MCP: From C-Suite to NOC

For years, the data inside your security and network tools has only been useful to engineers. The Model Context Protocol (MCP) changes that — one open standard lets AI talk to your entire stack, giving executives plain-English answers and giving your NOC and SOC the speed to match the volume of threats they face.

Jack Riebel
Jack Riebel April 2026
2,992 Alerts/Day per SOC
82% Faster Incident Response
4.8M Unfilled Security Positions
97M Monthly MCP SDK Downloads
$1.9M Saved per Breach with AI
Sources: Vectra AI · ISC2 · IBM · Anthropic

What Is MCP?

The Model Context Protocol is an open standard — created by Anthropic in late 2024 and now governed by the Agentic AI Foundation (AAIF) under the Linux Foundation — that gives AI models a single, universal way to connect to any tool.

The easiest way to understand MCP is to think about USB-C. Before USB-C, every device needed its own cable — Lightning for your iPhone, Micro-USB for your headphones, a barrel connector for your laptop, something proprietary for your camera. Your drawer was a mess of incompatible cables. USB-C replaced all of that with one universal standard. MCP does the same thing for AI integrations.

Now Apply That to AI

5 AI models. 6 enterprise tools. Toggle to see what one standard changes.

AI Models Your Tools MCP

Without MCP, every AI model needs its own custom integration to every tool in your stack. Five AI models times six tools equals 30 bespoke connectors to build and maintain. With MCP, Claude, GPT, Gemini, Llama, and Mistral already have built-in MCP support — so you just stand up one MCP server per tool. Six servers for Splunk, ThousandEyes, ServiceNow, XDR, Duo, and Webex — and every AI model can use all of them instantly.

How it works in practice: MCP uses a client-server architecture. Each tool vendor publishes an MCP "server" — a lightweight wrapper that exposes the tool's capabilities through a standardized interface. AI applications run MCP "clients" that discover and connect to these servers. The protocol defines three primitives: tools (actions the AI can execute), resources (data the AI can read), and prompts (reusable interaction templates). A single MCP server for Splunk can be used by Claude, GPT, Gemini, Llama, Mistral, or any other AI model without modification — the same way a USB-C cable works regardless of which device you plug it into.

And here's what makes this practical at scale: when you connect to a published MCP server like ThousandEyes or Splunk, there's no ongoing maintenance on your side. When the vendor updates their product or adds new capabilities to their MCP server, those changes happen on the product side — your environment stays untouched. You connect once and stay current automatically. No new integrations to build. No updates to manage. No additional headcount required.

That's the theory. But what does it actually mean for your organization? Let's start with the outcome that affects every level of leadership — and then dig into the operational problems MCP solves on the ground.

Beyond the NOC: MCP as a Business Intelligence Layer

MCP doesn't just make engineers faster. It turns tools that only technical teams could use into intelligence sources that anyone in the organization can tap into.

Right now, your network and security teams sit on a goldmine of real-time data — how your applications are performing, which offices are having issues, how your users are actually experiencing the technology you've invested in. But that data lives inside tools like Splunk, ThousandEyes, and Catalyst Center — platforms with interfaces designed for engineers. If you're not the person who knows how to write a search query or read a network map, that data might as well not exist. MCP changes that by letting AI do the translating.

Picture this: a CTO asks their AI assistant, "How is the new AI platform rollout going across our regional offices?" Behind the scenes, the AI pulls ThousandEyes test results to check application performance and availability at every office running the new platform. It looks at usage logs to see how many people are actually using it and whether they're hitting errors. It checks the help desk for any open support tickets. Then it comes back with a plain-English answer: "The rollout is live in 14 of 18 offices. ThousandEyes is showing elevated response times in three sites — Dallas, Munich, and Singapore. Usage is at 73% of where we expected it to be. Two support tickets are open for the Singapore office."

No dashboards to learn. No asking an engineer to pull a report and send it over by end of day. The executive just asks a question and gets an answer — pulled from the same systems the technical team uses every day.

This works for anyone in the organization. A VP of Sales asks "Which regions had the most customer-impacting issues last quarter?" and gets an answer in seconds. A CFO asks "What's our infrastructure cost per active user by region?" and the AI pulls the numbers from billing, usage data, and network performance in one pass. A CISO asks "Are we meeting our compliance requirements across the systems that handle sensitive data?" and gets a cross-platform answer instead of waiting weeks for a manual audit.

This is the bigger story. MCP doesn't just save your operations team time — it turns the data they already collect into a strategic asset that the entire leadership team can use. The tools don't change. The data doesn't change. What changes is that anyone can now ask a question and get an answer, regardless of their technical background.

Why NOCs and SOCs Are Drowning

The security operations center was designed for a world with fewer tools, fewer alerts, and more people. That world no longer exists.

Here's what a typical SOC looks like today: an analyst sits in front of 2,992 alerts per day (Vectra AI, 2026 State of Threat Detection). Not per team — per analyst. Of those, 63% will never even get looked at (Vectra AI 2026). The false positive rate is staggering — Microsoft and Omdia's 2026 State of the SOC report puts it at 46%, and the SANS Institute's 2025 Detection & Response Survey found that 73% of organizations cite false positives as their top challenge (Microsoft/Omdia 2026; SANS 2025). The signal-to-noise ratio is brutal, and it's getting worse.

Meanwhile, the tools designed to help have created their own problem. A small company runs around 15 security and network tools. Large enterprises with 10,000+ employees average 46 (VentureBeat 2025). Every one of those tools — your SIEM, network monitor, endpoint protection, identity platform, ticketing system — has its own console, its own alert format, its own login. Analysts toggle between applications roughly 1,200 times per day (Harvard Business Review 2022), and research shows it takes 9.5 minutes to regain full focus after each switch (Qatalog/Cornell University). That means about 40% of an analyst's productive time evaporates into context switching — costing U.S. businesses an estimated $450 billion annually (Moveworks).

Alert Fatigue

SOC analysts face thousands of alerts daily — most are noise

Tool Sprawl by Organization Size

More tools doesn't mean better security — it means more context switches

And then there's the staffing crisis. The global cybersecurity workforce gap hit 4.8 million unfilled positions in 2025, growing 19% year over year (ISC2, 2025 Cybersecurity Workforce Study). Of the analysts who are working, 71% report burnout (Tines, Voice of the SOC Analyst) and 64% say they're likely to change jobs within the year (Tines/Dark Reading). Organizations with severe staffing shortages pay an extra $1.57 million per breach compared to those with adequate teams (IBM, 2025 Cost of a Data Breach).

For executives, this isn't an IT problem — it's a business risk problem. Every unfilled position is a gap in your security posture. Every burned-out analyst who quits takes institutional knowledge with them. Every alert that goes uninvestigated is a potential breach that could cost millions and land in a board presentation. The people protecting your organization are overwhelmed, understaffed, and working with tools that make their jobs harder instead of easier. That's the environment MCP walks into.

What MCP Changes

MCP doesn't replace your tools — it connects them. Here's what that looks like in practice.

Consider a typical security incident. Today, an analyst has to hop through seven different tools: check Splunk for alerts, validate traffic in ThousandEyes, inspect endpoints in Cisco XDR, verify credentials in Duo, create a ticket in ServiceNow, research context in a knowledge base, and notify the team on Webex. Based on the average 9.5-minute refocus time per tool switch (Qatalog/Cornell), that's roughly 67 minutes and seven context switches — each one breaking focus and adding latency.

With MCP, an AI agent can query all of those tools simultaneously through a single protocol. The analyst gets a correlated summary in about 8 minutes, reviews it, approves the action, and closes the incident. Total time: 12 minutes. That's an 82% reduction. The human stays in the loop for decision-making — the AI handles the tedious cross-referencing that burns time and attention.

Incident Response: Before vs. After MCP

Without MCP — 67 minutes

1
Splunk — Check alerts ~10 min
2
ThousandEyes — Validate traffic ~10 min
3
Cisco XDR — Check endpoints ~10 min
4
Cisco Duo — Verify credentials ~8 min
5
ServiceNow — Create ticket ~10 min
6
Knowledge Base — Research context ~10 min
7
Webex — Notify team ~9 min
Total: 7 tool switches • 67 minutes

With MCP — 12 minutes

1
AI Agent (via MCP) — Correlates all sources automatically ~8 min
2
Human Review — Approve action & close ~4 min
Total: 2 steps • 12 minutes • 82% faster

The financial impact is well-documented. Organizations using AI and automation extensively saved $1.9 million per breach and resolved incidents 80 days faster than those without (IBM, 2025 Cost of a Data Breach Report). That's nearly $2 million in reduced costs per major incident, and almost three months of reduced exposure window. Across industries, AI-assisted operations cut mean time to resolution by roughly a third.

Yet most of that value is still untapped. AI can theoretically automate 75-95% of common NOC/SOC tasks — log analysis, alert triage, config validation, traffic monitoring — but actual adoption sits between 12% and 35% depending on the task (Anthropic Economic Index; industry estimates). The gap between what's possible and what's deployed is where the ROI lives, and MCP is the fastest way to close it.

And MCP's value extends well beyond incident response. An AI agent connected to the Splunk MCP server can run natural-language searches across your security logs — "show me all failed login attempts from external IPs in the last 24 hours" — without anyone writing a line of SPL (CiscoDevNet — Splunk MCP server). The ThousandEyes MCP server can run on-demand tests, detect anomalies in network performance, and trace the full network path when a remote office reports slow application performance (CiscoDevNet — ThousandEyes MCP server). Cisco's SD-WAN community MCP server exposes 39 tools for managing your overlay network through AI. When these servers work together through a single protocol, workflows that used to take hours of cross-referencing across separate consoles can be correlated in minutes.

The speed tax is real
Financial services lose $1.5 million per hour of downtime. Healthcare loses $636K. Even energy and utilities lose $250K (Erwood Group 2025; industry estimates). Every minute shaved off incident response directly translates to dollars saved — and MCP is how you shave those minutes.

MCP Is Already Everywhere

In just 16 months, MCP went from an Anthropic side project to a Linux Foundation standard adopted by every major AI platform.

Every major AI platform — OpenAI, Google, Microsoft, AWS — adopted MCP within its first year. By December 2025, Anthropic donated the protocol to the Linux Foundation, co-founding the Agentic AI Foundation with Block and OpenAI (AAIF, Dec 2025). SDK downloads hit 97 million per month (npm + PyPI, Dec 2025).

SDK Downloads: 0 to 97 Million Monthly

Monthly npm + PyPI downloads of MCP SDKs

MCP Adoption Timeline

From side project to industry standard in 16 months

Sep 2024
SDKs Created
Python & TypeScript repos on GitHub
Nov 2024
Public Launch
Anthropic launches MCP as open standard
Feb 2025
5M Downloads
1,000+ community servers built
Mar 2025
OpenAI Adopts
“People love MCP” — Sam Altman
Apr 2025
Google Adopts
Gemini models get MCP support
May 2025
Microsoft
Windows 11 + Azure integration
Nov 2025
AWS Joins
Open-source MCP servers published
Dec 2025
Linux Foundation
MCP donated to AAIF governance

The enterprise results are already showing up. Block reports employees saving 50-75% of their time on common tasks using an MCP-powered AI agent called "Goose" that connects to GitHub, Jira, Snowflake, and Slack through a single interface — and Block co-founded the AAIF to help govern the standard (Block / AAIF). Bloomberg deployed MCP across roughly 9,000 engineers, migrating from an internal protocol and collapsing what used to take days of integration work into minutes (Bloomberg Engineering). Cisco has shipped official MCP servers for Splunk and ThousandEyes — enabling AI agents to run SPL queries, monitor network paths, and detect anomalies across Cisco's observability stack — with additional community servers for SD-WAN, XDR, Meraki, and Firewall Management Center (CiscoDevNet; Cisco blogs). And AWS has published prescriptive deployment guidance and open-source MCP servers for anyone to use (awslabs/mcp).

Beyond the tech giants, companies like Atlassian, Figma, Asana, and Cloudflare have all built or adopted MCP servers. The ecosystem now includes thousands of community-built MCP servers across multiple registries (MCP Registry; PulseMCP). Official SDKs are available in 10 languages — TypeScript, Python, C#, Go, Java, Rust, Swift, Ruby, PHP, and Kotlin (modelcontextprotocol.io).

Yet the broader market has barely started. Census Bureau data shows that even the most AI-forward sectors — publishing at 36% and information services at 27% — have massive room to grow. Manufacturing sits at 7%. Retail at 5%. Construction at 3%. The overall rate of AI in production across all U.S. industries is just 10% (U.S. Census Bureau, Business Trends & Outlook Survey, Sep 2025). The infrastructure is ready. The adoption hasn't caught up yet.

The Window Is Open — But Not for Long

90% of enterprises haven't started with AI in operations. The analysts say that changes fast.

The forecasts from Gartner and Forrester paint a clear picture of where this is heading. By the end of 2026, Gartner expects 30% of enterprises to be automating more than half their network activities — up from under 10% in 2023. They also predict 40% of enterprise apps will include task-specific AI agents, up from under 5% today. Looking further out, 70% of enterprises will deploy agentic AI for IT operations by 2029 (Gartner, 2025–2029 predictions). On the vendor side, Forrester projects 30% of enterprise app vendors will ship MCP servers by the end of this year, and tech leaders are tripling their AIOps investments to combat rising technical debt — 75% of which is expected to reach moderate-to-high severity by 2026 (Forrester, 2025–2026 predictions).

But here's the uncomfortable number: Gartner estimates that only 6% of organizations today have the maturity to handle this shift (Gartner). That means 94% are either not prepared or haven't started. If you're reading this, you have a window — but it's the kind of window that closes quickly once your competitors start moving.

A common objection is security. MCP addresses this at multiple layers: the protocol itself enforces human approval for sensitive actions, OAuth 2.1 authentication, and fine-grained permission scoping. Cisco's open-source MCP Scanner scans servers before integration to catch tool poisoning and over-privileged permissions (cisco-ai-defense/mcp-scanner). At runtime, Cisco AI Defense monitors every MCP request and response, while Duo maps each AI agent to an accountable human owner with time-bound permissions — Zero Trust extended to agentic workloads (Cisco, 2026). Cisco is also a founding partner of Anthropic's Project Glasswing, a collaboration with AWS, Apple, Google, Microsoft, and others to secure critical AI infrastructure (Anthropic, 2026). The security tooling is real and it's maturing fast.

That said, I want to be straightforward about where MCP is today. The standard is young — less than two years old. Official MCP servers exist for Splunk, ThousandEyes, and a growing list of platforms, but coverage isn't universal yet. Many of the community-built servers are early-stage and should be vetted before production use (which is exactly what the MCP Scanner is for). The protocol spec itself is still evolving — the latest update added OAuth enhancements and structured content support. And while the security architecture is solid, your organization still needs to do the work of defining agent permissions, mapping them to your existing access policies, and deciding which actions require human approval. MCP isn't a magic switch. It's infrastructure — and like any infrastructure, it requires thoughtful deployment. But the foundation is here, the ecosystem is accelerating, and the organizations that start building on it now will have a significant head start.

What You Should Do Next

For Network & Security Leaders

  1. Start with one MCP use case — Alert triage with Splunk, network monitoring with ThousandEyes, or threat detection with XDR. Official MCP servers are available today with no custom integration required
  2. Scan before you connect — Run Cisco's open-source MCP Scanner on any server before integrating it. Treat your AI supply chain with the same rigor you'd apply to any new vendor
  3. Define your agent permissions early — Map MCP tool access to your existing RBAC policies. Decide which actions require human approval before you deploy, not after

For Executives

  1. Your tools already have the data — MCP lets you get plain-English answers from ThousandEyes, Splunk, and ServiceNow without waiting for an engineer to pull a report
  2. 94% of your competitors haven't started — Only 6% of organizations have the maturity for this shift. The window is open but closing fast
  3. Platform consolidation + MCP = force multiplier — Fewer platforms, one protocol, AI agents that work across all of them

MCP isn't a product you buy — it's an open standard you adopt. The protocol is free. The SDKs are free. The MCP Scanner is free. The barrier to starting is near zero. The risk of waiting is not.

Methodology & Sources

Vectra AI

"2026 State of Threat Detection"

Survey of SOC practitioners on alert volumes, false positive rates, and tool sprawl. N=2,000+ security professionals.

Alert fatigue, tool sprawl data

IBM

"2025 Cost of a Data Breach Report"

Annual global study of breach costs across 604 organizations in 17 countries. 20th edition.

Breach costs, AI savings, lifecycle data

ISC2

"2025 Cybersecurity Workforce Study"

Global survey of 15,000+ cybersecurity practitioners on workforce gaps, burnout, and career outlook.

Workforce gap, burnout, retention

Census Bureau

"Business Trends & Outlook Survey (BTOS)"

Federal statistical survey of AI adoption across U.S. business sectors. September 2025 wave.

Enterprise AI adoption by sector

Anthropic / AAIF

"MCP Specification & Ecosystem Data"

Official MCP GitHub repositories, npm/PyPI download statistics, and Agentic AI Foundation governance documents.

MCP growth, SDK downloads, adopters

Gartner / Forrester

"Analyst Predictions 2025–2029"

Published predictions on AI agent adoption, AIOps growth, and MCP ecosystem expansion.

Market forecasts

HBR / Qatalog / Moveworks

"Context Switching Research"

Harvard Business Review 2022 (app toggles), Qatalog & Cornell University (refocus time), and Moveworks productivity studies on cognitive overhead.

Context switching, productivity loss

SANS Institute

"2025 SOC Survey"

Annual survey of SOC operations, detection and response capabilities, and analyst challenges.

False positive rates, SOC operations