Sophos Research Reveals AI Security Tool Adoption Challenges

Cybersecurity software provider Sophos has published research indicating that, while AI integration reaches near-total market penetration in security infrastructure, concerns persist among leaders about implementation risks and cost implications.
The findings are set out in the company's 'Beyond the Hype: The Business Reality of AI for Cybersecurity' report, which surveyed 400 IT and cybersecurity leaders about their use of AI in cybersecurity operations, with a particular focus on how they use generative AI (Gen AI).
Sophos, which develops antivirus software and network security solutions, reports that 98% of surveyed organisations have embedded some form of AI within their cybersecurity infrastructure. The company indicates this research aims to provide measurable insight on adoption and desired benefits, while also understanding associated risks.
The research identifies what Sophos terms 'a major blindspot' in how organisations approach AI in cyber defences', suggesting that many firms may not fully comprehend the technology's limitations.
AI enterprise adoption rates vary
The research indicates that 74% of respondents use cybersecurity tools incorporating deep learning models - systems that use neural networks to process data. Additionally, 65% employ tools with Gen AI capabilities, while 34% develop in-house Gen AI solutions to strengthen their security position.
This adoption trend shows no signs of decreasing, with 99% of organisations now including AI capabilities in their requirements when evaluating new cybersecurity platforms.
The pace of AI adoption and projected future usage suggests understanding both risk and associated mitigations in cybersecurity remains a priority across sectors. Different sized organisations express varied priorities in their approach to generative AI, though improved protection from cyberthreats and enhanced business performance ranked consistently high.
Leadership concerns over AI model quality
The implementation of AI in security brings challenges alongside benefits. The research reveals that 89% of IT and cybersecurity leaders have concerns about potential organisational and cybersecurity risk from flaws in Gen AI tools.
Cost remains a significant consideration, with 80% of leadership figures indicating worry about increased cybersecurity product expenses due to AI integration.
Chester Wisniewski, Director and Global Field CTO at Sophos, says: "As with many other things in life, the mantra should be 'trust but verify' regarding generative AI tools. We have not actually taught the machines to think; we have simply provided them with the context to speed up the processing of large quantities of data. The potential of these tools to accelerate security workloads is amazing, but it still requires the context and comprehension of their human overseers for this benefit to be realised."
AI in cybersecurity needs new approaches
The research suggests organisations should examine how vendors develop AI capabilities, including their approach to data quality, modelling, and engineering. This scrutiny extends to the evaluation of potential security partners and their AI development practices.
While AI-powered defence solutions strengthen cybersecurity measures, Sophos indicates potential gains can be offset by poor quality and poorly implemented AI models. The findings suggest organisations must balance the promise of enhanced protection against the risk of implementation flaws.
The research recommends organisations establish clear objectives around investment decisions to define potential AI outcomes. It emphasises the importance of viewing AI as one component within a broader cyber defence toolkit rather than a universal solution.
Sophos says that different sized organisations prioritise AI applications differently, though threat protection and business performance improvements remain consistent priorities across the survey group.
Explore the latest edition of AI Magazine and be part of the conversation at our global conference series, Tech & AI LIVE.
Discover all our upcoming events and secure your tickets today.
AI Magazine is a BizClik brand

