Monzy Merza, CEO of Crogl, sits down with CX Today to discuss Crogl’s 2026 State of SecOps Report. The report finds that enterprises face an average of 16 cyber attacks a year while receiving more than 4,000 security alerts per day. Merza explains that only a fraction of these alerts are investigated because analysts must manage many tools and understand a wide range of threat scenarios. This creates a workload that exceeds team capacity and slows investigations.
Merza notes that attack volume is rising and that agentic AI is increasing the speed and scale of offensive activity. He points to recent examples where single attackers used automated systems to breach large environments. Insider threats also remain a steady concern. He attributes this to the realities of large organizations where a small portion of users may act maliciously or be coerced, and where insider investigations can be more straightforward than tracking external attackers.
The conversation highlights how most organizations still rely on reactive metrics, such as alert closure times, which reflect activity after an incident occurs. Merza views this as a result of a young discipline that is still maturing. He suggests that teams will need to shift toward leading indicators and more predictive approaches. The interview also covers the mixed results from early AI adoption in security operations. Merza states that many tools rely on chat-style interfaces that do not shorten investigation times and often lack access to the necessary organizational data.
Trust and governance issues shape adoption as well. Many organizations are concerned about vendors using security data to train external AI models. Merza argues that trust, data protection, and clear processes are essential requirements. Looking ahead, he expects security teams to focus more on decision-making while AI handles repetitive procedures. He also anticipates continued alert growth as both defenders and attackers use agentic systems, which will require security operations centers to adjust their processes and defenses.
