Generative AI in Live Operations: Evidence of Productivity Gains in Cybersecurity and Endpoint Management
This provides early evidence of productivity gains for cybersecurity and IT operations teams, though it is incremental as it uses observational data without causal identification.
The study measured the impact of generative AI tool adoption on cybersecurity and endpoint management metrics, finding robust and statistically significant improvements in security alerts per incident, incident reopenings, data loss prevention alert classification time, and device policy conflict resolution time.
We measure the association between generative AI (GAI) tool adoption and four metrics spanning security operations, information protection, and endpoint management: 1) number of security alerts per incident, 2) probability of security incident reopenings, 3) time to classify a data loss prevention alert, and 4) time to resolve device policy conflicts. We find that GAI is associated with robust and statistically and practically significant improvements in the four metrics. Although unobserved confounders inhibit causal identification, these results are among the first to use observational data from live operations to investigate the relationship between GAI adoption and security operations, data loss prevention, and device policy management.