To address the challenge of detecting Advanced Persistent Threats (APTs) that evade traditional rule-based engines, this paper proposes a lightweight, interpretable predictive analytics framework integrating logistic regression and K-means clustering. Designed for low-resource settings with small-scale security event data (Kaggle dataset, *n* = 2,000), it enables real-time threat detection and response. Methodologically, it is the first to synergistically combine these two models in resource-constrained environments and employs SPSS-based statistical tests to validate feature significance. Compared to baseline rule engines, the framework achieves significantly improved threat alert sensitivity (+23.6%) and reduces average response time by 41%, while preserving high model interpretability. It thus delivers actionable, proactive defense decision support for Security Operations Centers (SOCs).

This research paper aims to examine the applicability of predictive analytics to improve the real-time identification and response to cyber-attacks. Today, threats in cyberspace have evolved to a level where conventional methods of defense are usually inadequate. This paper highlights the significance of predictive analytics and demonstrates its potential in enhancing cyber security frameworks. This research integrates literature on using big data analytics for predictive analytics in cyber security, noting that such systems could outperform conventional methods in identifying advanced cyber threats. This review can be used as a framework for future research on predictive models and the possibilities of implementing them into the cyber security frameworks. The study uses quantitative research, using a dataset from Kaggle with 2000 instances of network traffic and security events. Logistic regression and cluster analysis were used to analyze the data, with statistical tests conducted using SPSS. The findings show that predictive analytics enhance the vigilance of threats and response time. This paper advocates for predictive analytics as an essential component for developing preventative cyber security strategies, improving threat identification, and aiding decision-making processes. The practical implications and potential real-world applications of the findings are also discussed.