BUSINESS

Srinivasa Reddy Kandi: Enhance Security Operations Centers Against Sophisticated Cyber Threats

January, 16, 2025-04:49

Enhance Security Operations Centers Against Sophisticated Cyber Threats

Security operations centers (SOCs) are facing an onslaught of automated adversarial attacks that are more sophisticated than ever. These attacks occur at remarkable speeds, making them challenging to detect, interpret, and counteract. With adversaries achieving breakout times as short as two minutes and seven seconds, the inevitability of an SOC being targeted is no longer a matter of if, but when. Alarmingly, 77% of organizations have already experienced adversarial AI attacks. Agentic AI offers SOCs the capability to automate decision-making processes, adapt to changing threats, and enhance workflows, including alert triage and incident response. This technology has demonstrated its effectiveness in boosting efficiency and fortifying security by pinpointing risks while minimizing the manual effort required for monitoring.

Prominent cybersecurity firms providing agentic AI solutions for SOCs include Arcanna.ai, Cato Networks, Cisco Security Cloud, CrowdStrike (with its Falcon platform featuring Charlotte AI), Dropzone AI, Google Cloud Security AI Workbench, Microsoft Security Copilot, Palo Alto Networks, and Zscaler. “The rapid pace of modern cyberattacks necessitates that security teams quickly analyze vast amounts of data to detect, investigate, and respond without delay. Adversaries are breaking records with breakout times exceedingly just two minutes, allowing no time for hesitation,” stated George Kurtz, president, CEO, and cofounder of CrowdStrike, in a recent interview with VentureBeat.

For any implementation of agentic AI or broader AI solutions within SOCs to succeed, incorporating human-in-the-middle workflows is crucial. Gartner’s latest report, “Predict 2025: There Will Never Be an Autonomous SOC,” supports VentureBeat’s insights regarding the ongoing piloting and adoption of agentic AI and other AI applications in SOCs. “Security leaders and senior operational personnel must determine where human-led SOC functions remain essential and how to transition SOC analysts into roles that necessitate more human-in-the-loop decision-making,” recommends Gartner.

The report forecasts that by 2026, artificial intelligence will enhance the efficiency of Security Operations Centers (SOCs) by 40% relative to 2024 levels, initiating a transition in SOC expertise towards the development, maintenance, and safeguarding of AI technologies. To successfully incorporate agentic AI, SOCs must establish a well-defined framework that harmonizes technological advancements with human skills. The expanded SOC model from Gartner presented below demonstrates how roles, capabilities, and objectives can be aligned to improve efficiency and adaptability.

Author: Kandi Srinivasa Reddy, Srinivasa Reddy Kandi, #KandiSrinivasaReddy, #SrinivasaReddyKandi