--- title: "Cybersecurity Stocks 'Mispriced' by AI? Morgan Stanley Sees $220 Billion Opportunity" type: "News" locale: "en" url: "https://longbridge.com/en/news/283478683.md" description: "The cybersecurity sector has plummeted 25% cumulatively due to the AI disruption narrative, but Morgan Stanley points out this is a structural misjudgment: The incremental security demand generated by AI amounts to $220 billion, several times the market share involved in disruption risks, while the net market size of cybersecurity software is expected to expand by approximately 10%. After the panic subsides, it may be an ideal time to position" datetime: "2026-04-21T10:19:46.000Z" locales: - [zh-CN](https://longbridge.com/zh-CN/news/283478683.md) - [en](https://longbridge.com/en/news/283478683.md) - [zh-HK](https://longbridge.com/zh-HK/news/283478683.md) --- # Cybersecurity Stocks 'Mispriced' by AI? Morgan Stanley Sees $220 Billion Opportunity The narrative that AI will disrupt the cybersecurity sector is being re-evaluated. Over the past few weeks, Anthropic's release of Claude Code Security and the announcement that the Mythos AI model achieved a perfect score on its own cybersecurity benchmark tests triggered market panic over AI disrupting the cybersecurity industry. Related individual stocks have collectively fallen by approximately 25%. However, in its latest report, Morgan Stanley stated that this sell-off reflects a structural misjudgment by the market regarding AI threats, rather than a genuine deterioration in fundamentals. Investors have underestimated the expansion of defensive demand driven by AI while overestimating its disruptive threat to existing vendors—the incremental security opportunities created by AI amount to $220 billion, several times the current market share at risk of disruption (approximately 10%), and the net market size of cybersecurity software is expected to expand by about 10% compared to today. ## Sector Drops Approximately 25%: Concerns Overstated This round of selling was triggered by a series of announcements from AI-native enterprises. According to MarketWatch, Anthropic's release of Claude Code Security and the Mythos AI model achieving a perfect score on its own cybersecurity benchmark tests led investors to worry that AI would significantly diminish the value of traditional cybersecurity solutions, triggering large-scale position reductions. Morgan Stanley noted that **some AI-native enterprises have already begun establishing pre-release model partnerships with selected cybersecurity vendors; Palo Alto Networks and CrowdStrike are both participating, aiming to jointly establish security "guardrails" before the models are officially deployed. This move itself indicates that AI vendors view cybersecurity as a prerequisite for model scaling, not as a replacement.** Regarding internal divergence within the sector, Morgan Stanley pointed out that long-term investors remain generally bullish, believing that AI lowers attack costs and increases attack frequency and complexity, thereby continuously strengthening security budgets from the demand side. Hedge funds, however, are more pessimistic, harboring greater skepticism about the ability of traditional vendors to withstand AI-native competitors in the long run. **Morgan Stanley believes the current debate closely resembles historical narratives from the early days of cloud migration, such as "cloud vendors will replace the security industry," where facts ultimately proved the concerns were overly amplified.** ## $220 Billion Incremental Demand Far Exceeds Disruption Losses Morgan Stanley estimates that the current cybersecurity market size is approximately $300 billion (including services), accounting for 6% to 7% of total IT budgets. Disruption risks are concentrated in the "preventive security" layer—tasks such as vulnerability management, application security testing, and cloud configuration management can be executed asynchronously with high tolerance for latency, making them areas where AI models can relatively easily intervene. This segment accounts for approximately 10% of the overall market. **Meanwhile, incremental security demand driven by AI is rapidly taking shape: As enterprises deploy AI models, agents, and data pipelines on a large scale, protecting these new assets will generate substantial incremental budgets. Morgan Stanley estimates that this new demand will be sufficient to offset market losses and expand the net market size of cybersecurity software by approximately 10% compared to today.** Data from the attack side further reinforces the logic on the demand side: **Currently, 80% to 90% of attacks are generated by AI, with attack costs approaching zero. This does not weaken the rationale for security spending; instead, it fundamentally strengthens the need for real-time detection, response, and identity security capabilities.** ## The Battlefield with the Strongest Defensive Barriers Morgan Stanley divides the cybersecurity market into three layers: preventive security, control point/boundary security, and runtime security, emphasizing that the distribution of AI's disruptive power is highly uneven across these three layers. Runtime security is difficult to disrupt because once AI models enter production environments, threats such as prompt injection, data leakage, and model misuse must be captured and handled in real-time; they cannot be eliminated in advance during development and training stages. Both control point and runtime security require low-latency, deterministic responses, which fundamentally conflict with current probabilistic AI models. CrowdStrike, Palo Alto Networks, Okta, and SailPoint are leveraging this pivot to extend their respective capabilities in endpoint, network, and identity security into the AI layer, building dynamic execution "guardrails" around real-time AI systems. Cost logic is equally significant. Morgan Stanley points out that using large language models to handle high-frequency security tasks such as email filtering or authentication could incur computing costs several orders of magnitude higher than existing solutions. Currently, email security and identity platforms typically charge a low-to-mid single-digit dollar amount per user per month, processing hundreds of thousands or even more events, meaning the marginal cost per event is less than one cent. Running equivalent-scale operations based on token-based AI models would introduce significantly higher compute expenses. Morgan Stanley believes that **in the near term, AI is more likely to play an "enhancement" role rather than fully replacing existing architectures in cost-sensitive, low-latency scenarios.** ## Non-Human Identities Become the Next Core Battlefield The proliferation of AI is driving up the strategic importance of identity security. As the number of "non-human identities" (NHI)—such as APIs, machine identities, and autonomous agents—grows rapidly, traditional identity management frameworks centered on human users are becoming inadequate for covering new risks. Morgan Stanley notes that AI-driven systems often operate with elevated privileges, accessing sensitive data across distributed environments, thereby significantly expanding attack surfaces such as credential abuse, privilege escalation, and unauthorized access paths. **Identity security is evolving from simple "authentication" to a real-time execution control layer encompassing continuous verification, granular access control, and full lifecycle management. When AI agents begin autonomously executing database queries, triggering workflows, and interacting with external systems, identity becomes the primary mechanism for enforcing trust boundaries and policy controls.** TD Cowen analyst Shaul Eyal also pointed out that every agent on every AI platform requires identity credentials, and Okta and SailPoint are currently the only publicly traded pure-play identity security companies, holding scarce value. ## Platform Integration and Flexible Pricing Are Key Thresholds Morgan Stanley believes that quality cybersecurity companies in the AI era should possess three core attributes: a clear agent security roadmap and rapid AI product launch capabilities; flexible consumption-based pricing frameworks (such as CrowdStrike's Falcon Flex) to reduce friction for customers deploying new capabilities; and an overall value proposition grounded in runtime execution, proprietary data advantages, and cost efficiency. **From the perspective of budget trends, Morgan Stanley expects funds to migrate from fragmented point solutions to integrated platforms. In the long run, the continuous expansion of attack surfaces will drive cybersecurity to become the most defensive priority area in corporate IT spending—a CIO survey by the bank shows that cybersecurity software is the IT project category least likely to be cut.** ### Related Stocks - [IHAK.US](https://longbridge.com/en/quote/IHAK.US.md) - [CIBR.US](https://longbridge.com/en/quote/CIBR.US.md) - [HACK.US](https://longbridge.com/en/quote/HACK.US.md) - [BUG.US](https://longbridge.com/en/quote/BUG.US.md) - [MS.US](https://longbridge.com/en/quote/MS.US.md) - [PANW.US](https://longbridge.com/en/quote/PANW.US.md) - [CRWD.US](https://longbridge.com/en/quote/CRWD.US.md) - [OKTA.US](https://longbridge.com/en/quote/OKTA.US.md) - [SAIL.US](https://longbridge.com/en/quote/SAIL.US.md) - [MS-O.US](https://longbridge.com/en/quote/MS-O.US.md) - [MS-Q.US](https://longbridge.com/en/quote/MS-Q.US.md) - [MS-E.US](https://longbridge.com/en/quote/MS-E.US.md) - [MS-I.US](https://longbridge.com/en/quote/MS-I.US.md) - [MS-L.US](https://longbridge.com/en/quote/MS-L.US.md) - [MS-P.US](https://longbridge.com/en/quote/MS-P.US.md) - [MS-A.US](https://longbridge.com/en/quote/MS-A.US.md) - [MS-F.US](https://longbridge.com/en/quote/MS-F.US.md) - [MS-K.US](https://longbridge.com/en/quote/MS-K.US.md) ## Related News & Research - [Commentary: Anthropic’s ‘too dangerous to release’ Mythos AI model is a wake-up call for everyone](https://longbridge.com/en/news/282904556.md) - [Finance ministers and top bankers raise serious concerns about Mythos AI model](https://longbridge.com/en/news/283076791.md) - [What Allbirds needs to do to make its Hail Mary AI pivot succeed](https://longbridge.com/en/news/283043758.md) - [What AI bubble? Why JPMorgan says AI stocks have momentum back.](https://longbridge.com/en/news/283517214.md) - [ANTHROPIC PLANS TO PROVIDE ACCESS TO MYTHOS AI MODEL TO EUROPEAN BANKS SOON-SOURCES](https://longbridge.com/en/news/283519057.md)