Arctic Wolf Report: Threats Surge, Nearly Half of Incidents After Hours

Arctic Wolf, a global leader in security operations, published its 2024 Security Operations Report, which explores data and insights gathered from more than 250 trillion security events analyzed by the Arctic Wolf Platform over the past year. The report provides actionable insights for security leaders looking to leverage the security operations expertise of one of the largest security operations centers (SOCs) in the world.

Cyber Technology News : Obsidian Security Integrates with CrowdStrike for Faster SaaS Threats

With a growing number of security tools and vendors, and record high cybersecurity budgets, the frequency of cyber-attacks continues to outpace these investments. Coupled with other significant threats that organizations have faced over the past year such as widescale IT outages, thousands of new critical vulnerabilities, and the malicious efforts of nation-state actors, many organizations find themselves struggling to manage their cyber risk effectively. Based on real-world observations from more than 6,500 organizations, the 2024 Arctic Wolf Security Operations Report provides an unrivaled deep-dive into the modern threat landscape, arming organizations with the security operations best practices they need to achieve better security outcomes.

Key findings from the report include:

24×7 Coverage is key. Nearly half (45%) of security events now occur outside traditional working hours, highlighting how the mass adoption of cloud-based application requires organization to enable 24x7x365 security monitoring.
The sprawl of security tools overwhelms teams. Identity and access management (IAM) tools have become the leading source of alerts of security operations teams, with identity telemetry accounting for seven of the top 10 indicators of compromise during security events
Many industries remain under a constant attack. Technology companies have the worst average security posture of all industries examined, while highly-regulated industries like Banking, Legal, and Healthcare have the best overall security postures.
Leading business applications remain most targeted. Some of the most commonly used critical business software from Microsoft accounted for three of the top four applications most leveraged by attackers, underscoring the prevalence of cyber risk and the importance for IT and security teams to quickly identify and patch potentially devastating vulnerabilities.

“Organizations that embrace security operations are more secure, more resilient, and better able to adapt to the ever-evolving threat landscape — but the reality is that very few organizations have the expertise or resources to build such capabilities on their own,” said Dan Schiappa, chief product and services officer at Arctic Wolf. “The insights and recommendations in our Security Operations Report will allow readers to not only understand the challenges we collectively face as a cybersecurity industry – but also consider practical steps on how organizations can advance their security journey and fortify their defenses to better protect themselves from the evolving tools and tactics used by modern threat actors.”