Assessing the Effectiveness of Cybersecurity Program Management Frameworks and Adversarial AI Defense Mechanisms in Medium and Large Organizations

Abstract

Cybersecurity and Artificial Intelligence (AI) have become central to organizational resilience in medium and large enterprises. This study experimentally evaluates the effectiveness of cybersecurity program management frameworks—ISO/IEC 27001 and NIST CSF—and assesses AI system vulnerability to adversarial attacks, including evasion, poisoning, and privacy attacks. Simulated organizational environments were employed to implement frameworks and deploy AI models for threat detection, with adversarial attacks executed to quantify vulnerabilities. Defense mechanisms, such as adversarial training and ensemble modeling, were integrated within frameworks to evaluate combined effectiveness. Results indicate that flexible frameworks like NIST CSF provide superior incident response and control effectiveness, while hybrid defense strategies significantly enhance AI robustness. The study offers actionable guidance for integrating cybersecurity governance with AI defense mechanisms, supporting organizational resilience against emerging 2026 cyber threats.