Artificial intelligence (AI) is now a defining factor in how cybersecurity strategies evolve. As enterprises expand their digital footprint, the sophistication and scale of threats have outpaced what traditional approaches can handle. In Frost & Sullivan’s ongoing AI Transformation series, we have examined the business case, technical readiness, and secure-by-design imperatives.
This article is part of Frost & Sullivan’s AI Transformation in Cybersecurity interview series, where we engage with industry experts from leading vendors to understand how AI is being applied to defend against evolving threats. Each discussion provides a practitioner’s perspective that complements our analyst insights, helping enterprises make informed decisions on the role of AI in their security strategies.
For this edition, we spoke with Jonas Walker, Director of Threat Intelligence for APAC & Middle East at Fortinet, who shared how AI has been integrated into security operations, why it matters, and where it is heading. We thank Jonas for his contribution to this discussion.
How AI Is Being Used in Cybersecurity
AI and machine learning (ML) have been part of cybersecurity for over a decade. Initial applications focused on:
- Malware detection through supervised models.
- Zero-day identification, using large datasets to train systems that recognize novel attack patterns.
- Endpoint and cloud monitoring to improve detection accuracy across distributed environments.
Generative AI (GenAI) introduces new possibilities. With large volumes of operational and threat data, organizations can now explore more interactive ways of engaging with their systems—for example, querying in natural language (“Why is the server slow?”) or simulating attack conditions. AI also provides additional capabilities for web testing, endpoint behavioral analysis, and anomaly detection, supporting analysts in identifying hidden signals within overwhelming data sets.
As Jonas Walker explains:
“AI doesn’t replace the analyst—it augments them. The goal is to give security teams more effective tools, so instead of drowning in alerts, they can focus on the critical signals that matter. It’s about finding the needle in the haystack, faster.”
Why AI Matters Now
The scale of modern cybersecurity challenges makes AI indispensable:
- Automation at scale: The sheer number of daily events and alerts cannot be managed manually. AI helps automate triage, correlation, and response.
- Adversarial AI: Attackers themselves are deploying AI to improve phishing campaigns, automatically generate malicious files, craft convincing social engineering attempts, and obfuscate malicious code.
This dual use—by defenders and attackers—creates an escalating cycle in which AI becomes both a necessary defense and a growing attack vector.
Industry Differentiation and Data
One of the distinguishing factors in AI for cybersecurity is data quality and longevity. Mature vendors have years (or decades) of curated threat intelligence to train their models, while newer entrants often lack this historical depth.
From an analyst perspective, this raises important considerations for enterprises:
- How much confidence can be placed in the training data behind a given AI solution?
- How transparent are the methodologies for testing and validating AI models?
- To what extent should organizations rely on external vendors versus internal AI initiatives?
Trust—in both the data and the people building the systems—is as critical as the technology itself.
Effectiveness for End Users
Frost & Sullivan research indicates that AI integration has improved detection accuracy, reduced false positives, and accelerated investigation times across the industry. Security analysts benefit from AI’s ability to highlight anomalies and automate routine checks, freeing up capacity for higher-order tasks.
The outcome for end users is measurable: stronger defense coverage, more efficient operations, and faster incident response.
The Future of AI in Cybersecurity
Looking ahead, AI’s role will expand beyond pattern recognition into reasoning and dynamic problem-solving. This “agentic” phase of AI could enable systems to adapt to evolving conditions, prioritize risks, and even propose courses of action in real time.
Jonas Walker reflects on this trajectory:
“We’re moving from AI that can recognize patterns to AI that can reason and make decisions in dynamic environments. The next step is about problem-solving—giving cybersecurity systems the ability to adapt and react intelligently, while still keeping human oversight at the core.”
For enterprises, the challenge will be to manage this transition responsibly—embedding governance, transparency, and accountability into increasingly autonomous systems.
Explore the Full Frost & Sullivan Series on AI Transformation
This article marks Phase 3 of Frost & Sullivan’s ongoing series on AI Transformation, focusing on securing adoption through data privacy, governance, and multi-layered defense. Earlier phases examined why AI is a business imperative and how organisations can unlock ROI while navigating adoption complexity.
-
Phase 1 Follow-up: Continuing the Journey: Unlocking ROI
Phase 3: AI Transformation in Cybersecurity continues this journey—spotlighting why privacy, security, and governance must now take center stage as enterprises move from experimentation to scale.
Conclusion
Cybersecurity stands at a turning point. AI is not only a defensive necessity but also a contested field where adversaries innovate just as quickly. For enterprises, the path forward is about combining advanced tools with trusted expertise, while ensuring responsible governance.
As this discussion with Jonas Walker illustrates, AI is already reshaping the practice of cybersecurity and will continue to evolve toward more adaptive, reasoning-driven capabilities.
Whether you’re refining your first AI use case or scaling deployment across the enterprise, Frost & Sullivan provides actionable insights and strategic guidance. Connect with us to learn how we can support your AI transformation journey.
