The landscape of cybersecurity is constantly evolving, with the volume and complexity of threats increasing exponentially. Adversaries have weaponized AI, making traditional security operations and analysts struggle to keep up with the sheer number of alerts and false positives flooding their systems. Chris Drumgoole, president of global infrastructure services at DXC Technology, recognizes the need for a new approach in the face of this ever-changing threat landscape.
“The traditional linear SOC model is no longer effective in today’s environment,” Drumgoole explains. “The sheer volume of alerts coupled with the sophistication of attacks has rendered the old model obsolete.”
To address this challenge, DXC has partnered with 7AI to launch the DXC Agentic Security Operations Center (SOC), which leverages intelligent AI agents to autonomously triage, investigate, and respond to security incidents at scale. Before rolling out this technology to customers, DXC tested it internally and saw impressive results. They observed an 80% reduction in tier-1 SOC analyst time and a 95% decrease in the number of tickets that humans needed to analyze, leading to a 67% reduction in mean time to respond in the tier-1 and tier-2 SOC.
This shift towards agentic security represents a significant departure from traditional rule-based automation. Agentic AI is adaptive, contextual, and end-to-end, allowing for a more proactive and self-directed defense strategy. By giving every alert a unique perspective and learning from past incidents, AI agents can handle a higher volume of alerts more efficiently than human analysts.
DXC Agentic SOC has already demonstrated its capabilities by streamlining the alert processing workflow and reducing false positives. The average response time has improved significantly, from 74 minutes to 24 minutes, representing a 70% enhancement over human capabilities.
Despite the proven benefits of AI-driven security operations, organizations may still have reservations about adopting this technology. Drumgoole acknowledges the emotional, operational, and process barriers that come with integrating AI into existing workflows. However, he emphasizes that embracing this evolution is crucial for organizations to stay competitive in the rapidly changing cybersecurity landscape.
“It’s an evolve-or-die moment,” Drumgoole asserts. “Those who embrace agentic security will thrive, while others risk becoming obsolete.”
Ultimately, DXC’s approach to AI-powered security operations offers a straightforward and scalable solution for organizations looking to enhance their cybersecurity posture. By treating AI agents as an extension of their security analyst team, organizations can leverage the benefits of automation without compromising on security or data privacy.
In conclusion, the evolution of AI in cybersecurity represents a paradigm shift in threat response, and organizations that embrace this change stand to gain a competitive advantage in an increasingly hostile digital environment.
