The Arraya Blog

It’s not uncommon for news agencies to sensationalize stories around major cyber security vulnerabilities and potential hacks that could occur. The latest craze is around Meltdown and Spectre.  Heck the names even sound cool and dangerous. The complexities and mystique around what hackers are doing can often times worry those that don’t necessarily have a […]

I hear organizations say it every year – “This is the year we’re going to get serious about security.”  They usually mean it, too. Unfortunately, whether it’s due to the day-to-day drudgery of “keeping the lights on” or the pressure to innovate elsewhere in the business, they often fail to execute on those good intentions. […]

We’ve talked previously in this blog about how stock photos always depict cyber security threats the same way. The setting is typically a dark room occupied by a hoodie-wearing, faceless figure with some undoubtedly Matrix-inspired grids of code artistically placed somewhere in the frame. However, with the help of a recent survey, we’ve compiled an […]

I spend a lot of time with customers talking about network security, endpoint security, monitoring, and a whole host of other security solutions that are highly technical and point to specific risks. We get so caught up in the technologies that process the data, that we rarely look at the data itself. Specifically, I’m talking about […]

With National Cyber Security Awareness Month coming to a close, the U.S. Government seized the opportunity to put a select group of businesses on notice, so to speak. In a recent joint statement, the Department of Homeland Security and the Federal Bureau of Investigation warned of “advanced persistent threats” targeting the nation’s critical infrastructure, including […]

“My advice is for business leaders to get involved now or be prepared to face the music later.” Tom Clerici, Arraya’s Cyber Security Practice Director, wrote those words to cap off his most recent blog post, entitled “All CEOs Should Pay Attention to Equifax Firings – They May Be Next.” In the post, Tom theorized […]

October is National Cyber Security Awareness Month meaning that for one whole month issues such as security hygiene, data breaches, and defense strategies should take center stage. Although, after the September the business world just had, it might be hard to notice much of a difference. Even setting aside the near history-making cyber disaster that […]

Nobody was surprised when it was announced this weekend that the chief information officer and chief security officer were both out at Equifax. We all knew that was going to happen because those two roles always get terminated after a major breach. Clearly, it’s always the CIO and CSO’s fault, right…or is it? I’ve never […]

There’s really no nice way to say it, what happened at Equifax last week was the biggest failure to safeguard public data to date. Yahoo had more records compromised, but those weren’t nearly as sensitive.  Furthermore, Equifax’s response has been characterized by Brian Krebs, a leading security expert, as a “dumpster fire.” Krebs goes on […]

There’s a positive moment at the top of Cisco’s 2017 Midyear Cybersecurity Report, one which acknowledges the advances security pros have made regarding preventing and recovering from attacks. Unfortunately – and predictably – this new report isn’t all pats on the back. Instead, the conversation shifts to a number of trends observed by Cisco, each […]