44% of defenders say they are losing the battle to prioritize real threats.

69% of organizations use more than 10 detection and response tools.

Organizations receive an average of 2,992 security alerts per day, down from 3,832 the year prior.

63% of defenders want AI agents to handle alert triage and investigations.

Only 58–60% of security teams report full or near-full visibility across endpoints, on-premises networks, cloud environments, and identities.

67% of defenders say AI-powered tools have positively impacted threat identification and response.

76% of defenders say AI agents or AI assistants now handle more than 10% of their workload.

39% of organizations use more than 20 detection and response tools.

63% of security alerts go unaddressed.

87% of defenders expect to increase AI use, primarily to replace legacy detection and response tools.

71% of defenders set aside important security tasks at least two days per week.

62% of organizations reduced SOC staffing on holidays and weekends to provide employees with work/life balance.

78% of companies reduced security operation center (SOC) staffing by 50% or more during holidays and weekends.

6% of companies completely cut their security operation center (SOC) staffing during holidays and weekends.

38% plan to deploy AI agents within Security Operations Centers (SOCs) in the coming year.

38% of organizations place the insider risk function within Security/SOC.

50% of financial services firms plan to invest or upgrade in advanced threat detection and response, such as MDR, EDR, SOC, in 2026.

14% of executives at financial services firms acknowledge that having no access to a SOC partner is a significant weakness that could slow recovery.

Only 31% of security leaders use AI-powered SOC tools across core detection and response workflows.

87% of security leaders are deploying, piloting, or evaluating AI-powered SOC tools.