CISO Tradecraft® #259 - Transforming Security Operations (with Brian Carbaugh and William Macmillan)
44 snips
Nov 17, 2025 Brian Carbaugh, a former CIA operations officer with 25 years of service, and William MacMillan, a former Air Force pilot and CIA cyber leader, delve into AI's transformative impact on Security Operations Centers (SOCs). They discuss how AI dramatically reduces alert fatigue and enhances threat detection by condensing investigative hours into mere seconds. The duo shares insights on the benefits of human AI SOCs over traditional SIEMs, emphasizing open interoperability and the importance of contextual data in strengthening security measures.
AI Snips
Chapters
Transcript
Episode notes
Pitch The Business Case Fast
- Explain to executives that AI SOCs cut noise, speed response, and reduce breach costs by improving detection and response time.
- Emphasize it augments staff rather than replaces them and enables proactive defense.
Analyze In Place, Not Move Data
- Human-AI SOCs analyze data where it lives instead of forcing costly centralized ingestion and long data migrations.
- They create an AI decision layer that delivers contextual insights on day one without massive piping work.
Machine-Speed Investigative Reasoning
- Generative AI enables machine-speed grouping, enrichment, and human-like investigative reasoning at scale.
- That reduces days of triage to minutes while preserving human review and decisions.