The Arraya Blog

Here’s an encouraging stat: Nearly all (99%) of email-based threats like phishing are totally harmless in and of themselves. In order to become dangerous, they require some type of user interaction, whether that’s clicking on a link, opening an attachment, etc. Yet, email remains a highly popular and lucrative attack vector. In fact, phishing ranks […]

No entity, no matter the size, can afford cyber security blind spots. The recent string of ransomware attacks targeting local governments has underscored that point. Hackers have gone after major cities like Baltimore and they’ve hit places the average person is less familiar with, like Lake City, FL. Despite the risks, many small-to-midsized municipalities, businesses, […]

Raise your hand if you’ve heard someone describe Microsoft as a “security company” at some point in the last few years. We can’t say for sure – maybe because your Microsoft desktop is so secure – but we’re guessing there are plenty of hands in the air. We get it. Given cyber security’s status as […]

These days, everybody is looking for a cyber security silver bullet. Organizations want something flashy, new, and most importantly, capable of besting any threat or malicious actor that may cross its path. TACACS+ is none of those things. In truth, that perfect cyber security cure-all may never materialize. Instead, the most successful security postures use […]

Most cybersecurity experts will advise employees to keep their personal information off their company-issued devices. In fact, most companies’ acceptable use policies require it. Yet, despite the ample warnings and policies, employees continue to use their work devices for decidedly non-work purposes. With the growing popularity of remote working, road-warriors, bring your own device (BYOD), […]

Earlier this month, Microsoft issued an exciting announcement regarding passwords. Now, “exciting” and “passwords” aren’t two things that normally find themselves together in the same sentence. However, this news is the most significant change in Microsoft’s password policy recommendations in nearly three decades. In a recent blog post, Microsoft announced plans to remove regular mandatory […]

Last week, Citrix became the latest victim of a high-profile data breach while Equifax, a perennial cyber security punching bag, was raked over the coals by Congress. Both stories represent valuable learning opportunities for organizations seeking to avoid a similar fate. Let’s review each story, then we’ll share some insights into how companies can protect […]

Cisco recently released version 6.3, the latest iteration of software powering its Firepower family of cyber security solutions. Included as part of this update are several features that have long sat atop the wish lists of Cisco security shops. We caught up with members of our Network and Security team to learn more about what’s […]

Estimates vary as to how many organizations globally consider themselves compliant with the European Union’s General Data Protection Regulation (GDPR). One thing is for sure, organizations who have yet to cross that line have plenty of motivation to do so soon. Just last month, Google became the first major tech company dinged under GDPR. The […]

An ongoing malicious campaign targeting federal government websites prompted a historic response from the Cybersecurity and Infrastructure Security Agency (CISA). The agency, which operates under the banner of the Department of Homeland Security, issued its first ever emergency directive last week in an attempt to thwart a series of DNS hijacking attacks. Now, granted, at-risk […]