Most small and medium-sized enterprises today face the same question: should they aim to cover all requirements comprehensively, or is there a “minimum” that remains acceptable from both a regulatory and a practical business perspective? This dilemma is becoming increasingly relevant in the context of new regulatory frameworks that significantly expand organizational obligations in cybersecurity.

Cybersecurity is no longer a concern limited to large organizations. According to available data, nearly half of SMEs have already experienced some form of cyber incident, highlighting that the risk is both real and widespread.

Another timely question is entering the discussion: can L1 SOC functions in practice be replaced by AI? Automation and AI are already capable of effectively handling a large portion of routine detection and triage activities, reshaping both the economics and expectations of security teams. The question remains, however, whether this represents a full replacement or rather a shift in the human role toward oversight, interpretation, and the handling of more complex incidents.