projects from the CIO or CEO is the single biggest challenge for more than 50% of CISOs, surpassing concerns about insider threats and ransomware attacks, while data privacy and identity security are the most significant worries, accounting for nearly 70% of CISOs’ concerns globally, along with ethical gaps and skills shortages; these are coupled with budget constraints. Furthermore, many organizations struggle with knowing where and how to start, highlighting the need for clear frameworks and actionable roadmaps.

The analysis reveals a trend: current deployments of AI range from established machine learning to generative AI and agentic AI. This diversity in capability dictates a need for CISOs to reframe where and how AI is utilized throughout increasingly complex technology supply chains, including third parties, in line with evolving regulations, expanding global threats, and more sophisticated attacks. Over 70% of organizations have more than 20 standalone cybersecurity tools in use, with 20% having more than 50.

The core message is that the convergence of these technologies presents immense complexity—requiring a staged approach to implementation. A key takeaway is that Omdia’s five dimensions provide a framework for CISOs to grapple with this complexity and harness AI's potential—while mitigating the significant risks associated with its introduction. This strategic framework is critical given the ever-changing threat landscape and the increasing reliance on AI to maintain organizational security.