Dan Lifshutz | March 31, 2017
My previous post, a recap of how Arraya spent our 2016, kept to the year’s highlights. While this new post will also look back at last year, I’d like to focus in on a single issue: cyber security. Unfortunately, doing so requires going back to some of last year’s lowest points. Despite all of the positive developments that took place in IT, those who work in technology may always associate 2016 with cyber security challenges due, in no small to part, to the rise of ransomware.
Here are just a few of the more alarming ransomware figures I’ve come across lately:
- 40% – Of the spam emails sent in 2016, 40% were believed to carry ransomware.
- $1 billion – Ransomware schemes aren’t only comparatively easy to execute, but they can also net cyber crooks sizeable payouts. Last year, they made roughly $1 billion for their efforts.
- 57% – Around 57% of businesses believe they’re too small to wind up a victim of ransomware, which sounds like a risky bet to make.
Ransomware may have been 2016’s biggest IT security story, but it wasn’t for lack of competition. Plenty of cyber security incidents that had nothing to do with ransomware grabbed headlines. There was Yahoo’s disclosure of two separate breaches, affecting a total of 1.5 billion users, which reduced its sale price to Verizon by $250M. Additionally, its board withheld bonus money and stock options to the CEO while firing its general counsel without severance pay. Hacking and breaches were also at the forefront of the race for the White House. Malicious insiders even managed to open the doors to the Department of Health and Human Services’ network, allowing cyber criminals to make off with the personal information of as many as five million people.
It seemed like cyber security – and cyber security shortcomings – were everywhere last year.
Finding peace of mind in a chaotic time
Cyber security is not a new concern for Arraya. Throughout the company’s history, Arraya has aligned itself with partners and vendors who share a similar commitment to customer safety and privacy. As cyber security threats continue to evolve, and the headlines become more prevalent, we decided to take a more strategic approach to security, moving beyond point solutions to enterprise security aligned with business objectives.
From this concept, Arraya’s new Cyber Security practice was born. Rather than focus on a specific partner, the intention is for this practice to straddle Arraya’s areas of expertise. Rather than looking only at tools and architecture, this practice will also focus on strategy, governance, compliance, incident response and vendor security. I see this in particular as a differentiator. Many companies do either consulting or systems. Few do both.
The person tasked with executing this vision is Tom Clerici, Arraya’s new Cyber Security Practice Director. Tom is someone I’m extremely excited for customers to meet. His record of accomplishment in cyber security is outstanding. Tom earned a Bronze Star Medal while serving as a Communications and Cyber Warfare Officer with the United States Air Force. After a seven-year stint with the Air Force, Tom went on to build the information security program for one of the country’s largest mortgage lenders from the ground up.
Last year proved to be a difficult one for many businesses in terms of cyber security, as the above stories and statistics indicate. By bringing someone with Tom’s credentials on board and creating a vision for vendor-agnostic cyber security, I believe Arraya is ready to be a leader in the move to a more optimistic and secure future.
Note: IT leaders looking to meet Tom and learn more about Arraya’s Cyber Security Practice can do so on April 13th at the Arraya Security Forum. During this free half-day event, Tom will present on three topics, starting with a look at how cyber crooks are pushing past corporate defenses and how those threats evolve based on industry. Following that, Tom will walk attendees through the “before, during, and after” of incident response. The day’s final discussion will be on bridging the gap between cyber security and business leadership.
Arraya’s Security Forum will be held at The Hub in Conshohocken, PA. Space is limited so reserve your spot today: arraya.rocks/events.