AI impact on APAC cybersecurity teams divides leaders & analysts

Techday NZ

15-05-2025

Research by Exabeam has highlighted a significant disconnect between the perceived and actual impact of artificial intelligence (AI) on cybersecurity operations among executives and front-line analysts in the Asia Pacific and Japan (APJ) region.
The Exabeam report, "From Hype to Help: How AI Is (Really) Transforming Cybersecurity in 2025," found that while there is broad adoption of AI tools, perceptions of their value in improving productivity differ sharply between security team leadership and security analysts charged with daily tool operation.
Data from the survey reveals that 71% of executives in APJ believe AI has brought about substantial productivity gains for their security teams. In contrast, only 5% of security analysts—those directly operating AI technology—shared that view. This marked divergence is more than a simple difference of opinion and points to deeper issues with operational effectiveness and trust in AI-driven processes.
Executives tend to cite AI's capacity to lower costs, streamline workflows, and strengthen strategic capability. However, front-line analysts report an alternative experience shaped by issues such as an ongoing stream of false positives, heightened alert fatigue, and an enduring need for human oversight, which challenge the effectiveness of AI tools in day-to-day security operations.
The research suggests that for many organisations, the introduction of AI has not removed the burden of manual work for analysts, but has instead altered its nature or shifted it elsewhere within team processes. This dynamic may indicate that organisational leadership has overestimated both the maturity and reliability of current AI tools, while potentially underestimating the complexity involved in practical implementation across diverse security environments.
"There's no shortage of AI hype in cybersecurity — but ask the people actually using the tools, and the story falls apart," said Steve Wilson, Chief AI and Product Officer at Exabeam. "Analysts are stuck managing tools that promise autonomy but constantly need tuning and supervision. Agentic AI flips that script — it doesn't wait for instructions, it takes action, cuts through the noise, and moves investigations forward without dragging teams down."
The report does find consistent acknowledgement of AI delivering the most tangible impact in specific cybersecurity processes, particularly in threat detection, investigation, and response (TDIR). Within APJ, 46% of participating security teams stated AI has led to productivity improvements in these areas by automating repetitive analytical tasks, reducing the volume of alerts analysts need to review, and shortening the time required to gain meaningful insights from system data.
AI-driven solutions were observed to have improved anomaly detection, provided faster mean time to detect (MTTD), and enabled more effective use of user behaviour analytics to identify potential threats.
Despite these positive indicators, trust in the autonomy of AI remains limited. Only 23% of APJ security teams reported being confident in allowing AI to take action without human intervention. Many in the industry believe that successful performance must come before trust, with organisations not looking to fully delegate responsibility but hoping that AI can scale beyond the current limits of human analysis by consistently delivering accurate results and automating labour-intensive workflows.
AI adoption is also leading to structural changes in the composition of security teams across the region. More than half the APJ organisations surveyed said they had restructured their teams in response to the introduction of AI solutions. Within this group, 31% have reduced their workforce due to automation, while 23% are hiring in specialised areas such as AI governance, automation oversight, and data protection.
These structural adjustments reflect the emergence of a new operational model for security operations centres (SOCs), where the aim is for so-called agentic AI to support swifter decision-making, enhance the depth of investigative work, and allow human personnel to focus on higher-value tasks.
The Exabeam report also highlights marked regional differences in both AI adoption and its perceived impact on productivity. Across the surveyed regions, organisations in India, the Middle East, Turkey, and Africa (IMETA) reported the most significant productivity gains linked to AI (81%), followed by those in the United Kingdom, Ireland, and Europe (UKIE) at 60%. APJ organisations reported an AI-driven productivity boost of 46%, which is slightly higher than the 44% reported by North American organisations.
Findings from the research underline the need for closer alignment between leadership aspirations and operational execution as AI becomes further embedded in cybersecurity practices. Exabeam notes that organisations seeking to narrow the gap between strategic intent and practical outcomes should consider deploying agentic AI for its more proactive capabilities. Organisations are encouraged to involve security analysts in technology deployment decisions and focus on measurable outcomes over promotional claims.
The research was conducted by Sapio Research for Exabeam during February and March 2025 through a global survey of 1,000 cybersecurity professionals from 17 countries, including participants from a range of sectors such as finance, manufacturing, healthcare, and government. The definition of AI within the survey was deliberately broad to encompass a range of tools including machine learning, generative AI, and agentic systems.