Almost all companies are planning to establish a Security Operations Center (SOC) regard artificial intelligence (AI) as a must-have component. However, despite high expectations, organizations face significant challenges in deploying and operationalizing AI effectively. These include a lack of high-quality training data, a shortage of AI-skilled personnel, substantial integration costs and emerging AI-related threats.
To explore how companies build and maintain processes in SOCs, Kaspersky conducted a comprehensive global study that includes respondents from India which highlights, among other things, priorities, expectations and challenges associated with leveraging AI to elevate SOC performance.
The findings reveal that an overwhelming 100% of respondents from India plan to incorporate AI into their security operations. Among them, 76% say they will probably do so while 24% state they will definitely do so. This underscores the widespread perception of AI as a vital driver for enhancing threat detection, accelerating investigation processes and boosting overall SOC efficiency. The numbers in India are aligned with the global sentiment.
When it comes to practical use cases, organizations in India primarily expect AI to strengthen threat detection capabilities through automated analysis of data to identify anomalies and suspicious activities (53%), model training and adaptation by improved detection accuracy through machine learning (45%); and incident correlation, combining disparate events to identify complex attacks and compromise chains (42%).
These expectations align closely with the top motivations driving AI adoption in SOCs for the region: automating routine tasks (49%), improving overall threat detection effectiveness (44%), and increasing accuracy while reducing false positives (37%). Globally, large enterprises consistently report broader and more ambitious plans for applying AI across multiple SOC functions.
“Across APAC, organizations are taking a pragmatic approach to AI in the SOC, prioritizing use cases that deliver immediate operational impact. The strongest expectations center on enhancing threat detection through automated anomaly analysis and accelerating response through predefined automation. These priorities reflect the region’s focus on improving detection effectiveness, reducing alert fatigue, and freeing up security teams from routine tasks. While large enterprises globally are pursuing broader AI ambitions, APAC companies are clearly focused on applying AI where it most directly strengthens resilience and day-to-day security operations,” comments Adrian Hia, Managing Director for Asia Pacific at Kaspersky.
Adding to that Jaydeep Singh, General Manager for India at Kaspersky said "AI is no longer a competitive edge in cybersecurity, it is the baseline. In India, where digital acceleration is outpacing traditional security frameworks, the pressure on SOCs to evolve has never been greater. At Kaspersky, we've ensured our portfolio is built for exactly this moment, from AI-driven threat detection and automated response to intelligent SIEM and XDR capabilities, our solutions are designed to be AI-ready from the ground up, giving Indian enterprises the confidence to embrace this shift without compromise."
However, a clear execution gap appears when it comes to AI implementation, characterized by several critical and widespread challenges. Foremost is the lack of high-quality training data, a barrier cited by 47% of organizations in India as a fundamental obstacle that hampers the accuracy and relevance of AI models.
This issue is further compounded by other critical concerns: a shortage of qualified AI experts within internal team (37%), the high costs associated with developing and maintaining AI-driven solutions (30%), lack of suitable solutions in the market (29%) and the emergence of new threats and vulnerabilities related to AI usage (26%). Together, these factors create a barrier that prevents local companies from turning their AI strategy into operational success, underscoring the necessity for a structured and well-supported approach.
To build and operate a successful and reliable SOC, Kaspersky recommends the following:
Engage with Kaspersky SOC Consulting during the initial setup or when enhancing your existing security operations. Our comprehensive consulting services are designed to help companies build a robust SOC and streamline its processes.
Boost your security performance with Kaspersky SIEM, powered by advanced AI capabilities. This solution aggregates, analyzes and stores log data across your entire IT infrastructure, providing contextual enrichment and actionable threat intelligence insights. Recently, this solution was empowered by AI capability to identify signs of dynamic link library (DLL) hijacking.
Protect your company against a wide range of threats with solutions from the Kaspersky Next product line that provide real-time protection, threat visibility and AI-driven investigation and response capabilities of EDR and XDR for organizations of any size and industry.
Equip your cybersecurity team with in-depth visibility into cyber threats targeting your organization. The latest Kaspersky Threat Intelligence delivers rich, contextual insights throughout the entire incident management cycle, enabling timely identification of cyber risks. Recently, it was strengthened by AI-enhanced open-source intelligence search, enhancing your team’s ability to uncover and respond to emerging threats with greater precision.
𝐒𝐭𝐚𝐲 𝐢𝐧𝐟𝐨𝐫𝐦𝐞𝐝 𝐰𝐢𝐭𝐡 𝐨𝐮𝐫 𝐥𝐚𝐭𝐞𝐬𝐭 𝐮𝐩𝐝𝐚𝐭𝐞𝐬 𝐛𝐲 𝐣𝐨𝐢𝐧𝐢𝐧𝐠 𝐭𝐡𝐞 WhatsApp Channel now! 👈📲
𝑭𝒐𝒍𝒍𝒐𝒘 𝑶𝒖𝒓 𝑺𝒐𝒄𝒊𝒂𝒍 𝑴𝒆𝒅𝒊𝒂 𝑷𝒂𝒈𝒆𝐬 👉 Facebook, LinkedIn, Twitter, Instagram