Security is complicated by a growing number of cloud tools that aren’t integrated, sprawling tech stacks and a lack of communication, according to the 2026 Security Operations Insights report released this week by Sumo Logic.
The study of more than 500 IT and security leaders, developed with independent research firm UserEvidence, shows that 93 percent of enterprise organizations use at least three security operations tools, and 45 percent use six or more. It’s no surprise then that over half (55 percent) of respondents report having too many point solutions in their security stack.
Although 80 percent of enterprise organizations say security and DevOps use shared observability tools, only 45 percent say the two teams are very aligned on tooling and workflows. 100 percent say a unified platform for logs, metrics, and traces would be valuable for their security and DevOps teams.
“Our report finds that security leaders are continually investing in more and more security and cloud operations tools but sprawling security tech stacks create additional challenges that keep the cycle going,” says Chas Clawson, VP of security strategy at Sumo Logic. “Many of the new tools don’t communicate with one another, creating more work and less reliable coverage. The biggest problem we see is security teams becoming leaner, meaning they have even less capacity to connect the dots between siloed tools and actually provide protection to their organization.”
Among other findings, 90 percent of security operations leaders say supporting data sources from multi-cloud and hybrid-cloud environments is very or extremely important for their SIEM, highlighting the continued need for data pipeline management.
Only 51 percent say their current SIEM is very effective at reducing mean time to detect and respond to threats. And just 52 percent are very confident their current SIEM can scale to meet future security and cloud operations needs.
Although 90 percent of security leaders say AI/ML is extremely or very valuable in reducing alert fatigue and improving detection accuracy, their most common AI use cases focus on basic tasks like threat detection. These findings indicate that AI adoption isn’t as widespread through advanced security workflows as marketing narratives often suggest.
The threat detection and response process is fully or mostly automated according to 70 percent of respondents, with 25 percent reporting it’s fully automated. Those who rely on a mostly or fully manual process are in the extreme minority.
You can find out more on the Sumo Logic blog.
Image credit: achirathep.gmail.com/depositphotos.com
![the-silent-danger-of-ssh-key-mismanagement-[q&a]](https://thetechbriefs.com/wp-content/uploads/2025/12/89507-the-silent-danger-of-ssh-key-mismanagement-qa.jpg)
