Splunk GovSummit 2026: Closing the Structural Gap in AI-Driven Cyber Resilience

Digital resilience has shifted from a strategic aspiration to an operational requirement. In both the public and private sectors, we are navigating a high-stakes landscape of expanding attack surfaces, accelerated digital transformation plans, and the rapid adoption of AI.

Better Together: Powering Government Resilience

In the AI era, resilience depends on understanding what’s happening across complex, interconnected systems. Together, Cisco and Splunk uniquely combine deep network intelligence with real-time security and observability to give agencies a unified view of critical infrastructure across networks, applications, and data. This helps teams detect issues faster, understand impact clearly, and protect mission-critical services with confidence.

As digital environments become more distributed, the role of public sector practitioners (from SOC analysts to SREs and ITOps) has never been more vital. Today, at GovSummit 2026 in Washington D.C., attendees will hear how we are supporting these teams with:

• Resilience for AI and with AI: We are infusing AI across our portfolio to deliver simpler analyst experiences and integrated automation. This is AI that is auditable, transparent, and aligned with federal governance frameworks, with capabilities continuing to roll out in FedRAMP and GovRAMP authorized environments.

• Cisco Data Fabric: Splunk is powering the Cisco Data Fabric, an AI-ready, unified data architecture connecting distributed data, enabling federated analytics. This allows agencies to access and analyze data without moving or duplicating it, aligning with strict data residency and sovereignty requirements while keeping costs predictable.

• The Agentic SOC: We are redefining the next evolution of the SOC with AI-native workflows. These agentic capabilities help analysts detect and respond faster across distributed systems with less time switching between siloed tools.

• Agentic Observability: Splunk is delivering purpose-built solutions for agentic AI, so organizations can achieve end-to-end visibility to build, monitor and operate AI-powered systems with confidence.

While these innovations provide the roadmap for digital resilience, Splunk’s latest research, in collaboration with Foundry, reveals the structural hurdles facing both public and private sector leaders as they try to turn AI ambition into operational reality.

The Structural Gap: Ambition vs. Reality

Our research found that leaders want to move at AI speed, but their infrastructure is stuck in the past. Most leaders believe they can implement advanced security practices, yet most acknowledge that legacy systems limit their effectiveness.

Here are key findings from the report:

• Eighty-three percent of IT leaders admit that tech debt and legacy systems are impeding their cybersecurity efforts to at least a moderate extent. In this context, tech debt refers to aging legacy systems and end-of-life equipment that are no longer supported, upgraded, or patched by vendors.

• Ninety-four percent of respondents expect their reliance on AI to increase in the next 12 months, and 89% believe that AI can significantly improve their ability to defend against cyber threats.

• Only 37% of respondents said they can resume normal operations within six hours after a cybersecurity outage.

The AI Accelerator

Organizations that rely more heavily on AI-enabled tools report stronger resilience outcomes. They are not just faster; they are also more confident. These leaders are more likely to:

• Rate their cyber resilience as advanced
• Receive real-time or near-real-time alerts
• Initiate remediation faster
• Restore operations more quickly
• Express higher confidence in securing AI-enabled environments

Additionally, the use of both security orchestration, automation, and response (SOAR) and observability solutions is strongly associated with more advanced AI risk controls. Organizations that invest in this operational maturity are better positioned to translate AI insights into measurable resilience improvements.

Modernization is the Prerequisite for Zero Trust

While confidence in zero trust is high, visibility gaps persist. Currently, only 43% of organizations use SOAR, and only 47% use observability tools. Just 39% receive real-time or near-real-time alerts.

Without automation, real-time visibility, and infrastructure automation, zero trust remains aspirational. Digital resilience depends on unified visibility, integrated data pipeline, and automation at scale.

Closing the Structural Gap

Infrastructure modernization must move in lockstep with AI adoption and zero trust strategies. The organizations that successfully close the structural gap share several characteristics, including:

• Observability and SOAR maturity that supports AI-driven insights.
• Integrated data pipelines enabling real-time visibility.
• Automation that accelerates response and remediation.
• Operational metrics that validate resilience performance.
• Modernization initiatives that are aligned with security strategy.

Public and private sector organizations face systemic structural challenges, and those that unify visibility and operationalize AI will be better positioned to reduce risk, accelerate response, and strengthen resilience.

For more information, please visit the Splunk website.

About the Research

Foundry conducted an online survey, sponsored by Splunk, among 201 U.S.-based respondents in IT management and IT/data security management roles, with an even split between the public and private sectors. The average organization size was 5,684 employees. The survey was conducted in January 2026.