The Tuesday-night alert is where the money leaks
Picture a tier-one analyst at a 60-person managed security shop at 9 p.m. An EDR alert fires for a client. Before they can even decide if it matters, they're tabbing between the SIEM, the ticketing queue, last week's handoff notes, and a client-specific runbook that lives in a Confluence page someone updated in March. The triage takes four minutes; the context reassembly took eleven. Multiply that across hundreds of alerts a night and every client a multi-tenant firm runs, and you can see exactly where capacity disappears. The RSM middle-market AI survey shows mid-market firms moving on AI quickly, but a security provider can't move the way an ecommerce shop moves. The whole product is trust.
So the first use case is not autonomous response. It's not an agent that closes tickets. It's context assembly for a human who still makes every call. The strongest first candidates are narrow and reviewable: alert enrichment that pulls the relevant client baseline next to the alert, ticket summaries an analyst confirms before they send, draft client-incident notes, and search across approved runbooks so a tier-one isn't guessing at a tier-three's tribal knowledge during a shift handoff. Each of these compresses the eleven minutes, not the four. The judgment stays where it belongs.
Before you pick, watch where your own analysts repeat themselves. Mapping the manual work worth fixing usually surfaces the same answer in a security shop: people keep re-gathering identical context from SIEM notes, EDR alerts, ticket comments, and per-tenant playbooks. That repetition is the use case.
For a security firm, the data boundary IS the use case
Here's what separates this decision from the same decision at a manufacturer or a law firm: you handle other companies' security telemetry. A summarization assistant that's careless about tenant boundaries doesn't just leak data — it puts Client A's indicators of compromise in front of an analyst working Client B's account, and now you've manufactured the exact breach you're paid to prevent. So data control isn't a compliance afterthought you bolt on later. It's the first scoring criterion, ahead of accuracy and ahead of speed.
Score every candidate workflow against it before you build anything. The CISA AI data security best practices guidance is explicit about systems that touch sensitive operational data, and the NIST AI Risk Management Framework gives you the governance scaffolding to write it down: which sources the model may read, hard tenant isolation, retention limits, who reviews output, what gets logged, and a flat list of what may never be sent to any external model or tool. If a workflow can't answer all of those cleanly, it's not your first one — pick a different one.
Map each assistant to your existing operating model rather than standing up a parallel channel. The NIST Cybersecurity Framework 2.0 functions — identify, protect, detect, respond, recover — are a fair test: a ticket-summary tool should make your detect-and-respond cadence tighter, not create a shadow workflow nobody governs. And put the numbers in an honest ROI model. Measure analyst rework eliminated, faster ticket prep, cleaner handoffs, fewer client-report revisions. Don't book "savings" until that reclaimed time is actually redeployed to higher-tier work or shows up as a service-quality lift a client can feel.
Earn the right to automate before you automate
The temptation in a security shop is to skip straight to the agent that triages and closes alerts on its own. Resist it until you've earned it. The Gartner agentic AI forecast projects that more than 40% of agentic AI projects get canceled by the end of 2027 — usually because cost, value, data quality, or controls were never nailed down. In a firm whose entire value proposition is accountability, an autonomous action that misfires on a client tenant isn't a project failure, it's a reputation event. The bar before any autonomy: one assistant workflow running in production, with a named owner and a clean audit trail, for long enough that you trust it.
The reason the boring assistant beats the ambitious agent is that value tracks process change, not model capability. The Deloitte State of AI report keeps landing on the same point. For a security-services firm the process change is concrete and small: approved context in, analyst-reviewed output out, escalation paths unchanged, and no client-facing word that didn't pass a human first. Run that for a quarter and you'll know whether your tenant isolation, your runbook hygiene, and your analyst adoption actually hold up.
If you want to know whether you're ready before you build, start with the SMB AI readiness assessment — it pressure-tests your governance, data access, workflow clarity, and adoption discipline against what a production security workflow demands. Then build the sequence deliberately: map the roadmap so the safe assistant ships first and the agent waits behind the maturity gate it has to clear.
