Research

Revio’s John Baird on AI’s Role in Boosting Sovereign SOC Capabilities

defaultno
Published Sep 5, 2025 in Type Community Interviews Authors Byron Connolly John Baird
Close

“I’ve had people say to me that SOC analysts will disappear, that we won’t need them in the future – it will all be done by AI.”

This is Revio Cyber Security’s CEO, John Baird, who says that future may still be a long way off. For now, AI is helping analysts at the organisations Australian Security Operations Centre do their jobs more effectively.

ADAPT’s data shows that SOC teams are overwhelmed by alert volumes, with 69% reporting burnout due to false positives. But they report that AI is increasingly automating event correlation, anomaly detection and log analysis, reducing the “noise” analysts face and shifting them away from manual threat monitoring.

When AI handles baseline monitoring, SOC analysts are freed up to focus on more creative tasks such as threat hunting, adversarial simulations and proactive defence.

AI is playing a significant role in strengthening the capabilities of Revio’s three-year-old SOC, which provides continuous monitoring, threat detection and incident response services to Australian enterprises.

Baird explains that, unlike other SOCs that focus on post breach response, Revio’s aims to keep organisations in the ‘prepare phase’ through threat assessments and evaluations that help them execute strong cyber plans. Its SOC looks not only for traditional indicators of compromise but also for signs of poor hygiene and risky human behaviour within organisations.

When data enters its data lake, a machine learning algorithm tags specific events as alerts. AI capabilities then gather additional information, review it and automatically add detail to incident tickets before promoting them up the list of priorities.

“That [the data] is then looked at by a real human who can respond more quickly. They’ve got the information at their fingertips, they know certain things are being done already and that’s where AI is helping them to handle more tickets, more quickly”, he says.

Revio has also developed a separate, in-house AI capability on a physically isolated machine, used to interrogate customer data securely.

“The most important thing about AI is that in 5 years, [we’ll] have 5 years’ worth of experience. On both fronts, we’re building up our experience to figure out how to best use AI. We’ve just released a new SOA (statement of applicability), and it’s being integrated into that SOA.

“So, when automation demands arise, they [analysts] can consult the AI, request clarification and come back with new ideas to integrate into their response actions”, he says.

Building the right level of AI experience remains a challenge for Revio. Staff have spent the past 12 months exploring what can be done using existing AI tools available in the market.

“We’re not going to develop a new model from scratch; that’s not our role. We’re using other people’s models. We need to figure out what they require, how to execute and connect them, what the answers mean and what their limitations are – what you can and can’t rely on.

“Then get them [the models] into the team, get the team testing and gathering feedback about when they hallucinate…when they run down the wrong rabbit hole and see how we can fine tune [them].”

Building a sovereign AI capability

Baird is a strong advocate for Australia developing its own sovereign AI capability, arguing that a local industry is essential for national security.

“It’s one of my passions…there’s no way we can secure Australia if we don’t have a local industry. We can’t just bring things in from offshore and hope for the best.”

Baird is also an adjunct fellow at Macquarie University in Sydney, which has worked with TAFE to develop micro-credential courses such as the SOC Analyst Bootcamp. These programmes are designed for students who haven’t come through the university system or who hold unrelated degrees, giving them hands-on experience with real-world tools in simulated environments.

Revio is also a signatory to the NSW Government’s alternative pathways program and has committed to ensuring that 20% of its staff come through this channel.

“We’ve got people without a background in computing…it’s actually proven to be a really good idea. These people bring a wonderful diversity of thought, and they come up with ideas, options and scenarios that you wouldn’t have thought about”, he says.

Byron Connolly Contributor Byron Connolly Head of Programs & Value Engagement
Byron is a highly experienced technology and business journalist, editor, corporate writer, and event producer. Prior to joining ADAPT, he was the... More

Byron is a highly experienced technology and business journalist, editor, corporate writer, and event producer.

Prior to joining ADAPT, he was the editor-in-chief at CIO Australia and associate editor at CSO Australia. He also created and led the well-known CIO50 awards program in Australia and The CIO Show podcast.

Byron creates valuable insights for our community of senior technology and business professionals that help them reach their organisational and professional goals. He has a passion for uncovering stories about the careers and personal philosophies of Australia’s top technology and digital executives.

When he is not working, Byron enjoys hot yoga, swimming, running, and spending time with his family.

Less
John Baird Contributor John Baird CEO at Revio Cyber Security
John Baird is renowned, highly experienced Australian technology leader with a background in various leadership roles in the financial services and cyber... More
John Baird is renowned, highly experienced Australian technology leader with a background in various leadership roles in the financial services and cyber security industries.
In addition to being the founder and CEO of Revio Cyber security, he currently serves as a member of the Australian Computer Society’s Cyber Security Technical Advisory Board and as an Adjunct Fellow of Macquarie University, assisting the Cyber Security Hub in designing courses to train students on how to become a cyber security analyst.
He has held previous leadership roles such as Chief Technology Officer for Deutsche Bank Australia, where he sat as a member of the bank’s operating committee; Vice President with Credit Suisse; Chairman of the AIIA Financial Services Special Interest Group.
He has also served as Chairman of the New South Wales Government ICT Industry Advisory Panel and chaired the independent advisory panel for the NSW government on Cyber Security for the Department of Finance. He is also currently a Board Member for the Australian Flying Doctors.
Less

You may also like

More in

ADAPT