Blogs

September 8, 2025

Live webinar: Strategies for modernising threat detection in local government

Is your organisation preparing to meet the enhanced security requirements of the NCSC's Cyber Assessment Framework?

In an upcoming webinar hosted by Socitm, join John Lodge and Anne Heim of Socura to learn about the new CAF requirements and discover ways to develop a more proactive approach to security operations.

Considerations for achieving a next-generation SOC
How to prepare for CAF 4.0
Differences between an in-house SOC and outsourcing to a provider

Register to attend

The webinar is taking place at 26th September 2025 at 13.00GMT and will last for one hour. The session is free to attend and open to members and non-members of Socitm.

‍Speakers:

John Lodge, Head of Security Opertaions Centre, Socura

Anne Heim, Threat Intelligence Lead, Socura

Host:

Simon Monahan, Head of Marketing, Socura

September 8, 2025

We're finalists! Socura shortlisted for two Computing Security Awards 2025

Delivering a world-class Managed Detection and Response service that provides the power of calm to our clients is what drives us here at Socura.

Industry recognition for the service we deliver is always an honour. That’s why we’re so delighted to have been shortlisted for two Computing Security Awards 2025:

Security Services Provider of the Year
Cyber Security Customer Service

Your Vote Counts

The Computing Security Awards recognise companies, products, and services that protect the critical digital infrastructure of organisations around the world.

Award winners are chosen by public vote. If you’re a fan of our team and the work we do, please consider voting for us. It only takes a moment, and voting closes on 1st October 2025.

Vote for Socura

We truly appreciate your support!

April 2, 2025

Let’s meet at CYBERUK 2025

CYBERUK is the UK government’s flagship cyber security event. Join Socura at this year’s event (6th – 8th May), which explores the themes of ‘Transforming Resilience. Countering Threats.‘

Visit stand E6 to discover how our Managed Detection and Response service is enabling organisations across the public and private sectors to streamline threat detection and stop attacks more swiftly and effectively. We’ll also be showcasing our work with the Welsh Government in establishing Wales’ National Security Operations Centre.

Book an appointment with Socura

Taking place in Manchester, CYBERUK 2025 is a great opportunity to collaborate with over 2,000 cyber security leaders and professionals. Speakers include Richard Horne, Chief Executive Officer of the National Cyber Security Centre (NCSC) and John Edwards, UK Information Commissioner.

Get in touch below to set up a time to meet with the Socura team at CYBERUK 2025 and discuss your security challenges. Learn how Socura MDR:

Enhances threat visibility across your environments, on-premises and the cloud
Strengthens the protection of key systems, research data and intellectual property
Rapidly identifies and responds to threats, including ransomware and phishing attacks

‍

We look forward to meeting you.

March 10, 2025

Meet us at The National Cyber Security Show 2025

Maximising success with a Managed Detection and Response provider: strategies for building a strong and effective partnership

In a digital age where a small business in the UK falls victim to a cyberattack every 19 seconds (Hiscox), the ability to quickly detect and respond to threats is essential for minimising risks.

Join Socura at The National Cyber Security Show 2025 to learn how our Managed Detection and Response service can help ease the load of threat detection and shut down threats earlier and more effectively.

Discover how Socura MDR:

Enhances threat visibility across your environments, on-premises and the cloud
Strengthens the protection of key systems, research data and intellectual property
Rapidly identifies and responds to threats, including ransomware and phishing attacks

‍

Attend our live session

Taking place on 8-10 April 2024 at the NEC in Birmingham, the NCSC 20025 is a great opportunity to improve your understanding of the latest cybersecurity threats, trends, and solutions. Connect with leading experts, attend informative workshops and seminars, and network with industry peers.

On the first day on the conference at 12.10 PM on the Cyber Solutions Stage, Graeme Barnett of Socura will present:

Whether you’re new to outsourcing or seeking to enhance your current partnership with an MDR provider, this session will explore key strategies for building a successful and lasting client-provider relationship.

‍Managed Detection and Response you can rely on

Get in touch to set up a time to meet with the Socura team at the conference and discuss your threat detection challenges.

January 23, 2025

Socura recognised as Technical Partner of the Year by Exclusive Networks and Palo Alto Networks

Delivering a Managed Detection and Response (MDR) service that consistently achieves results for our customers is at the heart of everything we do at Socura.

That’s why we were honoured to be recognised as Technical Partner of the Year 2024 for our innovative use of Palo Alto Networks’ technology at Exclusive Networks’ recent Sweet 16 Partner Xchange event.

As a Palo Alto Networks partner since our founding in 2019, this award is a credit to the expertise and dedication of our team, which enables our customers to get the most out of their security controls and quickly detect and respond to threats.

“Their (Socura’s) technical expertise and innovative use of Palo Alto Networks’ solutions have been pivotal in driving exceptional managed security services.
Beyond their technical prowess, they have demonstrated a strong collaborative spirit, seamlessly integrating with our team and becoming a true partner in every sense of the word. ‍

Exclusive Networks

December 5, 2024

Socura and Thomas Murray announce strategic partnership

In cybersecurity, it pays to plan for the worst by ensuring that controls and processes are in place and tested frequently to prove their reliability and effectiveness when times are critical.

To support our clients in increasing their cyber preparedness, Socura is delighted to announce a partnership with Thomas Murray, a recognised expert in Incident Response (IR).

The partnership gives Socura clients access to Thomas Murray’s range of Incident Response Retainer (IRR) and consultation services. In return, Socura will offer Managed Detection and Response (MDR) to clients Thomas Murray is supporting to recover from cyber incidents.

‍

About Thomas Murray’s Services

Thomas Murray is a global risk intelligence company that helps businesses understand and manage the risks they face in today’s interconnected world. The company’s Cyber Risk Practice possess years of experience responding to complex cyber incidents.

Among the services now available to Socura clients include:

Incident Response Retainer

Includes 24/7 incident support, digital forensics, response planning, legal and regulatory support and dark web monitoring.

Pen Testing

Tests the security of systems and applications from the perspective of an ethical hacker.

Red Teaming

An objective-based assessment designed to test detection controls and IR processes.

Cyber Awareness Training

Increase employees’ awareness of the latest cyber risks and how to minimise risks.

‍

How MDR and IRR Complement Each Other

The risk of follow-up attacks is a significant risk for any organisation that has suffered a breach. By working with Socura, Thomas Murray will now offer clients that it is helping to recover from incidents the ability to quickly scale their threat detection capabilities with MDR.

Socura MDR includes an experienced team of Security Operations Centre professionals, responsible for proactively detecting and responding to threats. The service will manage and optimise any endpoint detection tooling installed as part of the IR process and automate response actions – minimising the time it takes to shut down future attacks.

‍

“Proactive threat detection and response is vital to minimising cyber risk, but particularly so in the event of a breach. It’s why we’re delighted to partner with Thomas Murray and offer their clients that are dealing with a cyber incident the expertise they need to rapidly scale their capabilities and prevent repeat attacks. Thomas Murray’s considerable experience managing cyber incidents means they will also play an important role in helping our own clients to further increase their cyber preparedness.”

Andy Kays, CEO at Socura.

‍

“We are excited to join forces with Socura, an innovative company that shares our passion for delivering exceptional cyber security services. Together, we will help organisations strengthen their defences against cyber threats and be better prepared to respond in the event of a security incident.”

Ioan Peters, Managing Director of Cyber Risk at Thomas Murray

‍

October 18, 2024

CymruSOC named project of the year at Computing Security Awards 2024

CymruSOC, Wales’ National Security Operations Centre, has been awarded Project of the Year at the Computing Security Awards 2024.

Led by the Welsh Government in collaboration with Merthyr Tydfil County Borough Council, the initiative – the first of its kind in the UK – is strengthening the resilience of public sector organisations across Wales.

Socura was awarded the contract to deliver CymruSOC earlier this year and is in the process of rolling out Managed Detection and Response (MDR) to over 21 local authorities and fire and rescue services across the country.

Securing the Public Sector Across Wales

Every day, thousands of people rely on councils and other public sector organisations in Wales for essential services such as social care, education, and waste collection. Should a cyber attack impact the availability of these services, the results can be highly disruptive.

By delivering a proactive MDR service that includes a team of security experts to detect and respond to threats, Socura is helping to improve cyber resilience across Wales and foster CymruSOC’s ‘defend as one’ approach.

“CymruSOC is a pioneering initiative in the UK, and Socura is proud to have been trusted by the Welsh government to help deliver it”, says Jamie Brummell, CTO at Socura “CymruSOC is already making a significant impact on the resilience of the public sector in Wales, and we’re delighted that this has been recognised by the judges of the Computing Security Awards. Congratulations to all the winners and shortlisted finalists.”

About the Computing Security Awards

The Computing Security Awards is an annual event that recognises companies, products and services that protect the critical digital infrastructure of organisations around the world. The Project of the Year category as this year’s event was determined by a panel of judges, including the editor of Computing Security.

About Socura

Socura reduces cyber risk by proactively detecting and responding to threats, 24/7. Our Managed Detection and Response service operates as an extension of an organisation’s security team – supplying highly skilled SOC experts and the additional capabilities needed to scale security operations and accelerate response to attacks.

October 16, 2024

Socura recognised as a Top Managed Services Provider for MDR in 2024

Socura has been recognised as a top managed services provider for the third successive year. MSSP Alerts’s annual list of the top 250 MSSPs, MDRs and MSPs globally, places Socura at 127– a rise of 103 places since 2022.

Socura is one of just 14 UK-headquartered businesses to make the list, which is determined by criteria such as business growth rate and third-party industry honour

“In a highly competitive market, we’re delighted that Socura continues to be recognised as a top choice for organisations that need support from a managed services partner,” said Andrew Kays, CEO of Socura. "Rising over 100 places in MSSP Alert’s lists shows the trajectory we are on as a business. We are determined to continuing improving the outcomes we deliver and show the world how Managed Detection and Response should be delivered.”

‍

“MSSP Alert and CyberRisk Alliance congratulate Socura on this honour,” said Jessica C. Davis, editorial director of MSSP Alert, a CyberRisk Alliance resource. “The Top 250 MSSPs are an elite group of cybersecurity service providers, and they continue to outperform the overall cybersecurity services market. Members of this list are the best of the best.”

‍

Find out more about to MSSPs list and see all the companies named on the list here: https://www.msspalert.com/top-250-2024

‍

About MSSP Alert

MSSP Alert is part of CyberRisk Alliance (CRA), a business intelligence company that helps the cybersecurity ecosystem connect, share knowledge, accelerate careers, and make smarter and faster decisions. Through our trusted information brands, network of experts, and more than 250 innovative annual events we provide cybersecurity professionals with actionable insights and act as a powerful extension of cybersecurity marketing teams. Our brands include SCWorld, the Official Cybersecurity Summits, Security Weekly, InfoSec World, Identiverse, CyberRisk Collaborative, ChannelE2E, MSSP Alert, LaunchTech Communications and TECHEXPO Top Secret.

About Socura

‍

October 2, 2024

Four years since Fatima: An analysis of UK cyber employment trends

New ONS analysis by Socura reveals that cybersecurity is now the fastest growing IT occupation in the UK. However, with just one security professional for every 86 businesses, a large skill gap remains. Women also remain vastly underrepresented across the industry.

Socura, UK Cyber Report, There Next Job was in Cyber

UK Employment Trends Since Fatima

‘Their next job was in cyber’ was a UK government campaign to encourage more people to choose a career in cybersecurity. However, the infamous ‘Fatima’ ballerina ad that formed part of the initiative sparked a furore on social media and was heavily criticised.

Four years since the ad first appeared (and promptly disappeared), Socura has conducted an analysis of Office of National Statistics (ONS) Employment data to identify how many people have since decided to pursue a new career in cyber. In particular, we were keen to understand the extent of the current skills gaps in the industry.

‍Cyber Is The Fastest Growing IT Occupation

Our analysis reveals that the number of cybersecurity professionals in the UK more than doubled between Dec 2021 (28,500) and March 2024 (65,000), an increase of 128%. The level of this increase means that cybersecurity is now the fastest growing IT occupation, exceeding roles in software development, networking and IT support.

*The number of cybersecurity professionals in the UK increased 128% between December 2021 and March 2024.*

‍Talent Shortages Remain Widespread

Despite an encouraging increase in the total number of cybersecurity professionals, demand continues to outstrip supply. Worryingly, for every 86 companies, there is just one security pro – a situation that desperately needs to be addressed if the UK is to be considered one of the safest places to live and do business. For context, there are nearly 10 times more software programmers in the UK today than cybersecurity pros.

Unfortunately, there is also an increasing gender divide. While there are 4,600 more females in cybersecurity roles today compared to December 2021, the percentage of women compared to men has decreased in this same period, from 24% to 17%.

*There is one cybersecurity professionals in the UK for every 86 companies.*

Download The Report For More Insights

Download the full copy of our ‘Their Next Job Was in Cyber’ report. Understand where the hot spots are for cybersecurity professionals in the UK and learn why partnering with a Managed Detection and Response provider is an excellent option for organisations struggling to recruit and retain talent.

‍

September 26, 2024

Celebrating 5 years in Managed Detection and Response

This month marks Socura’s 5th birthday. We wanted to mark this special milestone by reflecting on our journey so far, while giving thanks to the customers and partners who have supported us along the way.

Overcoming Early Challenges

All businesses experience unique challenges in their early days. However, back in September 2019, when Socura was founded, little did we know what was around the corner – something that could have derailed our plans before we had even begun!

Strongly motivated by our vision to deliver the next generation of Managed Detection and Response (MDR), it was an exciting time. But the start of the COVID-19 pandemic had the potential to change everything. It was far from ideal to start a new business. We could not meet up together as a team or with prospective customers.

Fortunately, as difficult as it was to start a business during COVID, the pandemic presented a major opportunity. Businesses were scrambling to better secure their remote workers and cloud services. Meanwhile, almost overnight, it became impossible for Managed Services Providers to operate traditional physical security operations centres.

Being a 100% remote business built on the latest cloud architectures, Socura had no such problems. Where other providers struggled to adapt to changing customer requirements, Socura was set up to address them from the start. Our flexibility meant that we could rapidly deploy our MDR service and start providing proactive threat detection to customers in weeks rather than months.

We quickly realised that organisations loved our open and honest approach. Security teams told us that they were fed up with service providers who failed to live up to their promises and included hidden extras. They wanted a security partner that was transparent and actually delivered. For example, many other providers would fall short on incident response – a vital component of MDR.

The Present Day

Five years later we can reflect on the pandemic as a challenging time, as well as an important learning curve. It taught us that we can never stand still and must always be ready for what’s around the corner.

Today, Socura has grown to provide Managed Detection and Response to a wide range of private and public sector organisations across the UK – and we continue to go from strength to strength. Being selected as the delivery partner of CymruSOC, Wales’s national cyber security operations centre, is just one of many recent highlights.

Most importantly, customers tell us that our service keeps getting better and better. We are detecting threats more swiftly than ever and automating more response actions to stop threats early. 96% of the incidents we detect are now handled without the need for us to notify customers.

Socura’s Net Promoter Score (78) is ‘Excellent’, and we’re also immensely proud of our 100% customer retention rate.

Here are a few recent quotes from customers that make us very happy:

‍“You have a talented and dedicated team who genuinely care about the customer, which is rare to see these days.”

“More tuning done in one meeting than 5 years of the previous provider.”

“The Socura team are knowledgeable and easy to work with. They take the time to understand our processes and systems and provide recommendations that make us a far stronger organisation.”

“The service is excellent. Nothing is too much trouble.”

Looking Ahead

We look ahead to the next five years and beyond with great optimism. Continuing to improve all aspects of our MDR service to defend our customers against the latest threats is a challenge that drives us. By closely understanding our customers’ needs and working in collaboration with our partners, we will continue to push boundaries.

Improving our proprietary Detection Rule Automation Engine (UK patent application pending) to further streamline detection rule management is just one of our top priorities for the next 12 months. We will also continue to invest in our team to ensure that we attract the UK’s best security talent.

Your Support Means Everything

On behalf of the whole team at Socura, thank you to everyone who has supported us during our first five years. We hugely value the trust you place in us as your security partner and look forward to supporting your detection and response requirements for many more years to come.

Now time to blow out the candles and enjoy a slice of birthday cake!

‍

May 8, 2024

Using AI to Enhance Cyber Security Analyst Training

Our previous blogs have been focussed on looking forward, what will be possible with Artificial Intelligence (AI) in the near future. In this blog, we look at an area where Large Language Models (LLMs) and AI are already adding high value, which is in training, education and knowledge retrieval.

The role of an analyst is becoming increasingly challenging in the rapidly changing world of cyber security. To stay ahead of cyber criminals and continue to protect an organisation’s sensitive data, analysts must continually update their skills and knowledge. This presents a unique opportunity for AI, particularly LLMs, to step in and provide valuable assistance in improving cyber security analyst training.

AI for Knowledge Management

For cyber security teams, knowledge management is essential. Having clearly defined processes and documentation helps in the smooth onboarding of new analysts and ensures a consistent approach to handling security incidents. This is where AI, especially LLMs, is playing a crucial role. Instead of relying solely on human experts to guide new analysts, AI can step in as a virtual mentor. By feeding the AI with well-documented processes and workflows, new analysts can ask questions and receive real-time guidance. While this information is available to the analyst stored within knowledge bases, the use of LLM’s can speed up the retrieval of the information when it is required. When searching through a large amount of data, unless structured in some specific way, keywords would need to be searched in order to find the required information. With LLM’s instead of the correct keyword needing to be used, natural language can be used to ask the question.

AI as a Research Assistant

New threats, exploits, vulnerabilities, and techniques are constantly being released in the world of cyber security and this presents a requirement for analysts to constantly be researching in order to be able to effectively identify and mitigate them. While this information is available online, and while LLM’s currently cannot contain information that is not already available in the public domain, they can act as a powerful start to the workflow. Instead of an analyst using a search engine, wading through adverts and pre-ambles within blog posts, the analyst can instead start the search using the LLM and then pivot to verifying this information using traditional techniques.

AI as a Tutor

The AI-driven tutoring capabilities of LLMs are also of immense value. As cyber security professionals, there’s a constant need to stay updated on the latest threats, techniques, and tools. Learning and mastering new concepts can be challenging, and we often reach points of frustration or confusion. Here’s where AI shines as a private tutor. If you’re struggling to understand a particular concept, you can turn to the LLM and ask it to explain it to you. And it doesn’t stop at one explanation; you can ask it to simplify or provide alternative explanations until you fully grasp the concept. It’s like having a personal tutor on standby, available to guide you through complex topics and making learning cyber security more accessible. One powerful technique is to attempt to explain a concept back to the LLM and ask it to criticise your explanation, not only does this require you to be able to explain a concept in your own words, but it helps identify areas you may have misunderstood. The ability to have a conversation about a subject, or a concept within a subject is a very powerful learning tool which would have been limited previously to those with a private tutor.

All the benefits listed in this blog, as with any resource, require analysts to have a core level of knowledge. Without some foundation in a subject, it is difficult to even know which questions should be asked of an LLM to gain the knowledge you need. Perhaps in the future LLM’s will be fine-tuned to act as tutors within specific domains, and these tutors would suggest questions that you don’t know you should ask in the first place, but currently the learning is user driven.

In conclusion, AI, especially LLMs, is revolutionising cyber security analyst training. It closes the knowledge gap, making cyber security research more accessible and helps retrieve information from large amounts of data quickly. AI serves as a personal tutor, helping cyber security professionals understand complex concepts and continuously improving their skills. As the cyber security landscape evolves, AI will play an increasingly crucial role in preparing analysts for the challenges that lie ahead.

Summary

To summarise this series of blog posts, AI will undoubtedly continue to improve rapidly and as it does so, people within the cyber security industry will find new ways to leverage it, both defensively and offensively. It is very hard to predict what capabilities will emerge and when, and so often it will be a case that cyber security practitioners will need to quickly adapt and implement these capabilities rather than planning for them. One thing that is clear though is that there is a long road ahead from where we are now, to AI systems being able to act as an autonomous security analyst. In the meantime, AI systems should be used to bolster the capabilities of analysts, and where possible automate sub-tasks that could save these analysts valuable time. As AI systems improve, I imagine we will see an increase in the tasks that can be reliably automated with less and less oversight. From 10-20 second tasks that can be automated currently, to multi-task workflows in the future.

‍

March 22, 2024

The future of cyber security: AI-powered playbooks

In the fast-paced landscape of cyber security, organisations are constantly looking for new and innovative ways to protect their critical assets from evolving threats. AI is making its presence felt in the realm of playbooks, automating tasks and simplifying the daily lives of security analysts. In this blog, we will delve into the exciting developments in AI-powered playbooks and look at what the future holds.

Streamlining Playbook Creation with AI

Traditionally, playbooks in Security Orchestration, Automation, and Response (SOAR) platforms have been designed by human analysts. In the near future models will be able to be trained and fine-tuned with playbook JSON, along with a description of what the playbook is achieving, and with this training, the model will be capable of creating new playbooks dynamically. It will be important, as the speed of new threats emerging increases, that playbook responses be able to adapt dynamically in real-time.

Automated Suggestions and Recommendations

A step further from models being able to create playbooks from a given description is an AI agent observing and learning repetitive actions. From these observations, recommendations for playbook and automation enhancements will be given automatically, with the ability to implement these enhancements if approved by the end user.

Recommendations for Improvements to Detection Logic

As SOCs move to a detection as code model, AI will be able to have a real time impact on the detection as code logic. For example, upon ingesting an incident and this incident is found to be a false positive, the detection rule may be tuned to exclude this detection in the future. With intelligent Large Language Models (LLMs), the model could ingest and review the detection rule, and make suggestions as to how the rule could be improved to remove not just the current false positive, but potential future false positives. Importantly it could also make suggestions to ensure the detection logic does not overlook real incidents.

The Rise of Feedback-Driven and Chain of Thought Reasoning

AI systems are beginning to embrace feedback-driven learning, a feature that offers critiques of their output. This approach involves chaining prompts together and inviting self-evaluation. If an output is deemed incorrect or incomplete, the AI system refines its response, resulting in an iterative improvement process. Notably, this aspect is seamlessly integrated into SOAR platforms, allowing security teams to build their feedback-driven AI models. The chain of thought capability allows models to interrogate their own answers with additional questions, which can have a large impact on accuracy metrics. In the future, it’s likely that ‘chain of thought’ will be built into the LLMs themselves, but for now, this can be recreated using playbook tasks chained together in a playbook.

The future of cyber security looks to be in embracing the promise of AI-powered playbooks. These playbooks will streamline security operations, study repetitive tasks, and offer invaluable recommendations. As the integration of AI continues to grow, so too will the capabilities of SOAR platforms, ensuring that the defenders of the digital world are always one step ahead. With these new advancements analysts’ skills will continue to evolve, mastering the AI prompts and investigative skills needed to continue remediation and upskilling first line support.

February 20, 2024

The role of AI in threat detection & hunting – Part 2

Following on from part 1, where we discussed the benefits and limitations of AI in threat detection and hunting, we will now look at how you can maximise the benefits of AI by providing recommendations along the way.

Getting the Most of AI in Threat Detection and Hunting

Despite these challenges, AI remains a powerful tool that can significantly enhance threat detection and hunting capabilities. Organisations that embrace AI, investing in its development and deployment, gain a competitive advantage in the cyber security landscape. A key thing to note about AI is that it is rapidly evolving and improving, so challenges that currently exist that make AI inappropriate for certain tasks may soon no longer be a challenge. For example, in the case of hallucinations, GPT4 hallucinates less than GPT3, and GPT5 is likely to hallucinate much less than GPT4 and hopefully gain the ability to say when it does not know the answer.

To maximise the benefits of AI for threat detection and hunting, organisations should consider the following recommendations:

Start Small: Begin with a small pilot project to assess the benefits and challenges of AI before implementing it across your entire security infrastructure. Simple low-level tasks that are often repeated by analysts, ideally tasks with minimal impact if they go wrong. Set up validation on these tasks and monitor for a period, fine tuning where necessary until you hit a minimum required level of accuracy.
Choosing the Right Tools: Carefully evaluate and select AI tools that align with your organisation’s specific needs and budget. Be aware that using third party tools carries a risk that when these tools change, any systems you have integrated them into may also need updating. For example, the OpenAI API changed the size of its context window, if you had built prompts that used the full length of the previous context window, these prompts would now return an error message. Monitoring and validation should be used to detect when errors like this are introduced. In addition, AI tools that have direct access to the live internet are essential when creating detection rules that are designed to protect against the most up to date emerging threats.
Train Your Analysts: Provide comprehensive, and ongoing, training to your security analysts, ensuring they understand AI limitations and can effectively interpret AI-generated alerts.
Monitor and Evaluate: Continuously monitor the performance of your AI tools, identifying areas for improvement and making necessary adjustments.
Verify: In its current state, AI should be viewed as a tool to enhance the capabilities of analysts and remove some of the leg work, however, whenever possible humans should be kept in the loop to use and verify the output of AI rather than human analysts being replaced by AI.

By following these recommendations, organisations can harness the power of AI to strengthen their cyber security posture, proactively detect threats, and effectively protect their critical assets in the face of evolving cyber threats.

At Socura, we take a people-centric approach to all that we do and although AI has made, and will continue to make, great strides in cyber security, it takes human expertise to be the light; deciphering, interpreting, and acting based on that knowledge to make that interaction count. The human element remains essential in making sense of complex threat scenarios and orchestrating an effective response.

‍

January 29, 2024

The role of AI in threat detection & hunting – Part 1