2025 State of Security reveals alarming burnout, tool sprawl, and cautious AI adoption across global enterprises
The newly released State of Security 2025 report from Splunk highlights a critical challenge facing modern Security Operations Centres (SOCs): overworked teams, fragmented tools, and cautious trust in AI. Conducted in partnership with Oxford Economics, the global study surveyed over 2,000 security leaders across 16 industries.
According to the report, 46% of respondents spend more time maintaining tools than defending their organizations. A staggering 66% experienced a data breach in the last year, and only 11% fully trust AI for mission-critical decisions.
“AI is enhancing human capabilities, not replacing them. Human oversight remains central to cybersecurity.”
— Michael Fanning, CISO, Splunk
“Security teams are under constant pressure,” said Nate Lesser, CISO, Children’s National Hospital. “The industry is struggling with alert fatigue, rising threats, and limited talent. GenAI and automation are helping us stay ahead.”
Tool sprawl continues to cripple effectiveness—78% of security tools are dispersed or disconnected, while 59% say tool maintenance is the biggest inefficiency. Analysts report losing investigation time (57%) and battling false positives (55%), adding to stress and burnout. Notably, over half of SOC professionals say they are overworked, and 52% have considered leaving cybersecurity altogether.
Despite these challenges, AI is delivering tangible value. 59% say it has improved efficiency, especially in threat analysis, querying security data, and policy drafting. However, trust remains limited—AI is viewed as a support system, not a standalone solution.
A unified, AI-augmented SOC model is gaining traction. Among organizations that integrate security and observability teams, 78% report faster detection and 66% achieve quicker remediation—an indication that breaking silos is key to resilience.