Loading [MathJax]/extensions/tex2jax.js

An iterative five-phase process model to successfully implement AI for cybersecurity in a corporate environment

Publikation: Beitrag in FachzeitschriftArtikelForschungPeer-Review

Autorschaft

Organisationseinheiten

Details

OriginalspracheEnglisch
Aufsatznummer56
FachzeitschriftElectronic markets
Jahrgang35
Ausgabenummer1
PublikationsstatusVeröffentlicht - 19 Juni 2025

Abstract

While traditional cybersecurity approaches effectively address static or well-known threats, they often struggle to keep pace with the rapidly evolving threat landscape. New research highlights that increasing sophistication and dynamism in cyberattacks require adaptive and proactive measures, such as artificial intelligence (AI) applications and services, to complement conventional methods. AI for cybersecurity is needed to respond efficiently and reliably to threats and attacks, to detect dynamic threats faster, to analyze more precisely, and to enable adaptive protective measures that outperform conventional approaches. We identified research needs for AI in cybersecurity that need to be addressed by implementing respective AI applications and services. Companies and organizations need further research and company-centric approaches. We address AI for cybersecurity through a literature review and semi-structured expert interviews in a design science research–oriented framework. We identify typical implementation steps, deduce critical process phases, and develop a new process model to successfully implement AI for cybersecurity, including five process phases and 19 process steps. Our iterative five-phase process model provides a structured framework that is flexible to adapt to specific and general requirements, focuses on iterative evaluations; addresses cost, functional requirements, certifications, and environmental impact; facilitates early risk identification; and strengthens resilience against cyberattacks. Furthermore, we deduce seven key performance indicators to support a quantitative assessment of AI’s efficiency and effectiveness, allow benchmarking, and develop best practices. Finally, we provide limitations and a further research agenda.

ASJC Scopus Sachgebiete

Zitieren

An iterative five-phase process model to successfully implement AI for cybersecurity in a corporate environment. / Lier, Sarah K.; Eppers, Tjelve M.; Gerlach, Jana et al.
in: Electronic markets, Jahrgang 35, Nr. 1, 56, 19.06.2025.

Publikation: Beitrag in FachzeitschriftArtikelForschungPeer-Review

Lier SK, Eppers TM, Gerlach J, Müller P, Breitner MH. An iterative five-phase process model to successfully implement AI for cybersecurity in a corporate environment. Electronic markets. 2025 Jun 19;35(1):56. doi: 10.1007/s12525-025-00802-x
Lier, Sarah K. ; Eppers, Tjelve M. ; Gerlach, Jana et al. / An iterative five-phase process model to successfully implement AI for cybersecurity in a corporate environment. in: Electronic markets. 2025 ; Jahrgang 35, Nr. 1.
Download
@article{99767255e6b746099bc8252bd66df293,
title = "An iterative five-phase process model to successfully implement AI for cybersecurity in a corporate environment",
abstract = "While traditional cybersecurity approaches effectively address static or well-known threats, they often struggle to keep pace with the rapidly evolving threat landscape. New research highlights that increasing sophistication and dynamism in cyberattacks require adaptive and proactive measures, such as artificial intelligence (AI) applications and services, to complement conventional methods. AI for cybersecurity is needed to respond efficiently and reliably to threats and attacks, to detect dynamic threats faster, to analyze more precisely, and to enable adaptive protective measures that outperform conventional approaches. We identified research needs for AI in cybersecurity that need to be addressed by implementing respective AI applications and services. Companies and organizations need further research and company-centric approaches. We address AI for cybersecurity through a literature review and semi-structured expert interviews in a design science research–oriented framework. We identify typical implementation steps, deduce critical process phases, and develop a new process model to successfully implement AI for cybersecurity, including five process phases and 19 process steps. Our iterative five-phase process model provides a structured framework that is flexible to adapt to specific and general requirements, focuses on iterative evaluations; addresses cost, functional requirements, certifications, and environmental impact; facilitates early risk identification; and strengthens resilience against cyberattacks. Furthermore, we deduce seven key performance indicators to support a quantitative assessment of AI{\textquoteright}s efficiency and effectiveness, allow benchmarking, and develop best practices. Finally, we provide limitations and a further research agenda.",
keywords = "Artificial intelligence, Corporate environment, Cybersecurity, Cyberspace process model, Key performance indicators",
author = "Lier, {Sarah K.} and Eppers, {Tjelve M.} and Jana Gerlach and Pascal M{\"u}ller and Breitner, {Michael H.}",
note = "Publisher Copyright: {\textcopyright} The Author(s) 2025.",
year = "2025",
month = jun,
day = "19",
doi = "10.1007/s12525-025-00802-x",
language = "English",
volume = "35",
journal = "Electronic markets",
issn = "1019-6781",
publisher = "Springer Verlag",
number = "1",

}

Download

TY - JOUR

T1 - An iterative five-phase process model to successfully implement AI for cybersecurity in a corporate environment

AU - Lier, Sarah K.

AU - Eppers, Tjelve M.

AU - Gerlach, Jana

AU - Müller, Pascal

AU - Breitner, Michael H.

N1 - Publisher Copyright: © The Author(s) 2025.

PY - 2025/6/19

Y1 - 2025/6/19

N2 - While traditional cybersecurity approaches effectively address static or well-known threats, they often struggle to keep pace with the rapidly evolving threat landscape. New research highlights that increasing sophistication and dynamism in cyberattacks require adaptive and proactive measures, such as artificial intelligence (AI) applications and services, to complement conventional methods. AI for cybersecurity is needed to respond efficiently and reliably to threats and attacks, to detect dynamic threats faster, to analyze more precisely, and to enable adaptive protective measures that outperform conventional approaches. We identified research needs for AI in cybersecurity that need to be addressed by implementing respective AI applications and services. Companies and organizations need further research and company-centric approaches. We address AI for cybersecurity through a literature review and semi-structured expert interviews in a design science research–oriented framework. We identify typical implementation steps, deduce critical process phases, and develop a new process model to successfully implement AI for cybersecurity, including five process phases and 19 process steps. Our iterative five-phase process model provides a structured framework that is flexible to adapt to specific and general requirements, focuses on iterative evaluations; addresses cost, functional requirements, certifications, and environmental impact; facilitates early risk identification; and strengthens resilience against cyberattacks. Furthermore, we deduce seven key performance indicators to support a quantitative assessment of AI’s efficiency and effectiveness, allow benchmarking, and develop best practices. Finally, we provide limitations and a further research agenda.

AB - While traditional cybersecurity approaches effectively address static or well-known threats, they often struggle to keep pace with the rapidly evolving threat landscape. New research highlights that increasing sophistication and dynamism in cyberattacks require adaptive and proactive measures, such as artificial intelligence (AI) applications and services, to complement conventional methods. AI for cybersecurity is needed to respond efficiently and reliably to threats and attacks, to detect dynamic threats faster, to analyze more precisely, and to enable adaptive protective measures that outperform conventional approaches. We identified research needs for AI in cybersecurity that need to be addressed by implementing respective AI applications and services. Companies and organizations need further research and company-centric approaches. We address AI for cybersecurity through a literature review and semi-structured expert interviews in a design science research–oriented framework. We identify typical implementation steps, deduce critical process phases, and develop a new process model to successfully implement AI for cybersecurity, including five process phases and 19 process steps. Our iterative five-phase process model provides a structured framework that is flexible to adapt to specific and general requirements, focuses on iterative evaluations; addresses cost, functional requirements, certifications, and environmental impact; facilitates early risk identification; and strengthens resilience against cyberattacks. Furthermore, we deduce seven key performance indicators to support a quantitative assessment of AI’s efficiency and effectiveness, allow benchmarking, and develop best practices. Finally, we provide limitations and a further research agenda.

KW - Artificial intelligence

KW - Corporate environment

KW - Cybersecurity

KW - Cyberspace process model

KW - Key performance indicators

UR - http://www.scopus.com/inward/record.url?scp=105008734075&partnerID=8YFLogxK

U2 - 10.1007/s12525-025-00802-x

DO - 10.1007/s12525-025-00802-x

M3 - Article

AN - SCOPUS:105008734075

VL - 35

JO - Electronic markets

JF - Electronic markets

SN - 1019-6781

IS - 1

M1 - 56

ER -

Von denselben Autoren