Build an Autonomous Security Delivery Roadmap

Cybersecurity is changing rapidly because of more frequent and sophisticated attacks – a challenge worsened by a chronic shortage of qualified cybersecurity analysts. That equation can change with deliberate and cohesive autonomous cybersecurity. This blueprint will help you build an autonomous security delivery roadmap that’s risk-adjusted and right for your organization.

Autonomous AI is the only defense against rapidly changing cyber adversaries. Achieving this goal requires entrusting progressively more complex cybersecurity decisions to AI. It’s critical to adopt a systematic approach that helps you keep pace with threats and evolves your security posture.

1. You – not vendors – should guide your AI-driven autonomous security

Don’t risk putting your organization on a path shaped by external actors. Understand your organization’s needs fully and proactively seek out the right AI integration for you, rather than be led by vendors offering off-the-rack solutions.

2. Take your risk tolerance into account

AI thinks, and decides, fast, but not all its decisions are the right ones – at least, not the right ones for you. Deliberate and determine for yourself which tasks and decisions you are comfortable entrusting to your AI ally and which merely require AI assistance while leaving the final say to your analysts.

3. Autonomous cybersecurity isn’t a just an AI upgrade, it’s also a human transformation

AI can analyze mountains of data and tackle tasks beyond human speed and prediction capabilities. But making complex security decisions based on that information still requires people. This human-AI partnership is critical for autonomous and effective security. Leaders need to prepare their cybersecurity analysts to evolve from data consumers to AI commanders.

Use this roadmap to build an AI-augmented autonomous cybersecurity strategy that’s right for you

Our research will take you through each step of transforming AI’s place in your cybersecurity strategy, from its role as simple advisor to an autonomous actor that makes critical defense decisions on its own. Our approach will also guide you in making your analysts into skilled AI masters in areas where a human needs to have the final say. Use this research to:

Assess opportunities for AI augmentation in your organization’s cybersecurity efforts.
Sort and prioritize your AI risk decisions – which actions you are comfortable fully or mostly automating and which to keep in the hands of a human.
Implement and ramp up your AI model following a step-by-step roadmap while keeping fully aware of its context within your organizational structure – including what roles your current staff will play.

Build an Autonomous Security Delivery Roadmap Research & Tools

1. Build an Autonomous Security Delivery Roadmap Deck – A step-by-step document to help you assess value, opportunity, risk, and feasibility to build your autonomous security roadmap.

Prioritize your AI opportunities.
Identify the initiatives to progressively augment your cybersecurity defense with AI.
Create your value and risk report.
Build your autonomous security roadmap.

2. Autonomous Security Delivery Workbook – Excel worksheet that contains the backdrop for all the activities contained within our roadmap-building methodology.

Define value criteria and weight them to prioritize your security goals (e.g. reduced workload, enhanced detection).
Assess the maturity of your security processes using a standardized framework.
Evaluate the risks associated with poorly informed AI decisions in the context of specific security processes.
Ensure the feasibility of your roadmap by considering critical factors like training and budget needs.

3. Autonomous Security Delivery Roadmap – A boardroom-ready template, derived from the outcomes of the activities set out in this research.

Build a high-level outline of your roadmap to present to your key audiences.
Present an overview of the roadmap methodology where your audience may want to know more about the way you reached the conclusions and course of action outlined in the roadmap.

Build an Autonomous Security Delivery Roadmap

Let AI drive the real-time risk decisions it takes to combat the exponentially increasing cyberthreat.

Exponential IT: Accelerate value creation by transforming the organization through exponential technologies.

Exponential IT: Lean Into The Curve. Info-Tech's strategic and actionable principles to enable IT leaders to extract the value from accelerating technology advancements. Graphic shows Exponential IT principles.

Exponential IT: IT in Motion. Accelerate value creation by transforming the organization through exponential technologies. Graphic shows how to Plan Your Exponential IT Journey.

Your Exponential IT Journey

To keep pace with the exponential technology curve, adopt an Exponential IT mindset and practices. Assess your organization’s readiness and embark on a transformation journey. This blueprint will help you build your roadmap to get there.

To access all Exponential IT research, visit the Exponential IT Research Center

Go to this link

Adopt an Exponential IT Mindset

Info-Tech resources:
Exponential IT Research Center , Research Center Overview , and Keynote

Explore the Art of the Possible

Info-Tech resources:
Exponential IT research blueprints for nine IT domains

Gauge Your Organizational Readiness

Repeat Annually

Info-Tech resource:
Exponential IT Readiness Diagnostic

Build an Exponential IT Roadmap

Repeat Annually

Info-Tech resource:
Develop an Exponential IT Roadmap blueprint

Embark on Your Exponential IT Journey

The focus of this report

Info-Tech resources:
Ongoing and tactical domain-level research and insights

Analyst perspective

Aiming for autonomy: Why a proactive approach to AI is essential.

Fred Chagnon

Principal Research Director,
Security & Privacy Practice
Info-Tech Research Group

The cyber threat landscape is a relentless arms race. As adversaries evolve tactics, traditional security solutions struggle to keep pace. Automation offers some relief, but the sheer volume and complexity of attacks threaten to overwhelm even the most robust defenses. Autonomous cybersecurity defense is the ultimate goal, but the path to get there requires a proactive and progressive approach.

By relying solely on vendor presentations, CISOs get caught in a reactive cycle, adopting solutions that may not align with their overall security strategy. Our research proposes a framework that empowers the CISO to re-assert control. They’ll be able to identify the AI use cases with the most strategic value for their organization, establish their true risk tolerance for AI decision-making, and develop a roadmap for integrating AI that considers not just technology but also other critical factors; not the least of which is the human element.

This proactive approach unlocks the true potential of AI. It allows security leaders to push the boundaries of AI capabilities, identifying where technology limitations or risk prevent true autonomy. By aiming for autonomy, we gain invaluable insights into the strengths and limitations of AI, ultimately creating a more effective human-AI partnership for a future-proof security posture.

This focus on reaching autonomy doesn’t diminish the importance of human expertise. Instead, it highlights the transformative potential of AI as a force multiplier. Analysts become “AI commanders,” leveraging AI’s analytical power to make faster, more informed decisions while reserving human judgment for the most complex situations. This co-dependence is the key to achieving a truly autonomous and proactive security posture.

Executive summary

Your Challenge

The cybersecurity landscape is undergoing a rapid transformation. The volume and complexity of cyberthreats are steadily increasing, putting significant pressure on your security analysts. While automation has provided some initial relief by streamlining workflows, it’s clear that a more comprehensive solution is needed to ensure long-term security posture.

AI has potential here. However, the sheer number of AI use cases in cybersecurity is overwhelming, making it difficult to determine the most strategic course of action.

Common Obstacles

Visibility into the evolving AI security landscape is limited. Reliance on vendor presentations creates a reactive approach to AI adoption, potentially leading to solutions that don't align with your overall cybersecurity strategy.

Furthermore, concerns remain regarding the trustworthiness and explainability of AI decision-making in security applications. While some opportunities appear promising, a cautious approach is warranted to mitigate potential risks.

Info-Tech's Approach

Our approach allows you to take a proactive stance on the use of AI for the purposes of cybersecurity defense. You will:

Assess the opportunities that exist within your environment today, ranked and measured against criteria that aligns to your goals (not your vendors).
Establish your TRUE risk tolerance level by understanding where you trust AI’s risk decision-making abilities and where the threat of a bad decision may be too great.
Take steps toward AI augmentation and eventually autonomization with a roadmap that is aware of the full context of AI adoption, not the least of which includes the effect it has on your current staff.

Info-Tech Insight

Autonomous AI is the only defense against rapidly changing cyber adversaries. Achieving this goal requires entrusting progressively more complex cybersecurity decisions to AI. The key to success is identifying where AI can autonomously make decisions and where it should enrich human decision-making instead.

You need AI to defend against modern cyber adversaries

CISOs are broadly in agreement that AI is a MUST HAVE tool in their cybersecurity defense program.

In a survey of 1,000 CISOs, 93% stated they were considering or already using artificial intelligence in various ways as part of their cybersecurity defense program (IBM, 2022).
The question many CISOs have about AI is not whether it should be used but in what functions it should be deployed and how it fits in with the use of their human analysts.

CISCOs: Use of AI in cybersecurity defense. Graph shows 29% of responses say the are considering, 7% not considering, and 64% who have already deployed.

93% of CISOs recognize the value of using AI as an aid in cyberdefense.

Source: IBM, 2022; n=1,000

There aren’t enough cybersecurity professionals on the planet to meet today’s demands

Human analysts can’t continue to fight the battle on their own.

Increase in attack frequency: The broad spectrum of cybersecurity events, from ransomware incidents to phishing attempts to DDoS attacks, has been steadily increasing and will continue to do so.
Increase in attack sophistication: With the combined power of automation, machine learning, deep fake technology, and generative AI, the complexity of attacks are increasing exponentially, and this is expected to continue.

“The idea that humans are going to keep up with the speed of cyber events is ludicrous. We can’t keep up; it’s impossible. There will be jobs in security that migrate to or are heavily supplemented by AI tools.”

Paul Kurtz, Splunk Chief Cybersecurity
Advisor & Field CTO, qtd. in Splunk, 2024

95%

Organizations that are concerned about talent shortages leading to capacity constraints in cybersecurity.

91%

Organizations that are concerned they are not prepared to respond to a cyberattack.

Source: Info-Tech Research Group Tech Trends and Priorities 2023

Challenge #1: CISOs are adding AI to their cybersecurity defense reactively

CISOs are only hearing about new AI-powered capabilities from their vendors and are lacking a forward-looking methodology to approach this augmentation.

LIMITED VISIBILITY INTO AI CAPABILITIES

The constant evolution of the AI security landscape makes it challenging for CISOs to stay informed about the latest AI-powered capabilities. They rely solely on what vendors choose to promote, potentially missing out on valuable solutions that haven't reached their radar.

AND

LACK OF AN EVALUATION FRAMEWORK

There's currently no established methodology for CISOs to proactively evaluate their security infrastructure for AI compatibility or identify areas where AI integration could offer the most significant benefits. This lack of a proactive approach hinders their ability to make informed decisions about adopting new AI security solutions.

EQUALS

REACTIVE USE OF AI IN CYBERDEFENSE

Dependence on vendor information for new capabilities restricts CISOs to a reactive approach. They can't proactively assess their security infrastructure’s readiness to integrate AI or identify potential gaps that could benefit from AI-powered solutions.

Build an Autonomous Security Delivery Roadmap visualization

Let AI drive real-time risk decisions to combat the exponentially increasing cyberthreat.

About Info-Tech

Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

What Is a Blueprint?

A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.

Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.

Table of Contents