Beyond the Hype: Strategic AI Investments in Cybersecurity

The use of AI in cybersecurity has significantly grown in recent years, driven by the need to protect systems from increasingly sophisticated cyberthreats. However, despite AI’s potential, many companies face challenges in effectively integrating these solutions within their existing security architectures. 

“It is important to act responsibly before integrating AI. While it can streamline processes, it may also contribute to cybersecurity vulnerabilities,” says Chava Valades, Head of Cybersecurity Awareness, AlmaMatters.

One of the main issues is the fact that AI tools, although powerful, are often implemented in isolation, without proper integration with existing security infrastructures, reducing their effectiveness. As CIDOB reports, this gap between technology and the lack proper infrastructure is a constant challenge for organizations, which must find ways to use AI not only as an isolated tool but as an integral part of their security strategy.

Experts agree that one key solution is ensuring full integration of AI into the cybersecurity architecture from the early stages of its implementation. “We need to examine the objective when discussing the integration of AI oriented toward cybersecurity; we need to understand the "why" behind it,” says Erwin Campos, Global CISO, Grupo Bimbo. 

According to Profile Tree, by aligning AI solutions with existing systems these solutions do not become isolated elements but active components of the security infrastructure. This can be achieved through strategic planning that considers both the technological infrastructure and the operational needs of the organization. 

Companies should also carefully consider which solutions fit their needs best, instead of blindly following trends. " As companies, we need to determine if  we truly need it or if it is just another trend," says Felipe Absalon, Cyber Security Officer-North Latam, Bayer. “At Bayer, we have rules to raise awareness of AI usage and evaluate the risks.”

A combination of solid technological integration and adequate team training helps create a more robust security environment. While the benefits are apparent, implementing AI in cybersecurity is not without its challenges. Profile Tree highlights several obstacles, such as the lack of clarity on specific use cases and the internal resistance within organizations to adopting new technologies. Another challenge is measuring and proving the effectiveness of the adopted strategy to all stakeholders.

“Achieving success in cybersecurity is complex, as it is often measured by the absence of incidents,” says Jesús Díaz, CIO, Hospitales MAC. “The result becomes a master key to return and demand more money from the business.”

Many companies also fail to precisely identify which areas of their infrastructure require an AI solution, making it difficult to establish clear investment goals. Additionally, AI implementation requires a high level of customization, which can lead to difficulties when providers do not offer solutions tailored to the specific needs of each company. "Not all providers know what companies do. It is necessary to know the client to offer them the best solution for their needs, " says Absalon.

As AI technology continues to evolve, experts foresee greater adoption of integrated AI solutions globally, especially as cyberthreats become more complex. In the future, AI in cybersecurity is expected to focus on increasingly predictive and autonomous solutions capable of anticipating and mitigating threats before they materialize. 

However, this advancement will come with the need for continuous human oversight. Human supervision will remain crucial for interpreting results and making strategic decisions. In the coming years, organizations are expected to have AI platforms that operate more seamlessly and integrated with their security systems, but always with human intervention to ensure effectiveness and adaptability. “What we need to do, as experts in cybersecurity, is guide the business on what can and cannot be done. If we do not have the integration, we become guinea pigs of an expensive technology," says Campos.