The SOCs isn't just a function in the age of AI Era by Dr. Yusuf Hashmi
In this DeepTalks session, Dr. Yusuf Hashmi, Group, CISO at Jubilant Bhartia Group, reimagines the SOC, tackling AI-assisted triage, alert fatigue, data governance, DPDP liability, and the rising cost of log inflation, to present a bold, practical vision for future-ready security operations.In the dimly lit war rooms of cybersecurity, the Security Operations Centers (SOCs), thousands of alerts blink on screens every minute. Analysts scan dashboards, eyes darting, trying to distinguish between noise and the one anomaly that could bring an enterprise to its knees. But in today's AI-fueled world, even these battle-tested security models are showing signs of exhaustion.
'It's time we stop seeing the SOC as just a dashboard of alerts,' says Dr.
Yusuf Hashmi
, Group CISO at Jubilant Bhartia Group, in a gripping and wide-ranging conversation with ETCIO DeepTalks. 'We must reimagine it as a cockpit, one that is predictive, autonomous, and human-aware.'
Dr. Hashmi isn't just describing a shift in tools. He's championing a cultural and architectural transformation, one that demands leadership rethink how security operations are structured, automated, and governed.
The breakdown begins
The conversation opens with a blunt diagnosis: the traditional SOC is broken.
'There used to be a handful of firewall logs coming in. Today, we're ingesting data from 60-70 different log sources,' Dr. Hashmi explains. 'From endpoints to proxies, from cloud to identity - the ecosystem is sprawling. And each of these sources needs contextual use cases. But most organizations aren't ready for that.'
This, Dr. Hashmi says, creates the perfect storm for alert fatigue, a silent killer in cybersecurity. Analysts are overwhelmed, incidents are missed, and trust in the SOC dwindles.
AI's promise and pitfalls
Dr. Hashmi sees AI not as a silver bullet, but as a powerful enabler, if implemented wisely.
'AI can triage, correlate, enrich. It can suppress false positives and help prioritize what matters. But AI must be trained. It doesn't mature out of the box. You need 5 to 6 months, sometimes longer, to adapt a model to your data,' Dr. Hashmi warns.
Dr. Hashmi emphasizes the agentic model, using AI-powered agents to take over repetitive, mundane triage tasks so human analysts can focus on critical decision-making. But the contextual layer, he insists, must remain human.
Dr. Hashmi also says 'AI can automate. But it cannot replace the analyst's gut instinct, their ability to think outside the box. That's irreplaceable.'
Integration nightmares & log inflation
At the heart of SOC dysfunction lies a quietly growing monster: log overload.
'Many organizations don't understand what they're ingesting,' Dr. Hashmi says. 'EPS (Endpoint security) peaks go through the roof. And half those logs? They're noisy. They're being stored, processed, and paid for, but they add no value.'
Dr. Hashmi's advice: optimize for relevance, 'You don't need everything. You need what helps you correlate, detect, and
respond
. Everything else is an expensive distraction.'
From alert fatigue to MTTR anxiety
Metrics like
Mean Time
to Detect (MTTD) and Mean Time to Respond (MTTR) have become the new holy grails of SOC performance. But as Dr. Hashmi points out, they're only as good as the underlying architecture and logic.
'If you don't fine-tune your rules, if your alerts aren't contextualized, your MTTA and MTTR suffer. Analysts waste time chasing irrelevant noise, and that one critical alert gets buried.'
The fix? Smarter alerting. Better enrichment. Fewer false positives. And yes, more AI-powered correlation engines that understand behavioral baselines.
The compliance curveball: DPDP's impact on SOCs
With India's Digital Personal Data Protection (DPDP) Act coming into force, Dr. Hashmi sees new pressure on SOC teams especially around personal data ingestion.
'If your SOC is processing DLP logs, you may be dealing with personal data. That means you're accountable under the DPDP. You need governance, visibility, and traceability.'
He calls for greater attention to data lineage, understanding where data comes from, how it's stored, who accesses it, and how long it remains within systems.
'Security without governance is a ticking bomb. You need to know your data trail end to end.'notes Dr. Hashmi.
SOC design: It's not about tools. It's about context.
When asked what makes a modern SOC truly effective, Dr. Hashmi offers a precise and measured answer:
Scalability: The platform must handle peak volumes.Prebuilt Use Cases: MITRE ATT&CK-aligned rules save time.Usability: Analysts need intuitive, investigation-friendly interfaces.Cost Awareness: Know your licensing model EPS vs storage.Reporting Clarity: MTTR, MTTD, FP rates these are your compass.
But Dr. Hashmi's quick to emphasize that no model fits all. 'You must understand your environment. Your threat landscape. Your business impact. No Gartner quadrant can define your context better than you.'
The ROI dilemma and the AI hype trap
Every CISO today is asked the same thing: What's the ROI on security? Dr. Hashmi believes it starts with asset valuation.
'If you don't know the value of what you're protecting, how will you measure loss? Understand your assets. Quantify their downtime impact. Then map your SOC outcomes against that.'
He also cautions against AI - FOMO
'Many CISOs buy AI tools just because they're trending. But if your MTTA isn't improving, your response time hasn't dropped. What did you really gain?' says Dr. Hashmi.
On MDRs, cloud SOCs, and cost-efficient architectures
For organizations lacking in-house expertise or infrastructure, Dr. Hashmi recommends SOC-as-a-Service or Managed Detection & Response (MDR) models.
'Not everyone needs an on-prem SOC. If you're a smaller firm, MDR can be a life-saver, no licensing, no infra management, no staffing nightmares.'
Dr. Hashmi also advocates for cloud-based SOCs with high availability and easy scalability, especially when uptime and redundancy are mission-critical.
In perhaps the most poignant part of the conversation, Dr. Hashmi speaks of the unsung heroes of the SOC, the analysts.
'They run 24x7. They're the stars of the security function. But we overload them with Excel reporting, compliance checklists, and fatigue. That has to stop.' pointed Dr. Hashmi.
Dr. Hashmi also urges CISOs to sit with their SOC teams, understand their world, and build empathy into governance. 'The SOC isn't just a function. It's your shield. If you love it, you'll nurture it.'
In a world increasingly driven by automation, Dr. Hashmi reminds us that passion still powers the best defenses. 'SOCs are like goalkeepers. They don't get applause until something goes wrong. But they're your last line of defense, and your first line of attack.'
To modernize a SOC, organizations must combine the power of AI with the wisdom of human intelligence, supported by architecture that scales, data that's governed, and leadership that listens.
Because in cybersecurity, it's not just about fighting threats, it's about earning trust, concludes Dr. Hashmi.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
News18
5 days ago
- News18
Jubilant Bhartia Group Acquires 40% Stake In Hindustan Coca-Cola Holdings
Jubilant Bhartia Group has completed the acquisition of a 40% equity stake in Hindustan Coca-Cola Holdings Private Limited Jubilant Coca Cola Deal: The Jubilant Bhartia Group has completed the acquisition of a 40 per cent equity stake in Hindustan Coca-Cola Holdings Private Limited (HCCH) for Rs 1,17,04,40,00,000 on Tuesday, marking a significant development in the Indian beverages and FMCG space. In a regulatory filing with the stock exchanges under Regulation 51 of the SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015, the company confirmed the closure of the deal. With this strategic investment, the Jubilant Bhartia Group becomes a key stakeholder in HCCH, which is the holding company of Hindustan Coca-Cola Beverages Pvt. Ltd (HCCB), the bottling and distribution arm of Coca-Cola in India. The move is expected to bolster the group's presence in the non-alcoholic beverages sector and open new avenues for growth and collaboration in the fast-moving beverage segment. Jubilant Bhartia X Hindustan Coca-Cola Beverages Jubilant Bhartia Group had announced in December that it had entered into a definitive agreement to acquire a 40 per cent equity interest in HCCH through Jubilant Beverages. The deal had received approval from the Competition Commission of India on May 1, 2025. In India, The Coca-Cola Co. bottles products such as Thums-Up, Sprite, Fanta, Limca and flagship brand Coca-Cola through subsidiary HCCB, as well as a set of independent bottling companies. Jubilant Bhartia Group has now acquired 40 per cent in Hindustan Coca-Cola Holdings, the parent of HCCB, through Jubilant Beverages Ltd. HCCB operates 13 factories, serving 236 districts across 12 states in India's south and west. HCCH is the parent company of HCCB, the largest Coca‐Cola bottler in India. The Jubilant Bhartia Group, which started out as a drugs and chemicals company, has since branched into contract research and development services, agricultural products, performance polymers, and food services. Jubilant FoodWorks Ltd is India's largest food services company, and holds exclusive rights to develop and operate Domino's Pizza in India, Sri Lanka, Bangladesh, and Nepal. view comments First Published: July 22, 2025, 22:24 IST Disclaimer: Comments reflect users' views, not News18's. Please keep discussions respectful and constructive. Abusive, defamatory, or illegal comments will be removed. News18 may disable any comment at its discretion. By posting, you agree to our Terms of Use and Privacy Policy.
NDTV
6 days ago
- NDTV
10 Reasons Why Apache Helicopter Is Considered One Of The Deadliest In World
New Delhi: In a big boost to the army's offensive capability and reconnaissance operations, India received its first consignment of long-awaited Apache attack helicopters from the US today. Also known as the 'tanks in the air', the AH-64Es landed at the Indian Air Force's (IAF) Hindon Air Force Station. According to sources associated with defence and security establishments, the helicopters will be deployed on the Pakistan border. This is the first time the Indian Army will operate the Apache helicopters. The Indian Air Force already operates 22 of the heavy attack helicopters. Here are 10 reasons why the Apache helicopters are considered one of the deadliest: The Apache helicopter is the most modern configuration of the Apache and is ready for the Multi-Domain Operations (MDO) battlefield. The MDO refers to a concept where military forces integrate activities across multiple domains (land, sea, air, space, and cyberspace) to achieve strategic and operational objectives. Designed for interoperability within the MDO ecosystem, AH-64E is a lethal, survivable, and agile system providing the reach, maneuverability, and performance needed by ground forces and contributes to current and future joint mission success, Boeing said in a statement. The helicopters are equipped with state-of-the-art targeting systems that provide accurate data on the target in all weather conditions. They have night vision navigation systems, which will make the offensive capabilities of the army even more effective. According to Boeing, the Apache helicopters have a network-centric, fully integrated weapon system specifically built to dominate in highly contested and complex battle space. These include multiple enhancements to the aircraft's sensors, software, and weapons performance. The Apache helicopters can be used not only to attack, but also in security, reconnaissance, and peace operations. AH-64Es can provide and integrate advanced capabilities through a layered effect of on-board and off-board sensors, stand-off long-range weapons, and the connectivity required to use all the tools the ecosystem can bring. "This is a fully integrated, optimized for battle attack helicopter that is truly in a class by itself," Boeing said. The helicopters can control unmanned aerial vehicles and have powerful T700-GE-701D engines with upgraded face gearopens in a new tab transmission to accommodate more power, Boeing said. The standard crew size of the helicopters is two. Its maximum operating weight is around 10,432 kg. Boeing delivered the first US Army Apache AH-64A in January 1984. Since then, the US Army and other nations have received more than 2,700 AH-64 Apache attack helicopters. Boeing's global customers for the Apache include India, Egypt, Greece, Indonesia, Israel, Japan, Korea, Kuwait, the Netherlands, Qatar, Saudi Arabia, Singapore, the United Arab Emirates, and the United Kingdom.
Time of India
16-07-2025
- Time of India
Tech Mahindra Q1 Results: Cons PAT surges 34% YoY to Rs 1,141 crore, misses Street estimates
Tech Mahindra on Wednesday reported a 34% growth in its Q1FY26 consolidated net profit at Rs 1,141 crore versus Rs 851 crore in the year ago period. The profit is attributable to the owners of the company and is below Street's estimates Rs 1,211 crore. The company's revenue for the reported quarter rose 2.7% to Rs 13,351 crore versus Rs 13,005 crore in the year ago period, but marginally missed Street's estimates of Rs 13,374 crore. Explore courses from Top Institutes in Select a Course Category Finance Management Product Management MBA Data Science Public Policy Data Analytics PGDM Healthcare Artificial Intelligence Cybersecurity Digital Marketing Others others Project Management CXO healthcare Degree Leadership Data Science Design Thinking MCA Technology Operations Management Skills you'll gain: Duration: 9 Months IIM Calcutta SEPO - IIMC CFO India Starts on undefined Get Details Skills you'll gain: Duration: 7 Months S P Jain Institute of Management and Research CERT-SPJIMR Fintech & Blockchain India Starts on undefined Get Details by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Learn The Most Successful Intraday Strategy in Just 2 Hr. thefutureuniversity Learn More Undo Read More...
