
Building The Future Of Smarter Security Operations
Security teams are overwhelmed, but a smarter, unified approach—powered by AI and streamlined ... More workflows—could finally bring order to the chaos inside the SOC.
Security Operations Centers are meant to be the command hubs of cybersecurity. But many are bogged down by tool sprawl, false alerts and burned-out teams. Splunk's State of Security 2025 report shows that security teams are spending more time maintaining tools than stopping threats—and it's costing them.
I sat down with Michael Fanning, CISO at Splunk, to talk about what insights the reports revealed for him. He summed it up clearly: 'The future SOC is extremely streamlined. Analysts will be freed from mundane, repetitive tasks, so they can apply their expertise where it truly matters: defending the organization.'
SOCs today face a flood of alerts. About 59% of respondents say they get too many, and 55% are dealing with too many false positives. That slows down response times and wears down teams. Nearly half of security professionals say they spend more time managing tools than actually protecting systems.
Fanning noted that this isn't just inefficient—it's demoralizing. Spending an hour on a low-value alert that turns out to be nothing is frustrating, and it adds up fast. Downtime during an incident can cost over $500,000 per hour.
AI is already making a difference in the SOC. About 59% of security leaders say it has improved their team's efficiency. Fanning was surprised by how many teams have already started using it. 'Greater than 50% of the respondents had mentioned that their security operations are already adopting AI in some form or fashion.'
But AI is not a fix-all. It still needs oversight. Only 11% of respondents fully trust AI for mission-critical decisions. Most prefer a 'human-in-the-loop' approach. That means AI helps with repetitive tasks, but people still make the final call.
Fanning put it this way: 'I don't see it as a complete replacement, but more of an aid to help an engineer or an analyst do their job faster than they were before.'
Detection engineering is a top skill for modern security teams—but also one of the hardest to find. About 41% of teams say they lack it. Detection as Code is catching on because it lets teams create, test and improve detections like software. But only a third of organizations are using it regularly.
Fanning stressed that quality detection is key. With good data and smart rules, analysts waste less time and respond faster. Better alerts mean better decisions.
Overwork is a serious problem. More than half of SOCs report staff burnout. Many professionals have even thought about leaving the field.
Some automation can help—but it also raises new questions. If AI handles the basics, how will new analysts learn the fundamentals? Fanning pointed out that his early help desk experience gave him the skills to succeed in cybersecurity. If junior staff skip that step, they may lack the deeper knowledge needed to solve complex problems.
Splunk's own SOC has automated many tier-one tasks. But instead of cutting jobs, they use the freed-up time for higher-priority work. It's about shifting focus, not shrinking teams.
One major problem is tool sprawl. Seventy-eight percent of respondents say their tools don't work well together. That makes fast response harder. When teams adopt a unified platform, they report better results—faster response times, less tool upkeep and stronger coverage.
Security is no longer just a job for the SOC. It takes support from across the company—from HR and IT to legal and engineering. But only a small number of teams always share data across these departments. Fanning says that building those connections is crucial for quicker, more accurate responses.
The future of the SOC is about using people, processes and platforms in a smarter way. That means making thoughtful use of AI, improving detection methods, closing skill gaps and unifying security workflows.
The threats are faster, and the stakes are higher. But the Splunk report suggests that with the right strategy, SOCs can keep up—and even get ahead.

Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles


CNET
19 minutes ago
- CNET
Is ChatGPT Down for You, Too? Widespread Outage Continues to Grow
Have you noticed that ChatGPT is a little less chatty this morning? OpenAI is experiencing a widespread outage Tuesday morning that's affecting its ChatGPT AI chatbot service, as well as its Sora tool for AI-generated videos. The number of reported outages has continued to increase throughout the morning. An OpenAI representative responded via email, directing us to its post on X and its status page. Both stated that OpenAI is experiencing "elevated errors and latency" and that it has identified the root cause and is working to mitigate the underlying issue. The technical issues are also affecting OpenAI's APIs, which allow developers to tap into the company's AI models. The troubles been ongoing for seven hours, OpenAI noted, meaning they likely started around midnight PT. The Downdetector service also shows outage reports starting around that time and then spiking several hours later. (Downdetector is owned by Ziff Davis, which is also the parent company of CNET.) Launched in 2022, ChatGPT has become the most popular AI application ever released, with 400 million weekly users. A barrage of generative AI competitors have followed, including Meta AI, Google's Gemini and Microsoft's Copilot, but ChatGPT remains the leader largely because it's easy to use. At its Worldwide Developers Conference 2025, Apple even touted an expansion of its ChatGPT integration. The AI chatbot uses learning algorithms and large language models to process massive amounts of data from books and the internet, which it uses to deliver human-like responses to prompts from users. (Ziff Davis in April filed a lawsuit against OpenAI, alleging it infringed Ziff Davis copyrights in training and operating its AI systems.) This is a developing story. What can you do while OpenAI is down? Although OpenAI's ChatGPT may be among the most popular options, there are plenty of alternatives while it's down -- and many of them are free to use. Chat Claude is our current favorite chatbot we've tested, and Claude even knew all the details about ChatGPT's outage, according to my colleague Jon Reed, CNET senior editor who covers AI. Images If you rely on ChatGPT's Dall-E 3 as your image generator, we'd recommend trying for really creative work and Canva for free, beginner-friendly work. Video If you're looking for an alternative to Sora tool for AI-generated videos, we just checked out Microsoft's Bing Video Creator, which is super easy to use and live on mobile now.


Bloomberg
20 minutes ago
- Bloomberg
Uncertainty May Lead to 'Pothole' for Stocks: Seema Shah
"This is a tough environment for investors," Seema Shah, Principal Asset Management chief global strategist, says. Speaking on "Bloomberg Open Interest," Shah also says the Federal Reserve won't cut rates until at least the fourth quarter. (Source: Bloomberg)


Forbes
21 minutes ago
- Forbes
ChatGPT Down: Eight Hours And Counting
It's been a dark day for ChatGPT ChatGPT is suffering from a prolonged outage, which has seen the service disrupted for more than eight hours. The OpenAI service status page reported that 'some users are experiencing elevated error rates and latency across the listed services.' from around 4am ET. As of 11:15 ET, the service is still struggling, with OpenAI reporting that it's 'still working on implementing the mitigation for this issue." The 'partial outage' is disrupting ChatGPT, the Sora video generation service and the company's APIs. Although the ChatGPT site appears to be functional, responses to queries have been slow or showing error messages for several hours. The 'too many requests'" error appeared when I entered a prompt shortly before this article was published, with the service appearing to slow down further with more of the U.S. entering working hours. This is a breaking news story. More to follow.