AI Resets the Cybersecurity Space

Consolidation rules the space   

The cybersecurity space is being dominated by market consolidators that continue to cross-sell in multiple categories. The idea is to provide a strategic platform enabling customers to have safeguard their IT infrastructure across their respective computing domains (i.e. on-premises, cloud, AI). A few select vendors have already begun the consolidation journey, and their sales results reflect that.    

Cyber vendors’ response to AI

Cyber vendors moved quickly to incorporate AI into their products. AI features have been featured prominently by vendors seeking differentiation in the market. This was a good first step by vendors, but as AI’s risk profile became more widely known, other approaches became a necessity for customers to safeguard their respective computing environments.  

Cyber vendors have also been rolling out flexible licensing arrangements that allow customers to swap out products as requirements change. Flex licensing enables customers to make changes to their security posture by procuring products that meet their requirements. Additionally, it allows the customer to begin implementing AI capabilities as they see fit.    

AI application requires different protection  

Initially, the need to secure data (i.e. large language models – LLM’s) evolved as other AI use cases emerged. AI traffic, agentic AI, and OpenClaw emerged with their own security requirements. OpenClaw’s demands range from access control, data loss prevention, and policy enforcement. The use and complexity of agentic AI exacerbate problems with the attack surface. Agentic AI will necessitate new approaches from cyber vendors in areas like behavior controls and compliance. Requirements for agentic AI range from identity to input security.    

AI platforms are freezing the market   

Specifically, recent disclosures from AI platforms like Anthropic have pressured cyber market incumbents. Anthropic’s Claude Mythos Preview, a recently-announced general-purpose language model, attracted significant media attention press for the way it could locate and exploit vulnerabilities including zero-day attacks (1). Anthropic also launched Project Glasswing, a cybersecurity collaboration with major technology organizations that leverages its Mythos Preview.   

The goal of Glasswing is to proactively identify and patch vulnerabilities, and the announcement by Anthropic was viewed as a disruptive versus legacy methods that have been in place for decades. This will put press on other cyber categories as new AI- based methods infiltrate the market, and customers take time to evaluate them.    

Handicapping survivors in the cyber space   

There is already speculation over which IT security solutions can thrive (i.e. identity security, endpoint) in today’s AI environment. IT security point product vendors, which have thrived historically, will have to reposition themselves as AI point products have flooded the market and are being closely evaluated. 

That said, we remain confident that platform vendors have competitive moats and are best positioned in the near-term. Platform vendors have already begun the AI journey and are likely acquirers of AI companies going forward. These vendors will be looking to the private market as they look to broaden their AI portfolio.   

New AI platform entrants are emerging  

As new AI platforms emerge, security will remain a defining priority in safeguarding these environments. Microsoft is rolling out MAI-1, which is a “multi-model” approach that includes its own proprietary, high-powered “frontier” models. Muse Spark from META is a native multimodal reasoning model designed for complex tasks in specific areas like math, science, and health.  

Native security features will accompany new AI models that are introduced into the market. Much like what we see with OpenAI and Anthropic, other AI platforms possess a methodology for securing their own environment. Third party vendors will be forced to integrate with these AI platforms.  

CISOs are freezing architectural purchases as they account for AI  

The use and complexity of AI exacerbate problems with the attack surface. Accordingly, we expect CISOs to resist launching major architectural purchases as they incorporate AI into their workflow. Safeguarding AI is an immediate priority for two reasons: individual usage is ramping inside companies and corporate projects leveraging AI are expanding.  

AI usage has been growing at historic levels as corporate activity has been expanding. Individuals are logging inquiries as part of research and corporate sponsored projects leverage AI as a way of gaining efficiency or generating business. The speed at which AI is evolving is making IT management pause to take stock and create a master plan on how to best leverage AI.   

Looking into the future with cyber and AI  

The cybersecurity sector has gone through several evolutions since the first commercial products made their way to the market decades ago. Complexity has grown through each cycle (i.e. hardware appliance, cloud), but AI presents challenges not seen before. The starting place for measuring AI’s impact on cyber will start with the direction major AI platforms take in developing their security architectures. Existing platform incumbents will have to architect their solutions with an understanding of what major AI platforms are doing. The useful purpose incumbents will serve to fill in the product gaps that emerge as AI matures.   

Even with the inclusion of AI, customers will still want cybersecurity products to perform multiple functions (i.e. consolidation) where possible. Single pane of glass presentation will remain important as will integration with existing systems. The lack of skilled IT security professionals will necessitate automation so that cyber professionals can prioritize where they should be focusing their time.