Why cybersecurity teams are struggling to keep up with AI adoption

Author:

Using an unordered list, summarize the following article with between 4 and 8 key points. Fortinet’s Robert May on the hidden challenges defining cybersecurity in the AI era.

Companies and employees alike are adopting AI tools faster than ever, leaving security teams scrambling to understand what is actually running across their own environments.

Robert May works on the systems meant to secure that movement of data. As Executive Vice President of Technology and Product Management at global cybersecurity company Fortinet, May oversees the Fortinet Security Fabric platform used by organizations to monitor network activity, identify and mitigate threats, and coordinate incident response.

During a recent keynote address at Fortinet’s TechExpo26 event in Montréal, May explored how AI is quickly reshaping cybersecurity by changing the kinds of data organizations need to protect and the systems used to secure it. He believes many companies today “don’t even know the problem that they’re dealing with.”

“This is something we hear about in every customer meeting,” May told BetaKit. “Two years ago, people were just playing around with ChatGPT, but now there are thousands of tools, and [businesses] don’t know which ones their employees are using.”

“From the point of view of our products and services offering, the end customer needs to decide what level of sovereignty they need.”

At the same time, AI tools are entering workflows with very little friction. A 2025 study from McKinsey found that all survey respondents were using AI in some fashion. But Fortinet’s 2026 Cybersecurity Skills Gap Global Research Report notes that only half of surveyed leaders believe their board members are “fully aware” of potential risks from AI use. According to May, this is leaving security teams reacting to how AI is already being used, rather than setting the terms for its use in advance.

The risk, May said, is twofold. AI tools are now touching companies’ most sensitive and valuable data, which means where that data goes and who can access it matters in a very immediate way. The reality that teams are short-staffed and unable to review the entire flow of data only increases the risk.

“A lot of these AI tools are dealing with data that is basically driving the business,” he added. “If you’re a company that develops software, you might have developers using tools that automatically write source code. If that source code gets leaked, your whole value proposition is now public.”

Security teams, May said, are operating within a system that has been under pressure for years, and AI has increased the volume and complexity of what these already-stretched teams need to monitor.

“The blind spots come from the fact that analysts are overloaded,” May explained. “Their network operations centre (NOC), or security operations centre (SOC) teams, are dealing with too much data, and things are constantly changing.”

Since analysts have to decide where to focus their attention within a constant flow of alerts and activity, some signals receive close review while others remain in the background without immediate follow-up. “They don’t get the review that they require, because analysts are too understaffed or they’re too short on resources,” May added.

It’s why Fortinet is developing agentic AI capabilities designed to take on parts of the investigative work that analysts have historically carried out across multiple systems. For NOC and SOC teams, agentic AI streamlines investigations by pulling data from connected products, assembling context, and determining what requires further analysis before human intervention, expediting the threat analysis process.

“It’s definitely saving crucial time,” May added.

Organizations may not have clear visibility into which AI tools are in use, but the activity those tools generate still passes through systems that can be monitored. May pointed to Fortinet’s firewall services, its secure access service edge architecture, and its security operations infrastructure as tools organizations can use to build a clearer picture of how teams are using AI services.

“It’s a way to get that visibility across the whole organization, and at least then, you know what you’re dealing with,” he added.

Many organizations are running security stacks assembled from dozens of separate products, each surfacing information in its own way. May believes that agentic AI only works when those underlying systems are able to produce a coherent view of activity and streamline workflows.

“If you’ve got 50 different products inside your SOC or your IT systems, and they don’t work well together, AI is just another layer on top of something that already doesn’t work well,” he added.

May also believes companies need to think carefully about where AI systems process and store data, since different jurisdictions carry different rules around who can access that information and how it is protected.

“If you’re a company that develops software, you might have developers using tools that automatically write source code. If that source code gets leaked, your whole value proposition is now public.”

Fortinet’s approach lets customers choose where those systems run, whether it’s on-premise, on the public cloud, or in a specific region, while keeping the same security controls in place across each option. That flexibility is backed by physical infrastructure in the country: Fortinet operates three data centres in Canada (more than in any other country outside the United States) alongside its major R&D campus in Burnaby, and offices in Calgary and Ottawa.

“From the point of view of our products and services offering, the end customer needs to decide what level of sovereignty they need,” May added.

As visibility, coordination between systems, and control over data continue to shape the next phase of cybersecurity, Fortinet is building its security products around those pressures, aiming to help businesses move quickly without losing oversight. This isn’t new territory for the company. Fortinet has used AI in its products for over 15 years and is now extending that work into agentic capabilities.

Ultimately, May believes organizations need to approach AI from two directions simultaneously: security for AI and AI for security. The first requires visibility and control over how AI is being used across the organization, including understanding what data is being shared and where it is flowing. The second involves using technologies such as agentic AI to help security teams scale operations, reduce analyst burden and respond more efficiently to growing complexity.

“There’s a rush to quickly use AI because it’s a competitive advantage,” May said. “But it’s easy to rush ahead before understanding what needs to be put in place.”

PRESENTED BY

Fortinet is leading the cybersecurity evolution in Canada. Discover how.

Feature image courtesy Fortinet.