Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Despite being around for over 30 years, phishing is a bigger problem than ever for today’s SOCs. Phishing attacks have skyrocketed by 4,151% since the emergence of ChatGPT in 2022, leaving security teams drowning in phishing alert noise. And rather than getting better at recognizing phishing emails, humans are seemingly getting worse, in part due to the increasing phishing sophistication and customization at scale that GenAI offers.

The modern threat landscape doesn’t scale down just because your team is lean. Whether you’re a two-person SecOps crew or a full-blown SOC, attackers don’t discriminate — and the alerts don’t stop. Small security teams face the same phishing, ransomware, and insider threats as the world’s largest enterprises — only with fewer hands on deck and less time to respond. To level the playing field, teams are turning to SecOps automation.

Security Operations Centers (SOCs) continue to struggle in 2025. The perfect storm of growing alert volume, consistent talent shortage, and the well-documented limitations of legacy SOAR solutions have brought many SOC teams to a breaking point. At the same time, bad actors continue to innovate, and cybercriminals have become more sophisticated in their tactics and techniques, including using AI to launch attacks at scale.

Security teams face mounting pressure to defend against sophisticated cyber threats. Traditional automation strategies are often rigid, reactive, and lack the ability to scale effectively. Many SOCs already have access to generative AI to assist with simple tasks and now Torq has brought agentic AI into the mix — which thinks, acts, and learns autonomously to handle security risks. What’s next?

Your SOC exists for one core reason: to rapidly reduce the mean time to detect, investigate, and respond to threats. The more efficiently your team operates, the faster you reduce essential KPIs like MTTR, MTTD, MTTI, and what we call ‘MTTx’ (mean time to anything). Ask our Field CISO, Patrick Orzechowski (PO), and he’ll tell you straight: If your SOC isn’t relentlessly focused on reducing risk through speed, you’re falling behind. Talking about efficiency is easy.

Noam Cohen is a serial entrepreneur building seriously cool data and AI companies since 2018. Noam’s insights are informed by a unique combination of data, product, and AI expertise — with a background that includes winning the Israel Defense Prize for his work in leveraging data to predict terror attacks. As the Head of Artificial Intelligence at Torq, Noam is helping build truly next-gen AI capabilities into Torq’s autonomous SOC platform.

Retail companies are high-value targets for cybercriminals. With sprawling infrastructures, complex supply chains, and large amounts of customer data, retailers are a goldmine for bad actors. In 2024, the retail sector accounted for 24% of all cyberattacks — more than any other industry. The average cost of a data breach in retail rose to $3.28 million.

Security Operations Centers (SOCs) are the command center of an organization’s frontline cybersecurity defenses — responsible for monitoring threats, prioritizing alerts, and orchestrating remediation. However, today’s SOCs are facing an existential crisis: an overwhelming volume of increasingly complex and sophisticated threats combined with a shortage of skilled analysts.