Detailed in ‘The Future of SecOps in an AI-Driven World’ report, this improvement has been driven by three industry mega-trends: security tool consolidation, the integration of generative AI (Gen AI) within Sec Ops, and the growing maturity of security information and event management (SIEM) and extended detection and response (XDR) solutions.

Sec Ops is a mainstay of modern cyber security programmes. Once limited to reactive, alert-driven activities, Sec Ops has expanded into a broader risk mitigation function. Today, it encompasses both proactive and reactive strategies including security posture management, optimisation and tuning of core security controls, threat detection and response, and recovery from cyber attacks.

Centralised security is a priority

Consolidation and platformisation are driving tangible benefits across multiple areas—55% of respondents reported positive results from the consolidation of Sec Ops tools. With budgets constrained in an unpredictable economy, cost optimisation and tools management overhead were among the top advantages cited in the report. While a more centralised security data strategy is a priority alongside consolidation efforts, progress remains gradual.

“As organisations report significant positive impacts from Sec Ops tools consolidation, it’s important to recognise that tools consolidation must be a continuous process,” said Dave Gruber, Principal Analyst at Enterprise Strategy Group, now part of Omdia. “The need for the addition of discrete, specialised security tools will continue as IT innovations expand the attack surface. Organisations should annually reassess opportunities to consolidate specialised tools into platform offerings. This ‘continuous consolidation process’ should drive cost savings, simplify operations and management, and fuel improvements in security outcomes.”

Gen AI increasingly helping to automate security tasks

Gen AI within Sec Ops is poised for significant contribution across a broad array of security use cases—74% of the study’s respondents said they use Gen AI-enabled solutions daily to automate security tasks. This rapid adoption puts Gen AI within reach of surpassing security orchestration, automation, and response (SOAR) solutions for Sec Ops automation. Gen AI is further helping to reduce long-standing challenges within Sec Ops, including detection rule engineering, correlation of siloed data sources, and operationalising threat intelligence.

Demand for more advanced threat detection capabilities

The research further reveals that while XDR and SIEM deliver measurable value, change is on the horizon for SIEM. Although 86% of organisations currently use SIEM, many are seeking to improve their security data layer with 48% either considering or actively planning to replace one or more of their SIEM solutions. Despite SIEM’s widespread use for threat detection and response, security teams are looking for more advanced threat detection capabilities. As a result, 64% have deployed an XDR solution. Crucially, the research also indicates a shift in expectations for XDR solutions: organisations now expect them to correlate threat and vulnerability risk information to better prioritise remediation.

“Actively improving security hygiene and posture management to reduce the attack surface” tops the list of what organisations said would be most beneficial to improving security efficacy and operational efficiency moving forward.