Systematic Literature Review: Challenges And Issues in the Adoption of SOAR Technology in Cybersecurity

Abstract

With the increase in the rate of cyber threats, such as ransomware, social engineering, and zero-day exploits, it is urgent to adopt new security mechanisms like Security Orchestration, Automation, and Response (SOAR) systems. The increase in cyber threats has not only amplified in frequency but also in sophistication. This escalation has forced organizations to rethink traditional defense strategies. SOAR has shown itself to be an important solution by automating repetitive tasks and helping security teams in focusing on strategic threat hunting as well as mitigation. The integration of AI and ML in SOAR frameworks helps in predictive analytics, in which systems can anticipate potential breaches based on pattern recognition from vast datasets. The role of blockchain is to enhance data integrity and help enable secure and decentralized threat intelligence sharing between stakeholders. This paper presents a systematic literature review (SLR) on recent advancements in SOAR technologies, especially the incorporation of artificial intelligence (AI), machine learning (ML), and blockchain; it also reviews case studies across various industry sectors, such as healthcare, finance, industrial control systems, and critical infrastructures, as well as the challenges facing SOAR adoption. By examining 29 studies from academic research, industry case studies, and technical reports, the review synthesizes methodologies, architectures, and performance outcomes to summarize the current state of SOAR systems. The research found that SOAR can significantly reduce incident response times and improve threat detection accuracy, with findings indicating that SOAR can lower response times by up to 80% compared to legacy systems, although implementation costs may reach as high as $5 million. Additionally, specialized personnel are still needed to operate these systems. The skills gap increases barriers to adoption, as few professionals possess expertise in cybersecurity as well as in automation tools. Future directions emphasize developing hybrid models that blend human intuition with machine efficiency for more robust defenses. Finally, the review discusses future research directions to help SOAR further scale, interoperate across platforms, and enable autonomous decision-making