When a company suffers a major cyberattack, the security operations center (SOC) turns into a furnace. Engineers analyze logs, run KQL queries, and contain network hosts in an emergency. But alongside this technical battle, a second crisis is playing out at the management level: that of communication.
The Management Committee (Comex) and general management (CEO) have a vital need to understand the situation to make strategic decisions and manage crisis communication. Unfortunately, the technical language of raw Microsoft Defender logs is completely incomprehensible to non-technical profiles. Find out how the concept of“Double Discourse” powered by AIresolves this communication breakdown.
The semantic divide between engineers and decision-makers
In the midst of incident management, if the IT security manager (CISO) appears before his General Manager and announces:
"We detected suspicious asynchronous execution in the tableDeviceProcessEventsinvolving aInitiatingProcessFileNametypewinword.exewho called a tokenrevokeSignInSessionsvia the Graph API", the Director General has no idea of the real seriousness of the situation.
This semantic divide generates two critical problems in crisis management:
- Waste of time:The CISO or IT director spends precious minutes trying to manually write an email or a popular report for his management, thus neglecting technical supervision and coordination of active remediation.
- Lack of understanding of business risks:If the report is too complex, management may underestimate the threat (and refuse permission to isolate a critical production server) or, conversely, panic and order a complete shutdown of the company's economic activity without absolute necessity.
Akuity's innovation: Double Speech automated by AI
To bridge this linguistic gap and instantly align the technical team and the decision-making team, the Akuity SOC Ticket Panel natively integrates dual-spectrum information synthesis logic, powered by Google Gemini artificial intelligence.
As soon as a Microsoft Defender incident is ingested by the platform, the AI automatically generates two very distinct reading levels within the analysis tab:
The Raw Engineer Report (Technical Level)
This section brings together all the surgical data essential for N2/N3 analysts. It lists in a structured way the processes involved, decodes the obfuscation of scripts, analyzes the reputation of Indicators of Compromise (IOCs) via AlienVault OTX and presents the MITER ATT&CK execution trees. This is the technical guide to the counterattack.
The Clear Comex Summary (Managerial Level)
Placed at the top of the panel for immediate visibility, this summary translates the raw Microsoft JSON payload into business impact language, devoid of technical jargon.
For the example cited above, the AI will write:"An employee opened a malicious Word document received by email. The system detected and blocked an attempt to hack their Microsoft 365 account aimed at stealing their identity. The workstation was identified and placed under surveillance."
Smooth communication, even in multi-tenant mode (MSSP)
For managed service providers (MSSPs), this functionality is a major competitive advantage. When processing an alert on a customer's Tenant, the MSSP analyst can instantly copy and paste the Comex Summary generated by Akuity to notify the customer of the incident via email or messaging channel, without wasting time writing.
In addition, the interface respects the language preferences configured in the global settings (French, English, German), the summaries automatically adapt to the language of your interlocutor.
Conclusion: Align technology and business
The success of modern cyber defense relies on the speed of technical action, but also on the clarity of strategic communication. By automating the translation of complex raw logs into clear decision-making reports for senior management, you eliminate internal political friction, facilitate emergency decision-making and strengthen the confidence of your Executive Committee.
Improve crisis communication within your organization.> Find out howAkuity SOC Double Speech AItransforms your technical logs into managerial summaries.