Regional cybersecurity research shows that nearly all companies in Asia Pacific planning to establish a security operations center (SOC) aim to implement artificial intelligence, but many struggle to move from planning to full implementation.
The survey, conducted among senior IT security professionals, managers and directors from organizations with 500 or more employees across 16 countries, found that 99% of respondents in APAC plan to integrate AI into their security operations.
Of these, 67% said they would probably deploy AI, and 32% said they would definitely deploy AI.
This strong interest reflects increasing pressure on organizations to improve their ability to detect and respond to cyber threats.
Many companies expect AI to enhance threat detection through automated analysis of data to identify anomalies and suspicious activity, cited by 60% of respondents.
Additionally, 55% expect AI to help automate incident response, allowing them to take predefined actions faster.
These expectations go hand-in-hand with the main reasons why companies deploy AI in their SOCs.
55% of respondents cited improving overall threat detection effectiveness, followed by automating routine tasks at 47% and improving accuracy while reducing false positives at 45%.
We also found that large enterprises around the world are pursuing broader and more ambitious applications of AI across multiple cybersecurity functions.
Kaspersky Asia Pacific managing director Adrian Hyer said organizations in the region are taking a pragmatic approach to AI in security operations centers (SOCs), focusing on use cases that have an immediate impact on operations.
He said the strongest expectations are for enhanced threat detection through automated anomaly analysis and accelerated response through predefined automation, reflecting broader efforts to improve detection efficiency, reduce alert fatigue, and free security teams from day-to-day tasks.
Hia added that while large enterprises around the world are pursuing broader AI ambitions, companies in APAC are prioritizing applications that directly enhance resiliency and day-to-day security operations.
Despite high interest, the study found a clear gap between expectations and implementation. Lack of quality training data was identified as the biggest challenge, cited by 44% of organizations. Without sufficient or reliable data, AI models can struggle to provide accurate or meaningful results.
Companies also face a shortage of qualified AI professionals, cited by 37% of respondents, making it difficult to build and maintain in-house capabilities. Other barriers include new threats and vulnerabilities associated with the use of AI (34%), difficulty integrating and managing AI tools (34%), and high costs of developing and maintaining AI-driven systems (33%).
Anton Ivanov, Kaspersky’s chief technology officer, said organizations recognize the value that AI brings to security operations centers, but moving from experimentation to real operational impact remains difficult.
He said a shortage of cybersecurity talent and a shortage of AI experts are making it difficult for companies to implement AI capabilities in-house, even as demand continues to grow.
Ivanov added that cybersecurity companies are investing in AI-powered capabilities to improve threat detection and make security solutions more efficient and easier to use.
Overall, the findings suggest that while AI is increasingly considered essential to modern cybersecurity operations, many organizations in APAC are still in the early stages of adoption.
Transforming an AI strategy into a fully operational system requires addressing skills shortages, improving data quality, and managing the cost and complexity of implementation.
