In a world where digital threats are rapidly evolving, the integration of artificial intelligence (AI) into security operations centers (SOCs) has become essential. In 2025, the cybersecurity landscape will be profoundly transformed by technologies capable of analyzing significant volumes of data. However, this technological advancement is not without risks. Indeed, behind the promises of efficiency lie worrying realities that every company must take seriously.<\/p>\n\n
In reality, AI is revolutionizing security, but its use must be governed by constant human vigilance. Control mechanisms must be put in place to avoid decisions based on bias or an erroneous understanding of algorithms. This challenge is forcing companies like Thales, Capgemini, and Docaposte to redouble their efforts to ensure the security of their systems in the face of increasingly sophisticated threats.<\/p>\n\n
In the current context, SOCs are seeking to maximize their responsiveness to security incidents. Thanks to AI, analysts can free themselves from repetitive tasks such as alert classification and prioritization. This allows them to focus on missions requiring strategic thinking. Indeed, a 2024 study conducted by KPMG revealed that 69% of professionals believe that AI-powered automation will remain crucial in the coming years.<\/p>\n\n
The benefits of this trend are undeniable:<\/p>\n\n
However, reliance on automation poses ethical and technical dilemmas, particularly regarding trust in systems. As AI systems evolve, only 11% of professionals are truly confident in using AI for cybersecurity, as highlighted by a Splunk study in April 2025.<\/p>\n\n
Automation bias occurs when an analyst places too much faith in AI systems, to the detriment of their own judgment. Florence Mottay, CISO at Zalando, warns: \u00ab\u00a0We must maintain rigorous human oversight of AI. It’s a complementary tool, not a substitute.\u00a0\u00bb This raises essential questions: To what extent can we trust this tool? How can we prevent flaws in the AI-based decision-making process?<\/p>\n\n
Several situations illustrate this risk. For example, an employee downloads a large file, but the AI \u200b\u200binterprets this action as an attempt to exfiltrate data. False positives are common because machine learning algorithms don’t always take into account the specificities of each organization.<\/p>\n\n
Here are some issues related to this bias:<\/p>\n\n
Conversely, a false negative\u2014when a real threat goes unnoticed\u2014can have catastrophic consequences. This proves that while AI is an asset, humans must play a leading role in analyzing and verifying the alerts generated.<\/p>\n\n
The issue of algorithm transparency is a central concern today. Analysts note that many AI systems operate as \u00ab\u00a0black boxes\u00a0\u00bb: they provide recommendations without explaining how they were trained. This lack of transparency is problematic, especially when it comes to compliance.<\/p>\n\n
Philippe Bacha, Managing Director at Karman Cyber \u200b\u200bDefence, emphasizes the importance of traceability: \u00ab\u00a0Although the Dora Regulation and the NIS 2 Directive do not require it, it is essential for incident tracking and reporting.\u00a0\u00bb This suggests the need for precise standards to guide the implementation of AI in SOCs.<\/p>\n\n Some companies, such as Tanium, are working on less opaque AI models. Their platform allows for detailed explanations of the reasoning behind the generated results. This gives analysts greater control over information processing, thus strengthening confidence in the use of these tools.<\/p>\n\n The choice between an AI model trained on company-specific data or a more generic model is an ongoing debate. On the one hand, training on local data could better adapt to the operational reality of a company, such as OVHcloud or SII Group, which have their own particularities in terms of network traffic and user behavior.<\/p>\n\n On the other hand, Florence Mottay suggests that the model should remain as general as possible to avoid missing broader trends: \u00ab\u00a0Attacks remain similar across companies. Training based on a wide variety of data is, in my opinion, crucial.\u00a0\u00bb Each of these approaches has advantages and disadvantages, and it seems essential to strike a balance.<\/p>\n\n The choice of approach will largely depend on the company’s resources, needs, and strategic priorities.<\/p>\n\n Faced with constantly evolving cybersecurity, several companies stand out for their commitment and innovative solutions. Companies such as Atos, Orange CyberDefense, and Capgemini have successfully adapted by integrating AI into their security service offerings. Their approach combines human expertise with the power of AI to provide a robust and dynamic defense against cyber threats. Company<\/strong>Expertise Solutions Offered<\/strong>Atos Cloud Services and Identity<\/strong> Integrated Cloud Security<\/p>\n\n Orange CyberDefense<\/p>\n\n Collaborations between companies such as Gemalto and Bureau Veritas play a vital role in developing sustainable standards and practices. This strengthens not only security but also user confidence in the systems in place. Towards Tomorrow’s Cybersecurity: Reflections and Perspectives<\/p>\n\n Analysts must maintain vigilance while evolving with technology. Companies must work together to create a robust security ecosystem, where innovation rhymes with responsibility. So, how can we navigate this constantly changing world?<\/p>\n\n A striking example is that cyberattacks have so far become contagious\u2014as some sectors attack others, the need for a collaborative approach becomes urgent. Cybersecurity giants have a key role to play, as they possess ecosystem knowledge that can benefit all businesses.<\/p>\n\n <\/p>\n\n <\/p>\n\n <\/p>\n\n <\/p>\n\n <\/p>\n\n <\/p>\n\n\n","protected":false},"excerpt":{"rendered":" In a world where digital threats are rapidly evolving, the integration of artificial intelligence (AI) into security operations centers (SOCs) has become essential. In 2025, the cybersecurity landscape will be profoundly transformed by technologies capable of analyzing significant volumes of data. However, this technological advancement is not without risks. Indeed, behind the promises of efficiency […]<\/p>\n","protected":false},"author":1,"featured_media":37119,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[41],"tags":[],"class_list":["post-37153","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-non-classe-en"],"_links":{"self":[{"href":"https:\/\/mon-agent-ia.fr\/blog\/wp-json\/wp\/v2\/posts\/37153","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mon-agent-ia.fr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mon-agent-ia.fr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mon-agent-ia.fr\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mon-agent-ia.fr\/blog\/wp-json\/wp\/v2\/comments?post=37153"}],"version-history":[{"count":1,"href":"https:\/\/mon-agent-ia.fr\/blog\/wp-json\/wp\/v2\/posts\/37153\/revisions"}],"predecessor-version":[{"id":37154,"href":"https:\/\/mon-agent-ia.fr\/blog\/wp-json\/wp\/v2\/posts\/37153\/revisions\/37154"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mon-agent-ia.fr\/blog\/wp-json\/wp\/v2\/media\/37119"}],"wp:attachment":[{"href":"https:\/\/mon-agent-ia.fr\/blog\/wp-json\/wp\/v2\/media?parent=37153"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mon-agent-ia.fr\/blog\/wp-json\/wp\/v2\/categories?post=37153"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mon-agent-ia.fr\/blog\/wp-json\/wp\/v2\/tags?post=37153"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\n\n
\n \nCharacteristics of AI in SOCs<\/th>\n Black Box<\/th>\n Transparent<\/th>\n<\/tr>\n<\/thead>\n \n Understanding of Reasoning<\/td>\n Limited<\/td>\n Easily Accessible<\/td>\n<\/tr>\n \n Analyst Confidence<\/td>\n Variables<\/td>\n Higher<\/td>\n<\/tr>\n \n Regulatory Compliance<\/td>\n Complex<\/td>\n Simplified<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n Training Model: Local or Generic?<\/h3>\n\n
Companies at the forefront of cybersecurity innovation<\/h2>\n\n
\n\n
\n \nCybersecurity<\/th>\n Monitoring and Incident Response<\/th>\n Capgemini<\/th>\n<\/tr>\n<\/thead>\n \n Digital Transformation<\/td>\n Risk Management and Compliance<\/td>\n These companies also emphasize employee awareness and training on cybersecurity issues. This is an often overlooked but essential aspect for creating a security culture within organizations.<\/td>\n<\/tr>\n \n The Role of Humans in Digital Security<\/td>\n Beyond technological solutions, it is essential to remember that humans remain a key component of the security architecture. Analysts must be trained to use these tools with discernment and common sense. Jad Tabet, Director of SOC at Karman Cyber \u200b\u200bDefence, affirms that this ability to challenge AI is essential.<\/td>\n He also emphasizes the importance of maintaining critical skills in data analysis, while trusting AI recommendations. Indeed, harmonious teamwork between humans and machines is essential to ensure effective defense.<\/td>\n<\/tr>\n \n Regular training for security teams.<\/td>\n Test AI systems with real-world scenarios.<\/td>\n Ensure open communication on issues and risks.<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/figure>\n\n As we move toward the future, several challenges remain. The balance between AI-powered automation and human expertise will determine the effectiveness of SOCs. On the one hand, artificial intelligence offers fascinating prospects. But on the other, it involves inherent risks that cannot be overlooked.<\/h3>\n\n
<\/h2>\n\n