Almost all companies are moving towards establishing a Security Operations Center (SOC) with a strong focus on incorporating artificial intelligence (AI) as a critical element. Despite these high expectations, organizations are facing considerable challenges in effectively deploying and operationalizing AI. Key obstacles include a lack of high-quality training data, a shortage of personnel skilled in AI, substantial integration costs, and the emergence of AI-related threats.
To better understand how companies are building and maintaining processes within SOCs, Kaspersky conducted a comprehensive global study, which included responses from India. The findings indicate that an overwhelming 100% of Indian respondents plan to integrate AI into their security operations. Among these, 76% are likely to do so, while 24% state they will definitely incorporate AI. This overwhelming interest highlights the perception of AI as a vital driver for enhancing threat detection, expediting investigation processes, and improving overall SOC efficiency. These figures align closely with global sentiments regarding AI adoption in cybersecurity.
In terms of practical applications, organizations in India primarily expect AI to bolster threat detection capabilities by automating data analysis to identify anomalies and suspicious activities (53%). Other anticipated benefits include model training and adaptation to improve detection accuracy through machine learning (45%) and incident correlation to combine disparate events for identifying complex attacks (42%). These expectations resonate with the primary motivations for adopting AI within SOCs: automating routine tasks (49%), enhancing overall threat detection effectiveness (44%), and increasing accuracy while minimizing false positives (37%). Globally, larger enterprises consistently report broader and more ambitious plans for applying AI across multiple SOC functions.
“Across APAC, organizations are taking a pragmatic approach to AI in the SOC, prioritizing use cases that deliver immediate operational impact,” stated Adrian Hia, Managing Director for Asia Pacific at Kaspersky. “The strongest expectations center on enhancing threat detection through automated anomaly analysis and accelerating response through predefined automation. These priorities reflect the region’s focus on improving detection effectiveness, reducing alert fatigue, and freeing up security teams from routine tasks.”
Jaydeep Singh, General Manager for India at Kaspersky, emphasized that “AI is no longer a competitive edge in cybersecurity; it is the baseline. In India, where digital acceleration is outpacing traditional security frameworks, the pressure on SOCs to evolve has never been greater. At Kaspersky, we’ve ensured our portfolio is built for exactly this moment, from AI-driven threat detection and automated response to intelligent SIEM and XDR capabilities. Our solutions are designed to be AI-ready from the ground up, giving Indian enterprises the confidence to embrace this shift without compromise.”
However, a significant execution gap is evident in AI implementation, characterized by widespread challenges that hinder operational success. Notably, the lack of high-quality training data is cited by 47% of organizations in India as a fundamental obstacle affecting the accuracy and relevance of AI models. This challenge is exacerbated by several other critical concerns: a shortage of qualified AI experts within internal teams (37%), high costs associated with developing and maintaining AI-driven solutions (30%), a lack of suitable solutions available in the market (29%), and the emergence of new threats and vulnerabilities related to AI usage (26%). These factors collectively create barriers that prevent companies from effectively translating their AI strategies into operational success, underscoring the need for a structured and well-supported approach.
To build and operate a successful and reliable SOC, Kaspersky recommends engaging with Kaspersky SOC Consulting during the initial setup or while enhancing existing security operations. Their comprehensive consulting services help companies establish a robust SOC and streamline its processes. Furthermore, organizations can enhance their security performance with Kaspersky SIEM, which leverages advanced AI capabilities to aggregate and analyze log data across the IT infrastructure, providing contextual insights and actionable threat intelligence. Recently, this solution was upgraded with AI capabilities to detect signs of dynamic link library (DLL) hijacking.
Additionally, Kaspersky’s Next product line offers protection against a wide range of threats, providing real-time protection, threat visibility, and AI-driven investigation and response capabilities suitable for organizations of any size. To equip cybersecurity teams with comprehensive insights into threats targeting their organizations, Kaspersky Threat Intelligence delivers rich, contextual insights throughout the incident management cycle, recently enhanced by AI-powered open-source intelligence search, improving the ability to identify and respond to emerging threats with greater precision.
As organizations navigate these challenges and opportunities, the role of AI in cybersecurity continues to evolve, reflecting broader trends in digital transformation. The drive to incorporate AI in SOC operations signifies not only an adaptation to current threats but also a commitment to staying ahead in an increasingly complex cybersecurity landscape.
See also
Anthropic’s Claims of AI-Driven Cyberattacks Raise Industry Skepticism
Anthropic Reports AI-Driven Cyberattack Linked to Chinese Espionage
Quantum Computing Threatens Current Cryptography, Experts Seek Solutions
Anthropic’s Claude AI exploited in significant cyber-espionage operation
AI Poisoning Attacks Surge 40%: Businesses Face Growing Cybersecurity Risks
