Embracing AI in Security Part 3: Now Is the Time to Level Up Your Security Career

AppSec Embracing AI in Security Part 3: Now Is the Time to Level Up Your Security Career

The numbers speak - the opportunity for security professionals has never been better!

In my second post, we explored how AI is the fasting moving technology in the history of humanity.  Today, let's examine the numbers - why it is the greatest opportunity for security professionals we have ever seen.  

In the rapidly evolving landscape of artificial intelligence, information security emerges as a field where AI is creating more jobs than it's displacing. As organizations race to adopt AI capabilities, they simultaneously create new security vulnerabilities that require specialized expertise to address. Let's examine how AI is reshaping information security careers and why this field represents one of the brightest spots in the AI-driven job market.

I love data and numbers - the latest are in this post - some from 2025.

The Security Talent Shortage:

The Bureau of Labor Statistics (BLS) projects exceptional growth for information security careers over the coming decade. According to their 2023-2033 projections, information security analysts will see employment grow by 32.7%, making it the fastest-growing computer occupation and the fifth-fastest-growing occupation overall across the entire economy.

This rapid growth isn't happening despite AI - but because of it. The accelerating adoption of AI technologies is creating unprecedented demand for security expertise.

BLS researchers explain this trend: "The pronounced risk of cyber breaches and attacks on enterprise infrastructure and sensitive data will continue to make cybersecurity a paramount concern for many organizations across a range of industries." Healthcare organizations, for example, have experienced an unprecedented number of attacks recently, often resulting in disruptions to services and operations and substantial revenue losses.

The convergence of AI and cybersecurity manifests in two critical ways:

  1. AI as a security tool: Organizations are rapidly deploying AI-powered security solutions to detect and respond to threats faster than human analysts could alone.
  2. AI-powered threats: Malicious actors are leveraging AI to create more sophisticated attacks, requiring advanced defensive capabilities.

The Critical Security Skills Gap

While demand for security expertise is skyrocketing, organizations are struggling with a severe and worsening talent shortage:

  • Dramatic increase in staffing shortages: IBM's 2024 research found that more than half (53%) of breached organizations are facing high levels of security staffing shortages - a 26.2% increase from the prior year.
  • Higher costs from skills gaps: Organizations experiencing severe security skills shortages face significantly higher breach costs - $5.74 million compared to $3.98 million for those with low-level skills shortages, a difference of $1.76 million per breach.
  • Chronic understaffing: Even historically, cybersecurity unemployment has been extremely low (often cited near 0% in the 2010s) due to a chronic talent shortage that is unlikely to be fully resolved by AI.
  • Global shortage at critical levels: (ISC)², a leading cybersecurity professional organization, reported in their 2023 Cybersecurity Workforce Study that the global cybersecurity workforce gap remains at 3.4 million workers - with 75% of organizations reporting that cybersecurity staff shortages are putting them at risk.
  • Paradoxical hiring patterns: Despite overall tech sector layoffs in 2023 (due to economic conditions), many companies continued to add cybersecurity personnel because of the risk environment.
  • Small team struggles: According to Cisco's 2023 Security Outcomes Report, 94% of security teams with fewer than 30 full-time staff reported suffering from cyber fatigue, defined as the tendency for security professionals to ignore or miss security alerts due to their overwhelming volume.

This critical shortage creates a paradoxical situation: as the need for security professionals grows due to AI adoption and evolving threats, the existing workforce is stretched increasingly thin, creating opportunities for those with the right skills while putting organizations at greater risk.

However, the following study from IDC in 2025 demonstrates that security professionals are not adopting AI quickly - especially in larger organizations.

Source: IDC’s Tines Voice of Security Survey 2025 

The IBM Evidence: AI Security Tools Delivering Real Value Today

IBM's 2024 Cost of a Data Breach Report provides compelling evidence that AI and automation in security operations are already delivering significant value. Organizations that extensively deploy security AI and automation experience:

  • Faster breach identification and containment: Organizations using AI extensively in security identified and contained data breaches nearly 100 days faster than those without AI tools.
  • Lower breach costs: Companies with extensive AI and automation in security functions experienced average breach costs of $3.84 million, compared to $5.72 million for those not using these technologies - a savings of $1.88 million per breach.
  • Substantial ROI across security operations: When AI was deployed extensively in prevention workflows (attack surface management, red-teaming, posture management), organizations averaged $2.2 million less in breach costs.

The IBM research shows that adopting AI isn't just future-proofing - it's delivering immediate benefits. As IBM notes, "defenders without AI and automation to assist them can expect to take longer to detect and contain a breach, and see costs rise compared to those who use these solutions."

Growth of Security AI Expertise

The security industry is increasingly embracing AI as a core component of its defense strategy:

  • 67% of organizations studied by IBM are deploying security AI and automation across their security operations center, a 10% jump from the prior year.
  • 1 in 5 organizations are now using some form of generative AI security tools.
  • AI is being deployed across all major security functions: prevention (27%), detection (27%), investigation (28%), and response (27%).

Rather than replacing security professionals, these tools are addressing a critical skills gap in the industry. With more than half of breached organizations facing high levels of security staffing shortages (a 26.2% increase from the prior year), AI is helping existing teams manage greater workloads and threats with greater efficiency.

Focus On These Roles:

As AI reshapes the security landscape, we're seeing significant changes in how security roles are structured and what skills are valued:

Cybersecurity Analysts with AI Expertise

Traditional security roles that incorporate AI expertise are commanding premium compensation. Security professionals who can write Python scripts to manipulate AI outputs or engineers who can incorporate ML models into security workflows are especially in demand.

Security Management Specialists

The BLS projects 53% growth in demand for Security Management Specialists by 2030, putting this role among the fastest-growing occupations in the economy. These professionals coordinate security activities, develop security policies, and ensure proper implementation of security measures across organizations.

Information Security Analysts

This foundational role, focused on planning and implementing security measures to protect computer networks and systems, will see 32.7% growth from 2023 to 2033 according to BLS projections.

AI Security Specialists

A new emerging role that sits at the intersection of AI and security. These professionals focus specifically on the security of AI systems themselves - protecting machine learning models from attack, ensuring data pipelines are secure, and validating the outputs for safety.

Emerging AI Security Specializations -- Are they for you?

The expansion of AI is creating entirely new security specializations that didn't exist previously:

  • AI Incident Analyst: Specialists who focus on incidents that involve or are detected by AI systems
  • AI Security Engineer: Responsible for maintaining the models that scan for threats
  • Security Data Scientists: Professionals who build and manage the data pipelines that train security-focused machine learning models

Develop these Key Skills for your career in Security

For security professionals looking to thrive in this evolving landscape, several skill areas stand out as particularly valuable:

  1. AI and big data literacy: Understanding how AI works, its limitations, and how to leverage it for security operations.
  2. Networks and cybersecurity fundamentals: The core technical foundation remains essential, with growing emphasis on securing AI infrastructure.
  3. Creative thinking: As automated systems handle routine tasks, human creativity in identifying novel threats and solutions becomes more valuable.
  4. Resilience and adaptability: The ability to quickly learn new technologies and techniques is crucial in a rapidly evolving threat landscape.
  5. Leadership and influence: Security professionals must increasingly communicate complex risks to non-technical stakeholders.

The Path Forward: Embracing AI's Role is your superpower!

The growth of AI in security transforms how security work is performed. As routine tasks are automated, security professionals are freed to focus on more strategic, high-level security challenges.

For security professionals concerned about AI's impact on their careers, the data is clear: information security stands out as a field where human expertise is becoming more valuable, not less. The key is to view AI as a force multiplier for human capabilities rather than a replacement for them.

Organizations that prioritize human-AI collaboration in security will achieve the best outcomes - combining AI's speed and pattern recognition with human judgment, creativity, and contextual understanding. This hybrid approach not only improves security outcomes but creates new and more rewarding career paths for security professionals.

In the evolving landscape of AI and security, the future belongs to professionals who can leverage these technologies to enhance human capabilities rather than replace them. The security field isn't contracting in the face of AI - it's expanding and evolving to meet new challenges, creating opportunities for those with the right skills and mindset.

In our next post, we'll discuss practical steps you can take to get started with AI in your security organization.

For more information about how AppSecAI can help your organization eliminate false positives and automate remediation, visit www.appsecai.io or contact us at automation@appsecai.io.


Bruce Fram
CEO and Founder, AppSecAI

Sources

  1. Bureau of Labor Statistics. (2024, November). Industry and Occupational Employment Projections Overview and Highlights, 2023-33. Retrieved from https://www.bls.gov/opub/mlr/2024/article/industry-and-occupational-employment-projections-overview-and-highlights-2023-33.htm
  2. Bureau of Labor Statistics. (2025). Incorporating AI Impacts in BLS Employment Projections. Retrieved from https://www.bls.gov/opub/mlr/2025/article/incorporating-ai-impacts-in-bls-employment-projections.htm
  3. IBM. (2024). Cost of a Data Breach Report 2024. Retrieved from https://www.ibm.com/reports/data-breach p. 5
  4. (ISC)². (2024, October). ISC2 2024 Cybersecurity Workforce Study. Retrieved from https://www.isc2.org/Insights/2024/10/ISC2-2024-Cybersecurity-Workforce-Study
  5. IBM. (2024). Cost of a Data Breach Report 2024. Retrieved from https://www.ibm.com/reports/data-breach p. 18
  6. Bureau of Labor Statistics. (2025). Incorporating AI Impacts in BLS Employment Projections. Retrieved from https://www.bls.gov/opub/mlr/2025/article/incorporating-ai-impacts-in-bls-employment-projections.htm
  7. IDC’s Tines Voice of Security Survey 2025. https://www.tines.com/access/whitepaper/voice-of-security-2025/