The Arraya Blog

These days, everybody is looking for a cyber security silver bullet. Organizations want something flashy, new, and most importantly, capable of besting any threat or malicious actor that may cross its path. TACACS+ is none of those things. In truth, that perfect cyber security cure-all may never materialize. Instead, the most successful security postures use […]

Most cybersecurity experts will advise employees to keep their personal information off their company-issued devices. In fact, most companies’ acceptable use policies require it. Yet, despite the ample warnings and policies, employees continue to use their work devices for decidedly non-work purposes. With the growing popularity of remote working, road-warriors, bring your own device (BYOD), […]

Earlier this month, Microsoft issued an exciting announcement regarding passwords. Now, “exciting” and “passwords” aren’t two things that normally find themselves together in the same sentence. However, this news is the most significant change in Microsoft’s password policy recommendations in nearly three decades. In a recent blog post, Microsoft announced plans to remove regular mandatory […]

Last week, Citrix became the latest victim of a high-profile data breach while Equifax, a perennial cyber security punching bag, was raked over the coals by Congress. Both stories represent valuable learning opportunities for organizations seeking to avoid a similar fate. Let’s review each story, then we’ll share some insights into how companies can protect […]

Cisco recently released version 6.3, the latest iteration of software powering its Firepower family of cyber security solutions. Included as part of this update are several features that have long sat atop the wish lists of Cisco security shops. We caught up with members of our Network and Security team to learn more about what’s […]

Estimates vary as to how many organizations globally consider themselves compliant with the European Union’s General Data Protection Regulation (GDPR). One thing is for sure, organizations who have yet to cross that line have plenty of motivation to do so soon. Just last month, Google became the first major tech company dinged under GDPR. The […]

An ongoing malicious campaign targeting federal government websites prompted a historic response from the Cybersecurity and Infrastructure Security Agency (CISA). The agency, which operates under the banner of the Department of Homeland Security, issued its first ever emergency directive last week in an attempt to thwart a series of DNS hijacking attacks. Now, granted, at-risk […]

Last week, buried predictably on a Friday, Marriott revealed it – and, by extension, its guests, had been the victim of a truly massive data breach. All told, the hospitality giant believes attackers gained access to data on some 500 million guests who stayed at its Starwood properties over the past four years. For roughly 327 […]

Thanksgiving is now in our rearview mirror and the excitement of the winter holidays is upon us. As we approach the end of the year, it’s fun to look back at all the things we accomplished – and perhaps finish some of those things we put off until we had more time. One of the […]

Every organization should be concerned about malware – although it seems some should be a little more concerned than others. Certain industries seem to land in its crosshairs far more often. Unfortunately for organizations in malware’s favorite verticals, building an effective cyber security plan can be complicated by the realities of life within those industries. […]