According to Nicole Eagan, CEO of software company Darktrace, only two out of every ten cybersecurity experts typically embrace artificial intelligence (AI) as a key component of threat detection. The others, she explains, tend to be "totally resistant" or agree to "give [AI] a try" but don\u2019t put in the effort required to make the most of the tech post-purchase.Granted, information security professionals are known to be risk-averse, which has the flip side of sometimes making them resistant to try out new tech \u2014 and for good reason: Protecting the company against risk is the number one job. Yet, theoretically, AI has the potential to more quickly identify a larger number of problems. So why doesn\u2019t every security team use it?Mike Small, senior analyst for research firm KuppingerCole, believes many actually do \u2014 they just might not think of it as AI. Darktrace and competitors like Senseon and SecBI perform threat detection on a higher level than traditional antivirus software. But, Small says, \u201cWhat they are doing is not, in a sense, completely unique.\u201d At its core, he explains, threat detection AI is a heightened form of behavioral analytics that looks for patterns to identify possible threats and vulnerabilities. All the big cybersecurity platforms like Symantec and McAfee have this general type of technology already rolled in.\u201c[Teams] are buying things for the outcome, rather than the technology,\u201d Small explains, and the outcome many get from behavioral matching embedded in larger tools works just fine: Last year, Forbes reported that McAfee makes more than $2.5 billion a year. In comparison, Darktrace sold upwards of $400 million.While it isn\u2019t realistic to expect a specialized industry tool to sell as much as a household-name platform, the numbers show that when it comes to threat detection, standalone AI hasn\u2019t taken over the market yet. So, what are the real roadblocks? It depends on who you ask. Vendor Eagan, expert Small, and a buyer, Eric Gauthier, all give completely different answers.Vendor view: Resistance to change slows threat detection AI adoptionOn a December 5 panel at New York conference AI Summit, Eagan pointed to that resistance to change: \u201cThe industry of cybersecurity has been around for, let's say, roughly 30 years\u201d and, as a result, has its share of \u201cvery savvy practitioners\u201d used to working with \u201ccertain tools and certain methodologies and processes,\u201d she explained.However, Eagan says, \u201cWe found it had less to do with age\u201d compared to \u201copen mindedness and curiosity for those who engage.\u201d In other words, those who want to push boundaries and try out new tech will.Analyst view: Threat detection AI hard to explainSmall says it\u2019s not that easy, claiming the standalone threat detection AI in today\u2019s market simply doesn\u2019t solve today\u2019s information security problems. Take security theater, for example. Small says, \u201c[AI is] like a black box\u201d and when it comes to whether or not flagged issues are genuine \u2014 as opposed to false alarms, \u201call you get out of it is it either gives you the right answer or it gives you the wrong answer. And if it gives you the wrong answer, then you don't know why.\u201dWithout this why, he continues, cybersecurity professionals are helpless in explaining their decisions to the press should a breach occur. And in an age of increasing data security litigation, this limitation also makes it harder for security to defend its decisions in a courtroom. \u201cThat,\u201d according to Small, \u201cis the limiting factor.\u201dBuyer view: Can\u2019t react to extra data from threat detection AIGauthier, director of technology and information security officer for HR company Scout, is less worried about publicity and suits. He hasn\u2019t bought the tech because Scout doesn\u2019t have enough manpower to make the most of it. \u201cWe're a smaller company,\u201d he explains, \u201cIn the case of some of these quote unquote AI-driven threat protection platforms \u2014 or just a lot of the threat intelligence feeds which seem to be popular now \u2014 they're giving you more information, but it's sort of a second tier of information.\u201d Meanwhile, Gauthier continues, \u201cWe barely have the staff to handle those primary threats, which are very actionable and very real.\u201dWhat this comes down to, Gauthier says, is cost-benefit, acknowledging that while threat detection AI does offer more than catch-all platforms, \u201cIf I'm going to pay for this extra data, if I can't take action for it from it, I'm really not getting value from it.\u201d Monitoring the AI\u2019s output would take a larger workforce than Scout has, making purchasing less about the tech and more about the ability to act on it. \u201cYou need to be at a certain scale to afford it,\u201d he says.This, Eagan agrees, is a problem Darktrace saw coming before the tool was even built \u2014 and one her company worked to prevent: \u201cWhen we founded Darktrace,\u201d she explained, \u201cwe said, \u2018We're going to limit our market if we can only sell to people who are going to hire data scientists and figure this stuff out.\u201d As a result, they told developers, \u201cWe need to make it self-learning, self-maintaining, so our customers don't have to hire any more people. In fact, they want to hire less security people with this \u2014 not more.\u201dThreat detection AI must provide insight, not just informationFor that to happen \u2014 with Darktrace or any other vendor \u2014 Small and Gauthier both say the technology must provide insight. Right now, Gauthier says AI would \u201cgive me information but then I\u2019ve got to go figure out what it means.\u201d As long as threat detection limits itself to its current behavioral approach, Small says, it never will.Instead, Small recommends, AI vendors should ask how to get the tech to the next level: explaining why a threat is likely genuine \u2014 a problem he contends only IBM QRadar Advisor is working on right now. \u201cThat is a much more complicated thing,\u201d he says \u2014\u201cbeing able to analyze after the event what all the indicators were, what had happened, whether or not there is still something going on, and has it happened to somebody else and where is the problem.\u201d AI this insightful would definitely be harder to build, he admits \u2014 but much easier to sell.