EY helps clients create long-term value for all stakeholders. Enabled by data and technology, our services and solutions provide trust through assurance and help clients transform, grow and operate.
At EY, our purpose is building a better working world. The insights and services we provide help to create long-term value for clients, people and society, and to build trust in the capital markets.
Ernst & Young LLP conducted a study of 500 security professionals to understand sentiment and best practices around AI in cybersecurity.
The promise of AI in cybersecurity brings with it both the opportunities of automation and productivity and the threat of supercharged capabilities. In both cases, the technology is turning out to be transformative. As urgent as the threat is, both the speed and the stakes with which AI is transforming the enterprise demand a holistic and responsible approach.
In December 2025, Ernst & Young LLP commissioned a study of 500 senior information security leaders to understand how they are quantifying the value of AI in security operations and defining their two-year budget and technology plans. It presents cyber leaders with important insights on how to get the most out of AI resources and investments.
1. Financial realities: budgets, costs, and investment trends
2. Return on investment; progress is slow, but optimism is high
3. Human-in-the-loop cybersecurity: talent gaps and governance risks
4. Governance as the foundation for responsible, scalable Al cybersecurity
1
Financial realities: budgets, costs, and investment trends
Senior security leaders are moving toward autonomous defenses, but the seriousness with which management is funding efforts has not kept pace. The good news is security professionals expect their budget to increase, despite economic pressure.
Budgets are not sufficient to meet threats
85% of senior security leaders who are using AI in cybersecurity state their current cybersecurity budget is insufficient to meet AI-enabled threats.
Budget for AI cyber solutions expected to rise within two years
85% of senior security leaders who are using AI in cybersecurity state their current cybersecurity budget is insufficient to meet AI-enabled threats.
Investment momentum: spending more to defend more
Two-thirds (67%) of senior security leaders using AI in cybersecurity expect to spend at least $5m two years out, and a third (34%) expect to spend at least $10m on the same time horizon.
Return on investment: progress is slow, but optimism is high
We are beginning to see some early returns and efficiency gains as organizations adopt agentic AI in cybersecurity, but the numbers paint a picture of gains not yet realized. The next frontier will be to expand agentic AI to more core functions over time and shift employees’ efforts to more strategic tasks.
Low ROI plagues initial efforts
46% of senior security leaders who use AI in cybersecurity report savings of less than $1m when using agentic AI solutions for cybersecurity, with an additional 12% reporting either not tracking returns or saw no savings at all.
Growth of agentic run cyber functions
Key cybersecurity functions predicted to be largely agentic run in two years:
42% deep fake and impersonation defense (from 23% today)
Competitive advantage linked to agentic AI
97% of senior security leaders believe their organization’s competitive advantage in the marketplace hinges on the maturity of their agentic AI cybersecurity defense in the next two years.
Human-in-the-loop cybersecurity: talent gaps and governance risks
As organizations accelerate their adoption of AI driven cybersecurity tools, the human element has never been more critical. Human-in-the-loop cybersecurity is not merely a risk control, it is the primary mechanism through which organizations establish trust in AI driven decisions.
Human oversight remains essential
85% of senior security leaders say their organization maintains mandatory human-in-the loop requirements for all critical security decisions.
Talent shortages become critical
90% of organizations report difficulty recruiting and retaining cybersecurity professionals with expertise in AI-driven solutions/defenses.
89% identify cybersecurity staff that is unskilled/untrained on AI-enabled cyberattacks as their organization’s greatest liability.
AI drives efficiencies and more strategic work
97% of senior security leaders who are using AI in cybersecurity say their organization’s use of AI-driven cybersecurity solutions has increased analyst operational efficiency.
97% of senior security leaders who are using AI in cybersecurity report that it frees analysts to focus on higher-value, strategic tasks.
Governance as the foundation for responsible, scalable AI cybersecurity
As organizations race to adopt AI driven cybersecurity capabilities, governance has emerged as the essential foundation for ensuring responsible, reliable, and scalable deployment. With most organizations already implementing or embedding governance frameworks into their core processes, governance is increasingly recognized as the key to converting AI’s potential into real business value.
Gaps in governance impact trust in AI
Only 20% of senior security leaders said their organization’s AI cyber security governance framework is fully optimized and embedded into their organizational culture.
Governance is key to unlocking value
98% of senior security leaders whose organization has an AI governance framework for cybersecurity say governance frameworks have proven essential for ensuring the responsible use of AI.
97% of senior security leaders whose organization has an AI governance framework for cybersecurity report that a robust governance framework for AI in cybersecurity is essential to translating AI potential into profitable business value.
The findings in this study illustrate a dual reality: AI has become indispensable for modern cyber defense, yet it simultaneously introduces new, complex risks that require urgent action. Senior Security leaders must act in four key areas to drive value creation with AI:
1. Budget realities demand a reprioritization toward Al driven cybersecurity since cyberthreats are advancing faster than most organizations' funding.
2. Success requires deeper integration of agentic Al into core security functions to yield meaningful return on investment.
3. Human-in-the-loop oversight of Al and skills development are non-negotiable with Al systems taking on greater autonomy. Skilled human oversight becomes more critical, not less.
4. Governance frameworks provide guardrails that ensure Al systems are secure and form the foundation for trusted, scalable Al cybersecurity.
