New research from Enterprise Strategy Group, now part of Omdia, shows a turning point in the security operations (SecOps) landscape: for the first time in five years, more organizations report that managing SecOps is becoming easier rather than more difficult. Detailed in ‘The Future of SecOps in an AI-Driven World’ report, this improvement has been driven by three industry mega-trends: security tool consolidation, the integration of generative AI (GenAI) within SecOps, and the growing maturity of security information and event management (SIEM) and extended detection and response (XDR) solutions.
SecOps is a mainstay of modern cybersecurity programs. Once limited to reactive, alert-driven activities, SecOps has expanded into a broader risk mitigation function. Today, it encompasses both proactive and reactive strategies including security posture management, optimization and tuning of core security controls, threat detection and response, and recovery from cyberattacks.
Cyber Technology Insights : TIER IV Selects PlaxidityX to Provide Cyber Security Expertise
Consolidation and platformization are driving tangible benefits across multiple areas—55% of respondents reported positive results from the consolidation of SecOps tools. With budgets constrained in an unpredictable economy, cost optimization and tools management overhead were among the top advantages cited in the report. While a more centralized security data strategy is a priority alongside consolidation efforts, progress remains gradual.
“As organizations report significant positive impacts from SecOps tools consolidation, it’s important to recognize that tools consolidation must be a continuous process,” said Dave Gruber, Principal Analyst at Enterprise Strategy Group, now part of Omdia. “The need for the addition of discrete, specialized security tools will continue as IT innovations expand the attack surface. Organizations should annually reassess opportunities to consolidate specialized tools into platform offerings. This ‘continuous consolidation process’ should drive cost savings, simplify operations and management, and fuel improvements in security outcomes.”
Cyber Technology Insights : UTC Partners with ISASecure to Advance ISA/IEC 62443 Cybersecurity Standards Adoption
GenAI within SecOps is poised for significant contribution across a broad array of security use cases—74% of the study’s respondents said they use GenAI-enabled solutions daily to automate security tasks. This rapid adoption puts GenAI within reach of surpassing security orchestration, automation, and response (SOAR) solutions for SecOps automation. GenAI is further helping to reduce long-standing challenges within SecOps, including detection rule engineering, correlation of siloed data sources, and operationalizing threat intelligence.
The research further reveals that while XDR and SIEM deliver measurable value, change is on the horizon for SIEM. Although 86% of organizations currently use SIEM, many are seeking to improve their security data layer with 48% either considering or actively planning to replace one or more of their SIEM solutions. Despite SIEM’s widespread use for threat detection and response, security teams are looking for more advanced threat detection capabilities. As a result, 64% have deployed an XDR solution. Crucially, the research also indicates a shift in expectations for XDR solutions: organizations now expect them to correlate threat and vulnerability risk information to better prioritize remediation. “Actively improving security hygiene and posture management to reduce the attack surface” tops the list of what organizations said would be most beneficial to improving security efficacy and operational efficiency moving forward.
Cyber Technology Insights : 2025 Small Business Survey Shows Spike in AI
To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com
Source: businesswire
