Cybersecurity professionals are spending more time babysitting AI than they expected, according to new research from ISC2.
Security teams spend more time validating AI outputs
A new survey of 856 security professionals by ISC2 reveals that while automation handles the grunt work, humans are burning out from acting as babysitters for AI outputs.
The study shows that AI isn’t just a set-and-forget tool. Instead, it is shifting daily workflows heavily toward oversight. Roughly two-thirds of respondents reported spending more time over the past year reviewing AI data (63%) and determining whether to actually trust AI recommendations (65%).
AI-related oversight contributes to workplace stress
This validation bottleneck is directly tied to employee well-being. While 48% of professionals said AI decreased their overall workplace stress, nearly a third (32%) reported a spike in anxiety.
The difference comes down to the paperwork: 76% of stressed workers spent more time vetting AI choices, compared to just 57% of their calmer peers.
Worse yet, 89% of respondents have caught their AI making incorrect recommendations. When things go sideways, the blame doesn’t fall on the software. Half of the organizations surveyed hold human decision-makers entirely accountable for AI-driven mistakes.
AI changes entry-level cybersecurity career paths
Despite fears that automation will eliminate early-career pathways, the data reveal a more nuanced transformation.
While 56% of participants agree that AI has reduced the pure volume of traditional entry-level positions, 53% believe the technology is simultaneously spawning entirely new types of junior roles.
“AI is not replacing cybersecurity professionals; it is changing what the profession requires of them,” said ISC2 CEO Scott Beale, CC.
According to Beale, workflows are moving away from routine tasks toward “higher-value work, from asking the right questions to validating findings, interpreting outputs, and applying human judgment.”
Core skills aren’t going anywhere either; 62% of professionals maintain that foundational cybersecurity knowledge remains absolutely critical, rejecting the idea that AI diminishes the need for technical training.
Organizations prioritize governance over additional headcount
As automated systems discover vulnerabilities at a blinding pace, security experts warn that traditional manual defenses are obsolete.
One survey respondent noted that AI has turned flaw discovery into a “high-throughput pipeline,” meaning defenses must adapt “not with more headcount, but with smarter workflows.”
To survive this shift, 80% of professionals state that organizations must establish explicit governance policies. Security teams are calling for concrete validation frameworks and strict boundaries to ensure that automated speed doesn’t compromise human judgment.





