The key to successful AI strategies in Security Operations Centers (SOCs) lies in CISOs taking ownership of initiatives and breaking down legacy barriers that hinder progress. At Forrester’s 2025 Security & Risk Summit, the discussion revolved around the gap between the promise of AI and its actual delivery, with generative AI posing a challenge for many organizations.
Leading organizations like Carvana, City of Las Vegas, Copperbelt Energy Corporation Plc, Inductive Automation, and Salesforce are reaping the benefits of AI efficiency, while others struggle to keep up. With adversaries launching attacks in a matter of minutes and security teams facing breaches due to generative models, it’s crucial for organizations to dismantle legacy walls that impede progress.
Despite the high failure rates of AI agents on complex tasks, executives report significant productivity gains from deployed AI agents. The key lies in removing organizational barriers to effective deployment, rather than perfecting the technology itself.
As organizations grapple with tool sprawl and fragmented systems, false-positive rates and alert fatigue increase, leading to operational inefficiencies. By consolidating telemetry data into a single-agent model, SOC teams can improve governance decisions at machine speed and precision.
Traditional security governance models struggle to keep up with the pace of AI operations, creating a governance crisis that hinders adoption. Companies like CrowdStrike, Palo Alto Networks, and SentinelOne are addressing this challenge by implementing single-agent architectures that streamline governance processes.
By transforming the culture of “no” to one of strategic thinking, CISOs can become enablers of business growth rather than gatekeepers. By tying security team performance to revenue generation and automating guardrails, organizations can accelerate business growth while effectively managing security risks.
Integrating security teams into development and operations, building automated guardrails, and enabling AI agents to tap into unified data streams for real-time monitoring are key steps towards creating a culture of yes in security operations. This shift allows security to become a proactive force that powers automated defense mechanisms, rather than a hindrance to progress.
