Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Noam Cohen is a serial entrepreneur building seriously cool data and AI companies since 2018. Noam’s insights are informed by a unique combination of data, product, and AI expertise — with a background that includes winning the Israel Defense Prize for his work in leveraging data to predict terror attacks. As the Head of Artificial Intelligence at Torq, Noam is helping build truly next-gen AI capabilities into Torq’s autonomous SOC platform.

SOC leaders that aren’t thinking about the future are already behind — and what’s beyond 2025 is rapid evolution. The breakneck pace of AI innovation, a widening skills gap, and increasingly sophisticated threat tactics will encourage (one could even say force) SOC teams to embrace forward-leaning strategies to stay resilient.

I’ve always had a love-hate relationship with traditional SOC. Many SOC teams do great work within this structure. But there are also serious issues with the three-tier model - it’s rigid, costly, and unsustainable for any company that isn’t a large enterprise. In the push to address these limitations, the concept of an “autonomous SOC” has emerged, with some vendors already claiming to offer fully autonomous solutions.

Retail companies are high-value targets for cybercriminals. With sprawling infrastructures, complex supply chains, and large amounts of customer data, retailers are a goldmine for bad actors. In 2024, the retail sector accounted for 24% of all cyberattacks — more than any other industry. The average cost of a data breach in retail rose to $3.28 million.

In the summer of 2024, a Russian ransomware gang launched an attack on a UK pathology services provider. However, the group didn’t just encrypt the organization’s data and demand a ransom. It exfiltrated data from more than 300 million patient interactions with the National Health Service (NHS), and when the victim organization refused to pay the hefty ransom, the group released all the stolen data on the dark web.

Security Operations Centers (SOCs) are the command center of an organization’s frontline cybersecurity defenses — responsible for monitoring threats, prioritizing alerts, and orchestrating remediation. However, today’s SOCs are facing an existential crisis: an overwhelming volume of increasingly complex and sophisticated threats combined with a shortage of skilled analysts.