70% UAE firms plan AI-driven SOCs

Editor’s note: AI in security operations is rapidly changing how organizations detect and respond to threats. A global Kaspersky study indicates near-universal intent to integrate AI into SOCs, yet organizations still confront data quality issues, talent shortages and mounting costs. In the UAE, 70% of firms say they will probably adopt AI-driven SOCs, while concerns about data, skills and integration underscore the gap between ambition and execution. This editorial offers context on what to watch as AI becomes a core SOC capability and how to approach implementation responsibly.

Key points

• 99% of respondents plan to incorporate AI into their security operations.
• In the UAE, 70% say they will probably adopt AI in SOCs, with 30% stating they will definitely do so.
• Top use cases: automated analysis for threat detection (58%), and automated incident response (46%).
• Major challenges include data quality, shortage of AI experts, new AI-related threats, and high costs.

Why this matters

AI adoption in security operations is advancing, but the move from experimentation to real SOC impact remains challenging. Talent shortages and evolving AI threats complicate deployment. As providers roll out AI-powered features, organizations should couple technology with data governance and skilled teams to unlock meaningful improvements in threat detection and response.

What to watch next

• Progress on data quality and availability for AI training and deployment.
• Adoption of AI-powered features across SOC tools and platforms.
• Investment in AI talent and integration of SOC processes with AI capabilities.
• Updates to Kaspersky’s AI-powered offerings and threat intelligence capabilities.

Disclosure: The content below is a press release provided by the company/PR representative. It is published for informational purposes.

Kaspersky study: 70% of UAE Firms Plan AI-Driven SOCs—But Talent and Data Gaps Stall Progress

February 20, 2026

Almost all companies planning to establish a Security Operations Center (SOC) regard artificial intelligence (AI) as a must-have component. However, despite high expectations, organizations face significant challenges in deploying and operationalizing AI effectively. These include a lack of high-quality training data, a shortage of AI-skilled personnel, substantial integration costs and emerging AI-related threats.

To explore how companies build and maintain processes in SOCs, Kaspersky conducted a comprehensive global study which highlights, among other things, priorities, expectations and challenges associated with leveraging AI to elevate SOC performance^[1]. The findings reveal that an overwhelming 99% of respondents plan to incorporate AI into their security operations. Among them, nearly three quarters (70%) in the UAE say they will probably do so and nearly a third (30%) state they will definitely do so. This underscores the widespread perception of AI as a vital driver for enhancing threat detection, accelerating investigation processes and boosting overall SOC efficiency.

When it comes to practical use cases, organizations in the UAE primarily expect AI to strengthen threat detection capabilities through automated analysis of data to identify anomalies and suspicious activities (58%) and to facilitate response automation, enabling rapid execution of predefined incident response scenarios (46%). These expectations align closely with the top motivations driving AI adoption in SOCs: improving overall threat detection effectiveness (46%), automating routine tasks (39%) and increasing accuracy while reducing false positives (52%). Large enterprises consistently report broader and more ambitious plans for applying AI across multiple SOC functions.

However, a clear execution gap appears when it comes to AI implementation, characterized by several critical and widespread challenges. Foremost is the lack of high-quality training data, a barrier cited by 32% of organizations in the UAE as a fundamental obstacle that hampers the accuracy and relevance of AI models. This issue is further compounded by other critical concerns: a shortage of qualified AI experts within internal team (43%), the emergence of new threats and vulnerabilities related to AI usage (27%) and the high costs associated with developing and maintaining AI-driven solutions (32%). Together, these factors create a barrier that prevents organizations from turning their AI strategy into operational success, underscoring the necessity for a structured and well-supported approach.

“Organizations clearly recognize the value AI can bring to SOCs but the transition from experimentation to real SOC impact still remains challenging. Given the cybersecurity talent shortages—and AI talent being scarce as well—introducing in-house AI capabilities in a SOC remains a coveted but hard-to-achieve goal. This is why cybersecurity companies are investing in AI-powered features across their leading products. Over the past year, Kaspersky has introduced a comprehensive suite of AI-powered tools across its B2B portfolio to meet the rising demand for timely detection of more advanced threats, while also making our solutions more efficient and user-friendly,” says Anton Ivanov, Chief Technology Officer at Kaspersky.

To build and operate a successful and reliable SOC, Kaspersky recommends the following:

• Engage with Kaspersky SOC Consulting during the initial setup or when enhancing your existing security operations. Our comprehensive consulting services are designed to help companies build a robust SOC and streamline its processes.
• Boost your security performance with Kaspersky SIEM, powered by advanced AI capabilities. This solution aggregates, analyzes and stores log data across your entire IT infrastructure, providing contextual enrichment and actionable threat intelligence insights. Recently, this solution was empowered by AI capability to identify signs of dynamic link library (DLL) hijacking.
• Protect your company against a wide range of threats with solutions from the Kaspersky Next product line that provide real-time protection, threat visibility and AI-driven investigation and response capabilities of EDR and XDR for organizations of any size and industry.
• Equip your cybersecurity team with in-depth visibility into cyber threats targeting your organization. The latest Kaspersky Threat Intelligence delivers rich, contextual insights throughout the entire incident management cycle, enabling timely identification of cyber risks. Recently, it was strengthened by AI-enhanced open-source intelligence search, enhancing your team’s ability to uncover and respond to emerging threats with greater precision.

To explore more of Kaspersky’s solutions and services for building and enhancing your SOC, please follow this link.

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure and governments around the globe. The company’s comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and nearly 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

1. The survey was conducted by Kaspersky’s internal market research center and involved senior IT security professionals, managers, and directors from organizations with 500 or more employees, and focused on companies that do not yet have a Security Operations Center (SOC) but plan to establish one in the near future. The respondents in this study come from 16 countries, including Germany, Spain, Italy, Brazil, Mexico, Colombia, Singapore, Vietnam, China, India, Indonesia, Saudi Arabia, Turkey, Egypt, the United Arab Emirates, and Russia.