In today’s digital landscape, most business leaders prefer to receive cybersecurity alerts on an automated basis to stay informed about potential threats. However, there is currently no regulation that requires these alerts to be delivered strictly within business hours.
Cyberattacks, as we know, don’t follow a predictable pattern. They can strike at any time—morning, evening, night, or even on weekends.
As threat actors are not bound by the constraints of the 9-to-5 workday, making it difficult for organizations to ensure continuous monitoring and response.
The 2025 Security Operations Report released by Arctic Wolf sheds some light on this challenge. According to the report, of the 8.6 million security alerts generated by its Aurora Platform, a significant portion—51%—were triggered outside of traditional business hours. These incidents predominantly occurred during late-night hours or over weekends, when IT staff, the primary defenders against such attacks, are often reduced in number.
This timing discrepancy is more than just an inconvenience. It creates a situation where the ability to quickly address and mitigate cybersecurity threats is severely compromised. With fewer staff available to respond to alerts during these off-hours, the speed at which risks can be neutralized is greatly reduced. As Dan Schiappa, President of Technology and Services at Arctic Wolf, aptly puts it, the unpredictability of cyberattacks, combined with the rapid pace at which they occur, places immense pressure on those responsible for safeguarding an organization’s security, such as security specialists, Chief Information Officers (CIOs), and Chief Technology Officers (CTOs).
The analysis from Arctic Wolf further highlights that certain sectors, including education, healthcare, and manufacturing, have been the most frequent targets of cyberattacks over the past few years. In many of these cases, vulnerabilities were traced back to outdated software and hardware infrastructure that had not been sufficiently upgraded. Unfortunately, these sectors often face significant financial constraints that hinder their ability to make the necessary updates or replacements.
Given these challenges, the recommendation for businesses is to adopt cybersecurity solutions that are both proactive and automated. Proactive measures aim to identify and neutralize threats at the earliest stage, ideally before they can escalate into more serious issues. Automation, on the other hand, minimizes or even eliminates the need for human intervention in threat detection and mitigation, ensuring that cyber risks are addressed promptly, regardless of whether it’s during business hours or not. This dual approach is critical for enhancing an organization’s ability to protect itself in an era where cyber threats are both unpredictable and relentless.
