87 percent of organizations are turning to AI-powered SOC tools
A new survey from Gurucul in collaboration with Cybersecurity Insiders finds that 87 percent of respondents are deploying, piloting or evaluating AI-powered SOC tools, but only 31 percent are using them across core detection and response workflows.
The study, based on responses from over 700 cybersecurity leaders around the world, finds human and identity risks are still a major concern. 78 percent of security leaders identify social engineering and phishing as their top threat, followed closely by identity-based attacks (73 percent). However, 67 percent say they still lack visibility into access behavior and lateral movement.
Saryu Nayyar, CEO of Gurucul, says, "The findings confirm what we see every day with our customers: SOCs are overwhelmed by the scale, speed and sophistication of modern threats, and AI has moved from hype to a proven catalyst for growth. But adoption must be strategic. AI in the SOC delivers real, measurable results when it's integrated deeply into detection, investigation, and response workflows, not just bolted onto existing tools."
Alert volume continues to rise too, with 88 percent of respondents saying it has increased in the past year, with nearly half reporting spikes over 25 percent. Alert fatigue is now a top challenge for 76 percent of SOCs. In light of this it’s not surprising that 73 percent report analyst burnout and staffing shortages, with 64 percent still relying heavily on manual detection, triage and investigation processes.
There are positives from the use of AI though, 60 percent of adopters have cut investigation times by at least 25 percent, with measurable gains in faster triage and reduced analyst fatigue. CISOs are starting to align their priorities with AI capabilities too, 72 percent are prioritizing faster investigations, 65 percent aim to reduce alert noise and 61 percent are investing in automation.
Holger Schulze, founder and CEO at Cybersecurity Insiders, says, "AI-powered SOCs are no longer just theory; they're cutting investigation times, reducing false positives, and lowering analyst burnout. Leaders are unifying identity and behavioral analytics as a force multiplier, turning fragmented data into decisions in seconds and getting ahead of threats instead of chasing them."
You can get the full report from the Cybersecurity Insiders site.
Image credit: BiancoBlue/depositphotos.com