Enterprises are keen to adopt AI to accelerate business operations and infrastructure, but attackers are doing the same — driving faster, more automated attacks that security teams struggle to keep pace with, even as they adopt AI-powered defenses.
A new report from Vectra AI, based on a global survey of 1,450 security practitioners, SOC leaders, and security decision-makers, finds organizations receive an average of 2,992 security alerts per day, down from 3,832 the year before, yet 63 percent of alerts still go unaddressed.
In addition 71 percent of defenders report setting aside important security tasks at least two days per week. Only 58-60 percent report full or near-full visibility across endpoints, on-premises networks, cloud environments, and identities.
Tool sprawl is an issue too with 69 percent of organizations using more than 10 detection and response tools, while 39 percent are using more than 20.
“Organizations have invested heavily in people, tools, and AI, but confidence hasn’t kept pace,” saysd Mark Wojtasiak, SVP of research and strategy at Vectra AI. “Cyber resilience depends on trusted signals. When defenders can’t clearly distinguish real threats from noise, response slows, and resilience becomes difficult to deliver and even harder to prove.”
While optimism around AI in the SOC is high, the report shows its impact has not yet translated into measurable improvements in visibility, response speed, or confidence, even with 76 percent of defenders stating that AI agents and/or AI assistants now handle more than 10 percent of their workload.
AI-powered tools have positively impacted threat identification and response according to 67 percent of defenders. 87 percent expect to increase AI use, primarily to replace legacy detection and response tools, and 63 percent want AI agents to handle alert triage and investigations.
The full report is available from the Vectra AI site.
Image credit: denisismagilov/depositphotos.com
