An iterative five-phase process model to successfully implement AI for cybersecurity in a corporate environment
Sarah K. Lier (),
Tjelve M. Eppers (),
Jana Gerlach (),
Pascal Müller () and
Michael H. Breitner ()
Additional contact information
Sarah K. Lier: Leibniz University Hannover
Tjelve M. Eppers: Leibniz University Hannover
Jana Gerlach: Leibniz University Hannover
Pascal Müller: Leibniz University Hannover
Michael H. Breitner: Leibniz University Hannover
Electronic Markets, 2025, vol. 35, issue 1, No 56, 21 pages
Abstract:
Abstract While traditional cybersecurity approaches effectively address static or well-known threats, they often struggle to keep pace with the rapidly evolving threat landscape. New research highlights that increasing sophistication and dynamism in cyberattacks require adaptive and proactive measures, such as artificial intelligence (AI) applications and services, to complement conventional methods. AI for cybersecurity is needed to respond efficiently and reliably to threats and attacks, to detect dynamic threats faster, to analyze more precisely, and to enable adaptive protective measures that outperform conventional approaches. We identified research needs for AI in cybersecurity that need to be addressed by implementing respective AI applications and services. Companies and organizations need further research and company-centric approaches. We address AI for cybersecurity through a literature review and semi-structured expert interviews in a design science research–oriented framework. We identify typical implementation steps, deduce critical process phases, and develop a new process model to successfully implement AI for cybersecurity, including five process phases and 19 process steps. Our iterative five-phase process model provides a structured framework that is flexible to adapt to specific and general requirements, focuses on iterative evaluations; addresses cost, functional requirements, certifications, and environmental impact; facilitates early risk identification; and strengthens resilience against cyberattacks. Furthermore, we deduce seven key performance indicators to support a quantitative assessment of AI’s efficiency and effectiveness, allow benchmarking, and develop best practices. Finally, we provide limitations and a further research agenda.
Keywords: Cybersecurity; Cyberspace process model; Artificial intelligence; Key performance indicators; Corporate environment (search for similar items in EconPapers)
JEL-codes: L21 M15 (search for similar items in EconPapers)
Date: 2025
References: Add references at CitEc
Citations:
Downloads: (external link)
http://link.springer.com/10.1007/s12525-025-00802-x Abstract (text/html)
Access to the full text of the articles in this series is restricted.
Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.
Export reference: BibTeX
RIS (EndNote, ProCite, RefMan)
HTML/Text
Persistent link: https://EconPapers.repec.org/RePEc:spr:elmark:v:35:y:2025:i:1:d:10.1007_s12525-025-00802-x
Ordering information: This journal article can be ordered from
http://www.springer. ... ystems/journal/12525
DOI: 10.1007/s12525-025-00802-x
Access Statistics for this article
Electronic Markets is currently edited by Rainer Alt and Hans-Dieter Zimmermann
More articles in Electronic Markets from Springer, IIM University of St. Gallen
Bibliographic data for series maintained by Sonal Shukla () and Springer Nature Abstracting and Indexing ().