Are cybersecurity stocks being "wrongly punished" by AI? Morgan Stanley sees a $220 billion opportunity

The narrative of AI impacting the cybersecurity sector is now being re-examined.

In the past few weeks, Anthropic launched Claude Code Security and announced that the Mythos AI model achieved a perfect score on its proprietary cybersecurity benchmark test, causing market panic over AI's potential disruption of the cybersecurity industry. Related stocks saw cumulative declines of around 25%.

However, Morgan Stanley stated in its latest report that this sell-off reflects a structural misjudgment of the threat posed by AI, rather than a real deterioration of fundamentals. Investors have underestimated the expansion of defensive demand driven by AI, while overestimating its disruptive impact on existing vendors. The incremental security opportunities brought by AI could reach $220 billion, multiple times more than the ~10% market share facing disruption risks, and the net size of the cybersecurity software market is expected to be about 10% higher than today.

This round of sell-off was triggered by a series of announcements from AI-native companies. According to MarketWatch, Anthropic released Claude Code Security and the Mythos AI model achieved full marks in its proprietary cybersecurity benchmark, prompting concerns among investors that AI would severely erode the value of traditional cybersecurity solutions, triggering large-scale position reductions.

Morgan Stanley noted that some AI-native companies have begun establishing pre-release model cooperation with selected cybersecurity vendors, with Palo Alto Networks and CrowdStrike involved, aiming to build security "guardrails" together before models are officially rolled out. This move itself demonstrates that AI vendors view cybersecurity as a prerequisite for model scaling, rather than as a substitute.

Regarding disputes within the sector, Morgan Stanley indicated that long-term investors are generally optimistic, believing that AI reduces attack costs and increases attack frequency and complexity, which will continuously strengthen security budgets from the demand side. Hedge funds, however, are more pessimistic, questioning the long-term ability of traditional vendors to withstand competition from AI-native challengers.

Morgan Stanley believes that the current debate closely mirrors the historic narrative during the early days of cloud migration, such as "cloud vendors will replace the security industry." Ultimately, these worries were proven to be overblown.

Morgan Stanley estimates that the current cybersecurity market size is about $300 billion (including services), representing 6% to 7% of total IT budgets.

Disruption risk is mainly concentrated at the "preventive security" layer—tasks such as vulnerability management, application security testing, and cloud configuration management, which can be performed asynchronously and tolerate higher latency, making them relatively easy for AI models to enter. This segment covers about 10% of the overall market.

Meanwhile, incremental security demand driven by AI is rapidly taking shape. As enterprises deploy AI models, agents, and data pipelines at scale, protecting these new assets will generate considerable additional budgets. Morgan Stanley estimates that this new demand is enough to offset market loss, with the net size of the cybersecurity software market expanding about 10% compared to today.

Data from the attack side further reinforces the logic of demand: Currently, 80% to 90% of attacks are AI-generated, with attack costs approaching zero. This has not weakened the rationale for security spending; instead, it fundamentally strengthens the need for real-time detection, response, and identity security capabilities.

Morgan Stanley divides the cybersecurity market into three tiers: preventive security, control point/boundary security, and runtime security. It emphasizes that the disruptive power of AI is highly unevenly distributed among these layers.

Runtime security is difficult to disrupt because, once AI models enter production environments, threats such as prompt injection, data leaks, and model abuse must be detected and handled in real time—they cannot be preemptively eliminated during development and training. Both control point and runtime security require low latency and deterministic response, which fundamentally conflicts with today’s probabilistic AI models. CrowdStrike, Palo Alto Networks, Okta, and SailPoint are leveraging this to extend their expertise in endpoint, network, and identity security to the AI layer, building dynamic execution "guardrails" around real-time AI systems.

The logic of cost is also significant. Morgan Stanley points out that using large language models to process high-frequency security tasks like email filtering or identity verification may incur computation costs several orders of magnitude higher than existing solutions.

Currently, email security and identity platforms are typically priced at single-digit dollars per user per month, handling hundreds of thousands or more events, resulting in a marginal cost of less than one cent per event. Running AI models based on tokens at equivalent scale would introduce significantly higher computing expenditures. Morgan Stanley believes that in the near term, AI is more likely to play an "enhancement" role in cost-sensitive, low-latency scenarios, rather than fully replacing existing architectures.

The rise of AI is elevating the strategic importance of identity security. With rapid growth in APIs, machine identities, and autonomous agents—so-called "Non-Human Identity" (NHI)—traditional user-centric identity management frameworks struggle to address new risks.

Morgan Stanley notes that AI-driven systems often operate with elevated privileges and can access sensitive data across distributed environments, dramatically expanding the attack surface for credential abuse, privilege escalation, and unintended access paths.

Identity security is evolving from simple "authentication" to real-time execution controls encompassing continuous verification, fine-grained access control, and full lifecycle management. As AI agents autonomously execute database queries, trigger workflows, and interact with external systems, identity becomes the primary mechanism for enforcing trust boundaries and policy controls.

TD Cowen analyst Shaul Eyal also points out that every AI platform requires credentials for each agent, and Okta plus SailPoint remain the only pure-play publicly listed identity security providers, thus possessing scarce value.

Morgan Stanley believes that top cybersecurity companies in the AI era should possess three core attributes: a clear roadmap for agent security and rapid AI product release capability; a flexible consumption-based pricing framework (such as CrowdStrike’s Falcon Flex), lowering friction for clients deploying new capabilities; and an overall value proposition grounded in runtime execution, proprietary data advantages, and cost efficiency.

From a budget perspective, Morgan Stanley expects funds to shift from fragmented, point solutions towards integrated platforms. In the long run, continuous expansion of attack surfaces will make cybersecurity the most defensive priority in IT spending for enterprises—CIO surveys from Morgan Stanley indicate that cybersecurity software is the least likely IT project category to be cut.