AI Technologies , AI-Based Cyber Defense/Cyber Offense , Video
Generative AI in Cybersecurity: A Mixed Bag
Forrester Analyst Allie Mellen on Misaligned Expectations and Future TrendsTwo years ago, generative AI was predicted to revolutionize cybersecurity. Analysts hoped it would shorten incident response times and provide deep insights into security incidents, but these expectations have for the most part gone unfulfilled, said Allie Mellen, principal analyst at Forrester.
See Also: Building Better Security Operations Centers With AI/ML
Instead of actionable response recommendations, AI often produces broad, impractical guidance. "One vendor's AI suggested blocking Excel across the entire enterprise as a response - something a security analyst could never realistically implement," she said, highlighting the gap between AI output and operational feasibility.
With such challenges, some companies are scaling back their AI investments. "We're predicting a 10% budget decrease in AI for 2025 as disillusionment grows," Mellen said, forecasting a shift in priorities as security teams reassess AI’s role.
In this video interview with Information Security Media Group, Mellen also discussed:
- The current limitations of gen AI in cybersecurity;
- Challenges in integrating AI into daily analyst workflows;
- Future applications for narrow use cases in security operations.
Mellen covers security operations, nation-state threats, and the use of automation, machine learning, and AI in security tools at Forrester. She is a computer engineer by trade and has held various engineering roles during her career, including doing research at MIT, running her own engineering consultancy, and being a hacker before finally becoming a security practitioner.