blog post

AI and ML Ran the Bases, but in the Wrong Ballpark

An August 2022 IDC report forecasts the overall AI software market will reach $791.5 billion in revenue by 2025 at a CAGR of 18.4%. Every investor I know narrows down opportunities by CAGR, and 18% is a highly attractive growth.


The cybersecurity software market was valued at $186 billion in 2019 and is projected to reach $362 billion by 2027, growing at a CAGR of 10.1% from 2020 to 2027.


The major factors driving the cybersecurity software market are the heightened frequency of cyberattacks exploiting supply chains, the emergence of disruptive digital technologies, and stringent regulatory requirements for information security. 


AI and ML are on track to be the key technologies enabling business transformation and allowing companies to be more competitive.


Most businesses have already invested in digital transformation initiatives, with a subset pursuing these efforts more aggressively. The recent acceleration of innovative, leading-edge technologies across categories like hybrid cloud, Kubernetes containers, and edge and mesh computing can largely be attributed to technology adoption. As a result, CISOs need to stay current with the mechanics and operational models or risk falling behind in their understanding of how all these technologies fit together.


In fact, this complexity is the cause of most breaches today, regardless of where they originate and which employee class erred in clicking on a link or downloading a memo or instruction set.


That point of entry is only half the battle, and in my next blog, I will argue why a managed security awareness program like the one we deliver through is the right solution.


The other half is the failure to detect infections during the attack or in the aftermath, and dwell times in the U.S. still average a mind-boggling 287 days before detection. A lot of damage can be done in 287 days. 


No CISO today is able to combat this reality, and too many vendors claim AI/ML capabilities that don’t exist. What is effective are security analytics that leverage AI/ML to adapt to changes in behaviors and activity on the fly without requiring updates to handle variants or new attacks. 


I am encouraged by the recent flood of activity in the field of generative pre-trained transformers using large language models, such as ChatGPT, which will translate into increased investment in AI/ML for behavioral analytics. I believe this translation will lead to breakthroughs in detection and interruption that can reduce dwell time to minutes versus days. 


To learn more about the current state of AI and ML, tune into Chuck Brooks’ custom course on the subject at and stay up to date on the current state of enterprise cybersecurity defense.




Steve King

Managing Director,

King, an experienced cybersecurity professional, has served in senior leadership roles in technology development for the past 20 years. He has founded nine startups, including Endymion Systems and seeCommerce. He has held leadership roles in marketing and product development, operating as CEO, CTO and CISO for several startups, including Netswitch Technology Management. He also served as CIO for Memorex and was the co-founder of the Cambridge Systems Group.