Organizations spend more time maintaining security tools than defending against mounting cyber threats.
Security operations centers globally are overwhelmed by tool maintenance while cyber threats grow more advanced, according to Splunk Inc.’s State of Security 2025 report released Wednesday. The study, which surveyed security professionals worldwide, found that 46% of organizations spend more time maintaining security tools than actively defending their operations.
Cyberattacks have grown in scale and complexity, with two-thirds of respondents reporting data breaches in the past year—making them the most frequent security incident. Despite rising adoption of AI, only 11% of organizations fully trust AI for mission-critical tasks, highlighting a reliance on human oversight. “Human oversight remains central to effective cybersecurity, and AI is used to enhance human capabilities,” said Michael Fanning, CISO at Splunk.
Only 11% of organizations trust AI completely for mission-critical security tasks
Operational inefficiencies are rampant: 60% of respondents cite tool maintenance as the top inefficiency, while 78% say their tools operate in silos, creating barriers for 69% of teams. Security analysts are also overwhelmed by alerts—59% report alert fatigue and 55% deal with excessive false positives. Alarmingly, 52% are considering leaving cybersecurity, and the same number say their teams are overworked.
AI is showing potential: 59% of organizations have seen efficiency gains and over half have prioritized AI in their 2025 plans, particularly in threat analysis, data queries, and policy development.
Those using unified security platforms report substantial benefits: 78% detect incidents faster and 66% achieve quicker remediation. The findings emphasize the urgent need to balance advanced technology and skilled personnel in today’s escalating threat environment.
