Beyond the hype: Analyzing new data on ROI of AI in security

If you ask elite athletes about the secrets of their success, the answers will likely be insightful, but their applicability to your everyday training routine may be limited. However, how the best succeed carry key lessons and inspirations that help all of us get better.

Google Cloud’s new The ROI of AI in security report showcases how best-in-class organizations are getting value from AI in cybersecurity. For several years, the cybersecurity industry has discussed the potential of artificial intelligence. Much of this discussion has been aspirational, often blurring the lines between true machine learning and more basic automation. However, this report suggests a significant, practical shift is already underway.

We surveyed 3,466 senior leaders globally to move beyond hype and into the practical discussion of revenue, productivity, and risk reduction. The findings confirm that the conversation is no longer about "if" AI should be used, but "how" it can be scaled to measurably improve security posture.

The core takeaway is this: Agentic AI offers organizations a promising path to mitigating security risks while improving both efficacy and efficiency.

The agentic shift: Why your next best hire might be software

The report's central thesis is the agentic shift, the evolution from gen AI as a simple assistant — useful for tasks like intelligence summarization and script generation — to semi-autonomous AI agents that act as extensions of the security team and cover an ever-increasing number of tasks.

These agents are powered by large-language models with specific roles, context, and objectives that can independently plan, reason, and perform tasks in predefined guardrails. This includes critical functions like malware analysis, third party risk analysis, detection engineering, and alert triage.

The data shows that security is a powerful driver for this new technology, and that the concept is highly practical. Among executives at organizations using AI agents, 46% report deploying them for security operations and cybersecurity. This adoption is consistent, ranking as a top-three use case across nearly all key industries, including retail and CPG, financial services, media and entertainment, telecom, and healthcare and life sciences.

From theoretical value to quantifiable ROI

A clear divide is emerging between organizations that are experimenting and those that are strategically deploying. Early adopters are defined as those dedicating at least 50% of their future AI budget specifically to agents.

For a CISO, any new technology must justify its existence through a clear business case. The 2025 data provides a compelling one:

• Rapid time-to-value: 74% of executives report seeing ROI on at least one gen AI use case within the first year. This figure has held steady year-over-year, indicating it is a sustainable trend, not an early-adopter anomaly.
• Improved efficacy (not just efficiency): Gen AI value-add is most pronounced among agentic AI early adopters. 67% of this group have seen a positive impact on their security posture, compared to 49% across all organizations. Critically, this goes beyond just speed; 85% of early adopters that report gen AI has resulted in improved security posture cite an improved ability to identify threats, with an equal share also citing improved intelligence and response integration.
• Tangible SOC metrics: The report translates these high-level improvements into operational metrics. 65% of early adopters reporting improved security posture resulting from gen AI have seen a reduction in time to resolution, while 58% report a reduction in the total number of security tickets. These metrics represent a direct impact on operational overhead and the persistent problem of analyst burnout.

The C-suite mandate

Executive commitment to early AI adoption is creating a virtuous cycle. Demonstrable ROI is justifying even greater focus, with 58% of executives reporting their organization is allocating net-new budget to fund gen AI investments, rather than simply reallocating existing funds.

However, this success is not a grassroots phenomenon. The report underscores that C-suite sponsorship is crucial for successful AI adoption. Executives from organizations with comprehensive C-level sponsorship are consistently more likely to see a tangible ROI (78% of those with sponsorship see ROI now, versus 72% without).

This makes logical sense: For an AI agent to support complex workflows like incident response, it needs secure, governed access to data and tools across enterprise silos, a feat that requires executive mandate.

The central paradox: Security as the main blocker

Despite security operations being a primary beneficiary, security itself remains the single greatest hurdle to implementation.

When executives were asked to name the most important factor in considering LLM providers, the number one concern was data privacy and security, cited by 37% of respondents. This was followed by integration with existing systems (28%), and cost (27%).

The data is clear, but success is not guaranteed. In fact, the very thing security teams want — more AI — is currently being blocked by their number one concern.

Because the central paradox is that organizations are reluctant to adopt the very technology that could help solve their security challenges because of the security risks inherent in adopting it, the path to successful AI adoption must be about more than just the model. It’s also about the critical importance of a modern, integrated data strategy that prioritizes strong governance and security protocols from the start.

Next steps for maximizing your AI investment return

The 2025 data suggests the industry has turned a corner. At leading organizations, the discussion has matured from AI as a conceptual "assistant" to AI "agents" as a core, measurable component of the security program.

The early adopters are already reaping quantifiable benefits, not just in efficiency (fewer tickets, faster resolution) but in efficacy (better threat identification). For organizations still on the sidelines, the report serves as a clear indication that the cost of inaction is a widening gap.

Success, however, will not be automatic. It requires executive-level sponsorship, a willingness to invest new budget, and a foundational solution to the data privacy and security paradox.

To learn more, you can read the full ROI of AI in Security report here.