Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver

Staff Editor 2026-06-05
Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver

Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver

https://thehackernews.com/2026/06/only-10-of-socs-say-theyre-getting.html

Publish Date: 2026-06-05 07:20:00

Source Domain: thehackernews.com

Eighteen months ago, the AI SOC was a marketing line. Today it’s a budget item. The category has crossed over from interesting to inevitable, with billions of dollars now flowing into AI-powered security operations platforms, agentic SOC tools, and AI co-pilots built into every layer of the security stack. The data shows SOCs are buying, deploying, and standing up AI capabilities at the fastest pace the industry has ever seen.

And yet, the same SOCs reporting record AI adoption are reporting underwhelming outcomes. The first objective benchmark on the value of AI in the SOC was published in the SOC-CMM 2026 Maturity Report in May, drawing on survey data collected from roughly 200 SOCs across regions, sectors, and delivery models between late January and mid-March 2026. Only about 10% of respondents said AI has delivered excellent value to their SOC. About 19% reported good value. The remaining 71% landed at some value or none at all.

Eighteen months into AI deployment, that’s a structural signal. What follows is a read on what the data confirms, and on what the next wave of AI in security operations must deliver if the industry is going to close the gap.

What the SOC-CMM 2026 data shows

Three findings stand out in the SOC-CMM report’s AI section, and they correlate cleanly with each other once they are read together.

First, adoption is up across every category of AI used inside the SOC. Off-the-shelf large language models grew 55% year over year. AI co-pilots grew 145%. AI agents grew 118%. Supervised machine learning grew 96%. Customized LLMs grew 64%. SOC teams are over-investing in AI without the operational maturity to extract value from what they bought.

Second, the dominant adoption pattern is what the report calls the taker model: off-the-shelf AI deployed inside an existing security stack without customization. About 65% of SOCs surveyed describe themselves as takers. Another 20% are shapers, customizing what they buy. Only 15% are builders,…

Source

More Stories

This Week in Cybersecurity: How AI Supercharged Hackers, Scammers, and Even Worms

This Week in Cybersecurity: How AI Supercharged Hackers, Scammers, and Even Worms

Staff Editor 2026-06-05
Advancing Cybersecurity in the Age of Frontier AI: Qualys Steps into Project Glasswing

Advancing Cybersecurity in the Age of Frontier AI: Qualys Steps into Project Glasswing

Staff Editor 2026-06-05
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework

New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework

Staff Editor 2026-06-05

Terms and Conditions - Privacy Policy