CISO Tradecraft® #259 - Transforming Security Operations (with Brian Carbaugh and William Macmillan)
36 snips
Nov 17, 2025 Brian Carbaugh, a former CIA operations officer with 25 years of service, and William MacMillan, a former Air Force pilot and CIA cyber leader, delve into AI's transformative impact on Security Operations Centers (SOCs). They discuss how AI dramatically reduces alert fatigue and enhances threat detection by condensing investigative hours into mere seconds. The duo shares insights on the benefits of human AI SOCs over traditional SIEMs, emphasizing open interoperability and the importance of contextual data in strengthening security measures.
AI Snips
Chapters
Transcript
Episode notes
From Tool To Decision Fabric
- Traditional SOCs force analysts to be the glue across many point tools, creating tool toil and alert overload.
- Human-AI SOCs collapse haystacks, organize needles, and hand analysts curated investigations to act on.
Pitch The Business Case Fast
- Explain to executives that AI SOCs cut noise, speed response, and reduce breach costs by improving detection and response time.
- Emphasize it augments staff rather than replaces them and enables proactive defense.
Analyze In Place, Not Move Data
- Human-AI SOCs analyze data where it lives instead of forcing costly centralized ingestion and long data migrations.
- They create an AI decision layer that delivers contextual insights on day one without massive piping work.