Altman Solon is the largest global telecommunications, media, and technology consulting firm. In this insight, we apply our AI Resilience Diagnostic to cybersecurity, helping software investors identify categories and companies positioned to defend and extend durable moats in an AI-driven market.
Investor enthusiasm for AI remains high, but conviction in cybersecurity software is uneven. Many recognize the scale of the opportunity yet struggle to distinguish between categories in which AI compresses value and those in which trust, regulation, and proprietary data create lasting moats.
In this follow-up to our earlier work on AI resilient software, we apply our AI Resilience Diagnostic to the cybersecurity landscape, drawing on proprietary research and insights gleaned from conversations with over 50 security leaders across the U.S., Europe, and the U.K. We have found that AI is shifting value creation in cybersecurity, not by eliminating categories, but by flattening feature-level differentiations while raising the importance of data, workflow integration, and accountability.
AI is penetrating cybersecurity workflows, from assistive tooling to capabilities like scanning, triage, and rule generation. While AI can rapidly automate repeatable tasks, the scale and complexity of modern security environments require platforms that can aggregate signals, coordinate response, and enforce governance. The result is a market where:
Feature replication is accelerating.
Category boundaries are converging.
Human oversight, trust, and accountability still remain critical.
The AI-Resilience Diagnostic is a moat-first framework that analyzes both category-level exposure and company-specific defensibility in an AI-driven market. In cybersecurity, that means looking beyond automation potential alone and focusing on where AI reinforces, or undermines, sustainable value.
In our conversations with Chief Information Security Officers (CISOs) and cybersecurity professionals helped to identify five characteristics that consistently define more AI-resilient cybersecurity categories. These explain why some areas face rapid automation, while others continue to have durable value even as AI capabilities advance.
Not all cybersecurity categories face the same risk. Respondents consistently identified security operations & detection and application & code security as among the most exposed to AI-driven disruption, driven by automation and platform building.
By contrast, categories like identity & access management (IAM), endpoint protection, and backup & recovery appear more resilient, benefiting from deep system integration, regulatory accountability, and non-negotiable roles in enterprise risk management.
At the company level, respondents saw three core sources of defensibility that matter most in an AI-first cybersecurity market:
Access to proprietary, large-scale security telemetry.
Deep understanding of customer-specific intent, risk tolerance, and workflows.
These factors separate companies that can sustain differentiation from those vulnerable to rapid feature replication.
AI might be accelerating change across cybersecurity, but it is not eliminating the need for platforms, AI governance, or trust. For investors, the opportunity for outsize gains lies in identifying where AI compresses value and where it reinforces strong moats.
Our full whitepaper applies our AI Resilience Diagnostic to cybersecurity software, analyzing not only category moats, but also technical and non-technical moats.
Altman Solon applies the AI Resilience Diagnostic across the investment lifecycle, both to inform diligence and to translate findings into clear product and growth-value-creation priorities. Typical applications include integrated commercial and technical diligence, anchored in category and company drivers of sustainable differentiation; and pre- and post-deal AI resilience diagnostics that translate findings into product and growth value-creation priorities.