In the evolving landscape of cybersecurity, over 40% of Singaporean companies are planning to establish Security Operations Centres (SOCs).
This strategic move comes as organisations seek to enhance their cybersecurity postures, improve detection and response times, and gain a competitive advantage in an increasingly digital marketplace.
Citing the company's "State of Cybersecurity 2025: Singapore", Ismael Valenzuela, vice president of Labs, Threat Research and Intelligence at Arctic Wolf, notes that in 2024, 77% of Singaporean organisations reported experiencing a security breach, underscoring the high prevalence of cyber incidents in the region.
Human expertise is still essential - for now
While there is growing enthusiasm for automated cybersecurity solutions, the reliance on skilled security professionals remains strong.
The presence of human expertise is deemed critical for effective security management, particularly when it comes to making key decisions in response to complex threats.
A recent study conducted by Kaspersky highlights that 50% of companies worldwide cite strengthening cybersecurity as their primary reason for establishing SOCs, reflecting a common trend among Singaporean firms as well.
Why set up own SOCs
In Singapore, 43% of companies aim to enhance their cybersecurity protection as the main driver for developing SOCs. Additionally, optimising cybersecurity budgets (40%) and improving response times (38%) are significant motivators.
Other considerations include the need for comprehensive security due to the increase in software, endpoints, and user devices, as well as meeting regulatory requirements.
Larger enterprises tend to express a greater need for these measures, illustrating the varying pressures faced across organisational sizes.
"A well-built SOC that integrates and adapts technology in appreciation of varying organisational needs becomes particularly crucial, as it will not only help to bolster companies’ cybersecurity resilience, but also enhance efficiencies to sharpen their competitive edges," notes Adrian Hia, managing director for Asia Pacific at Kaspersky.
Continuous monitoring is number one
Among the functions that Singaporean organisations plan to implement in their SOCs, 24/7 security monitoring is paramount, with 64% emphasising the need for constant vigilance.
This commitment to round-the-clock monitoring aims to facilitate early detection of anomalies, preventing escalation of potential threats. Continuous oversight not only enhances cybersecurity resilience but also underscores a strategic focus on proactive threat management.
Human analysts pushing preferences
The integration of advanced technologies is essential for the functionality of SOCs, but the emphasis on human analysts remains evident.
Singaporean organisations show a preference for technologies such as Extended Detection and Response (43%) and Threat Intelligence Platforms (38%).
These solutions automate data collection and reduce operational burdens, yet they still rely heavily on skilled personnel for contextualising data and making informed decisions.
Bottom line
Based on Gartner’s 2026 predictions, the SOC is undergoing a massive transformation, shifting from manual, reactive processes to agentic, AI-driven, and resilient operations.
By 2026, AI-based decision support will be present in 50% of SOCs, and AI-powered security platforms will be essential to manage the expanding attack surface.
As Singaporean companies increasingly recognise the importance of building robust SOCs, the balance between technology and human expertise becomes crucial.
A well-structured SOC not only fortifies cybersecurity measures but also enables organisations to improve their operational efficiency, ultimately sharpening their competitive edge in a rapidly changing digital environment.
