Share this article on:
New research reveals nearly half of security incidents happen outside of traditional work hours, driving an ever more stretched industry to burnout.
A new survey has shown the need for 24/7 cyber security coverage as nearly half of all cyber attacks happen outside the traditional nine-to-five.
Arctic Wolf’s 2024 Security Operations Report analysed the data of over 6,500 organisations worldwide between May 2023 and April 2024. Arctic Wolf’s researchers were able to sift through 253 trillion observations during that period.
Unsurprisingly, the globally distributed world of cyber criminals and other threat actors don’t keep to traditional hours. Forty-five per cent of all attacks happen after hours, and 20 per cent occur on weekends, meaning that responding to a cyber security incident is difficult to simply “leave at work”.
Other statistics reveal the scale and nature of threats faced by cyber security professionals.
The amount of telemetry data to sift through, for one thing, can be overwhelming, with one alert generated for every 100 pieces of data observed. At the same time, the most common threat vectors for exploitation are core business platforms such as Windows 10 or Cisco IOS.
Nation-state actors add to the threat environment, particularly when it comes to manufacturing. According to Arctic Wolf’s data, 26 per cent of all alerts observed were hackers attempting to steal IP and other secret business information from entities in the manufacturing sector.
Phishing, too, has become a particular problem, and in one month alone – April last year – researchers observed a 500 per cent increase in phishing activity.
According to Mark Thomas, director of security services for Australia and New Zealand at Arctic Wolf, one of the answers to the problem is greater integration of artificial intelligence with security operations.
“With 75 per cent of cyber security professionals now experiencing burnout, coupled with the Right to Disconnect legislation, it’s vital we utilise existing tools such as AI to alleviate growing pressure on security teams. AI can provide 24/7 system monitoring and detection and, in doing so, can mitigate potential attacks in real time,” Thomas told Cyber Daily.
“Cyber security teams no longer have to spend hours manually analysing and prioritising alerts, allowing them to focus on more strategic tasks while also reducing the risk of alert fatigue.”
However, for this strategy to work, Thomas said proper training needs to be prioritised.
“All too often, organisations are quick to deploy these technologies like a shiny new toy without having a proper understanding of how to use them to their full potential,” Thomas said.
“Upskilling cyber security teams on how to use AI effectively will ensure organisations are maximising the protection and security it can provide.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.