Artificial intelligence is not eliminating cybersecurity jobs but is fundamentally reshaping them by elevating the importance of human judgment and oversight, according to a new report from (ISC)². The study, titled "Rethinking AI's Impact on Cybersecurity Roles" and released on July 14, 2026, surveyed 856 cybersecurity professionals who use AI in their work. It found that AI is creating a new paradigm where professionals act as supervisors and validators of AI systems. A significant majority of respondents (63%) now spend more time validating AI outputs, and 65% spend more time deciding when to trust AI recommendations. This shift introduces new pressures, as 50% of professionals say humans are held accountable for AI-driven errors, a common occurrence reported by 89% of participants.
This is not a regulatory report but an industry study analyzing workforce trends. However, its findings have significant implications for governance, risk, and compliance (GRC) within organizations. The report underscores a growing 'accountability gap' where AI tools make recommendations, but humans bear the consequences of any failures. This suggests a future need for clearer regulatory and legal frameworks around AI liability in cybersecurity contexts. The study's findings can inform future standards for AI governance and the 'duty of care' expected of professionals using these tools.
The findings are relevant to any organization that employs cybersecurity professionals and is adopting AI tools, which includes virtually every sector. Specifically:
There are no direct compliance requirements from this study. However, it highlights key areas organizations must address from an internal governance perspective to manage risk:
The trends identified in the report are ongoing. The key takeaway is that organizations need to begin adapting their cybersecurity team structures, role definitions, and training programs immediately to keep pace with AI's integration into security workflows.
ISC2 releases its 'Rethinking AI's Impact on Cybersecurity Roles' report.

Cybersecurity professional with over 10 years of specialized experience in security operations, threat intelligence, incident response, and security automation. Expertise spans SOAR/XSOAR orchestration, threat intelligence platforms, SIEM/UEBA analytics, and building cyber fusion centers. Background includes technical enablement, solution architecture for enterprise and government clients, and implementing security automation workflows across IR, TIP, and SOC use cases.
CyberNetSec.io uses automation to assist source monitoring, deduplication, observable extraction, and structured intelligence generation. Published analysis follows human-defined editorial standards and adds defensive context including MITRE ATT&CK, D3FEND, STIX, and Sigma where applicable. Read our editorial policy.
Help others stay informed about cybersecurity threats
Every tactic, technique, and sub-technique used in this threat has been identified and mapped to the MITRE ATT&CK framework for consistent, actionable threat language.
Observables and indicators of compromise (IOCs) have been extracted and cataloged. Risk has been assessed and correlated with known threat actors and historical campaigns.
Detection rules, incident response steps, and D3FEND-aligned mitigation strategies are included so your team can act on this intelligence immediately.
Structured threat data is packaged as a STIX 2.1 bundle and can be visualized as an interactive graph — relationships between actors, malware, techniques, and indicators.
Sigma detection rules are derived from the threat techniques in this article and can be converted for deployment across any major SIEM or EDR platform.