Nearly half of security incidents occur outside of normal business hours, underscoring the need for continuous monitoring, according to Arctic Wolf’s 2024 Security Operations Report.

The report shows that despite record-high security budgets and an increasing number of security tools, the number of cyberattacks exceeds the resources used to prevent them. Arctic Wolf analyzed more than 250 trillion incidents and concludes that organizations are struggling to effectively manage their cyber risks from complex threats such as IT outages, critical vulnerabilities and attacks by state actors.

The analysis is based on the experiences of more than 6,500 organizations and includes best practices for improving security. A key conclusion is that 24/7 monitoring is essential, especially due to the increase in cloud applications. For example, 45 percent of security incidents occur outside of working hours.

Security tools and vulnerable sectors

Another problem facing organizations is the proliferation of security tools. Identity and access management (IAM) tools in particular generate many alerts. According to the report, seven out of ten indicators of security breaches relate to identity telemetry.

Notably, technology companies perform worst in terms of security, while regulated sectors such as finance and healthcare perform better. In addition, Microsoft’s commonly used applications are the most frequently targeted by attacks, highlighting the need to quickly identify and fix vulnerabilities.

Arctic Wolf’s Dan Schiappa emphasizes that while some organizations are effectively addressing these challenges, most do not have the resources to do so independently. The report offers concrete recommendations to improve security and be better prepared for ever-changing threats.