Elevating Security Operations: The Role of AI-Driven Automation in Enhancing SOC Efficiency and Efficacy

Authors

  • Wei Chen and Jing Zhang Peking University

Keywords:

Cybersecurity, Threat Intelligence, Incident Response, Machine Learning, Data Privacy, Network Security

Abstract

Security operations centers (SOCs) are under increasing pressure to detect and respond to cyber threats in real-time amidst an ever-expanding attack surface and talent shortage. Artificial intelligence (AI) and automation offer immense potential to augment human analysts and boost SOC performance and productivity. This paper examines the evolution of SOCs, key challenges, and the role AI-driven automation can play in elevating security operations. An overview of core AI capabilities for security use cases across major SOC functions is provided. Critical factors for successful AI adoption, including workflow integration, transparent AI, and continuous ML model validation, are discussed. Recommendations are presented to guide security leaders in leveraging AI-driven automation to enhance the efficiency, efficacy, and resilience of SOCs against modern cyber threats.

Author Biography

Wei Chen and Jing Zhang, Peking University

 

 

Downloads

Published

2024-02-06

How to Cite

Jing Zhang, W. C. and. (2024). Elevating Security Operations: The Role of AI-Driven Automation in Enhancing SOC Efficiency and Efficacy. Journal of Artificial Intelligence and Machine Learning in Management, 8(2), 1–13. Retrieved from https://journals.sagescience.org/index.php/jamm/article/view/128