Arctic Wolf, a security operations company, published its 2024 Security Operations report. This document explores data gathered from over 250 trillion security events that were analyzed by the Arctic Wolf platform over the past year. The report provides actionable insight for security leaders looking to leverage the security operations expertise of the SOC.
Based on real-world observations from more than 6,500 organizations, the survey provides a deep-dive into the modern threat landscape, helping arm organizations with the security operations best practices needed to achieve improved security outcomes.
Key findings include:
- 45 percent of security events occur outside traditional working hours.
- Identity telemetry accounted for seven of the top 10 indicators of compromise during security events.
- Tech companies have the worst average security posture of all industries, while highly-regulated ones such as banking, legal and healthcare have the best.
- Commonly used, critical business software from Microsoft accounted for three of the top four applications most leveraged by attackers.
“Organizations that embrace security operations are more secure, more resilient, and better able to adapt to the ever-evolving threat landscape — but the reality is that very few organizations have the expertise or resources to build such capabilities on their own,” said Dan Schiappa, chief product and services officer, Arctic Wolf. “The insights and recommendations in our Security Operations Report will allow readers to not only understand the challenges we collectively face as a cybersecurity industry – but also consider practical steps on how organizations can advance their security journey and fortify their defenses to better protect themselves from the evolving tools and tactics used by modern threat actors.”