Arraya Insights

The VMware landscape has shifted. In June 2025, Broadcom rolled out significant changes to the VMware Partner Program, eliminating the entire Registered tier and reducing the number of partners authorized to resell VMware solutions. This change impacts thousands of organizations that relied on partners who are no longer able to provide VMware licensing or support. 

Here’s the good news: Arraya Solutions remains a proud and authorized VMware partner. 

What Changed in the VMware Partner Program 

Broadcom collapsed VMware’s partner structure from four tiers (Registered, Select, Premier, Pinnacle) into three, eliminating the Registered tier. As of June 2, 2025, affected partners were notified that their resale authorizations were revoked, with a 60-day wind-down period to close out existing deals. 

In plain terms: many partners lost their VMware status overnight. Customers working with those partners may now face uncertainty about renewals, support, and ongoing VMware projects. 

What This Means for You 

While the program changes are significant, you don’t have to worry about your VMware environment with Arraya. 

• Arraya is still an authorized VMware partner, fully equipped to help you purchase, renew, and optimize VMware solutions. 

• With over 25 years in IT consulting, we’ve guided customers through countless shifts in vendor programs, licensing models, and technology platforms. 

• VMware remains a strategic focus for Arraya, and our team continues to invest in certifications, training, and expertise to deliver the best results for our customers. 

Why Partner Continuity Matters 

VMware licensing and infrastructure decisions are complex. Losing a trusted partner in the middle of a renewal or migration can slow down projects, increase costs, and create risk. By working with a partner like Arraya, who remains fully authorized, you ensure: 

• A seamless renewal process with no disruption to your VMware licensing 

• Access to expert guidance on VMware’s evolving roadmap and Broadcom’s changes 

• A trusted advisor who understands not just VMware, but your broader IT strategy 

Next Steps: Move Forward with Confidence 

The VMware ecosystem may look different today, but one thing hasn’t changed: Arraya’s commitment to our customers. Whether you’re planning a VMware renewal, evaluating new solutions, or looking ahead at hybrid cloud strategies, Arraya is here to guide you. 

Talk to our VMware team today to ensure your environment is ready for what’s next.  

Last week, Dell Technologies World 2024 in Las Vegas showcased groundbreaking developments that are set to revolutionize the industry.

To keep you in the loop, here are the most significant announcements from the conference.

AI Takes Center Stage

Dell Technologies World 2024 was dominated by discussions on artificial intelligence (AI), emphasizing Dell’s commitment to integrating AI across its entire product line.

The company introduced the “AI Factory,” a comprehensive platform designed to facilitate the adoption and deployment of AI technologies. This platform integrates Dell’s hardware with Nvidia’s latest AI innovations, leveraging Blackwell-powered systems to create “AI factories” that modernize data centers and optimize AI processing capabilities​.

This partnership is a response to the growing demand for AI and to deliver a robust infrastructure that can handle these AI workloads. Jensen Huang, CEO of Nvidia, highlighted the potential of these AI factories, saying they are the next level in data processing where data centers are built to produce AI-driven insights at scale.

Enhanced AI Capabilities with Strategic Partnerships

Dell’s strategic partnerships are central to its AI initiatives. The introduction of Dell + Hugging Face Enterprise Hub provides a streamlined pathway to deploy open-source AI models on Dell infrastructure. This collaboration ensures that enterprises can easily integrate advanced AI models into their operations, enhancing performance and scalability​.

Additionally, Dell’s partnership with Microsoft brings Azure AI capabilities to the Dell APEX Cloud Platform. This integration allows organizations to utilize familiar Azure AI APIs on-premises, facilitating seamless hybrid cloud operations and enabling advanced AI applications such as vision, translation, and speech services​.

PowerStore and APEX Innovations

Dell has improved both its PowerStore and APEX platforms.

PowerStore Prime, the new version of Dell’s all-flash storage solution, has better performance and new features like sync replication for file and block data. These enhancements make PowerStore a leading solution for data-heavy applications.

The APEX platform added AIOps, an IT operations management tool that uses AI to improve infrastructure observability and incident management. AIOps has a chatbot assistant that gives real-time insights and support for Dell infrastructure products, making IT operations easier and lessening downtime.

Edge and Multi-Cloud Enhancements

Beyond AI, Dell continues to innovate in edge computing and multi-cloud environments.

The PowerFlex platform, which has been updated to version 4.5, provides better monitoring of infrastructure and file services. PowerScale has new features that use the newest Intel CPUs and PCIe 5.0 storage to boost performance by two times, making it more suitable for AI applications​.

Dell’s multi-cloud strategy is better than ever with new file storage options for Azure and an improved PowerProtect portfolio that boosts data protection and performance. These enhancements make sure that Dell’s solutions can suit the changing needs of modern enterprises​.

Next Steps: Is Your Data Center AI-Ready?

Dell Technologies World 2024 underscored Dell’s strategic focus on AI and how it will be incorporated across different platforms.

For companies like ours, these advancements provide an opportunity to leverage cutting-edge solutions to drive business growth and operational efficiency. Is your organization ready to leverage the latest, AI-focused solutions?

Contact us to get in touch with our Hybrid Infrastructure and Data Center team today!

As a trusted partner of VMware by Broadcom, we are excited to share some important news with you that will help you get the most out of your cloud solutions.

At the end of 2023, Broadcom announced that it had acquired VMware. More recently, VMware by Broadcom has announced two major changes that will simplify your cloud journey and deliver more value for your business:

1. VMware is simplifying its product portfolio to allow customers of all sizes to access the best VMware solutions for their needs.
   
   
2. There will be a complete transition of all VMware by Broadcom solutions to subscription licenses. This will include the end of sale of perpetual licenses, Support and Subscription (SnS) renewals for perpetual offerings, and HPP/SPP (generic) credits. Additionally, they are introducing licensing portability for VMware Cloud infrastructure to validated endpoints.

These changes are part of VMware’s multi-year strategy to simplify its portfolio and transition to a subscription model, which is the industry standard for cloud consumption. This will better serve customers with continuous innovation, faster time to value, and predictable investments.

How does the portfolio simplification benefit you?

VMware by Broadcom has listened to consumer feedback and learned that their portfolio was too complex and confusing to navigate.

They had too many products, bundles, and editions that overlapped and created confusion. They want to make it easier for you to find, buy, and use the right solutions for your needs.

That’s why they have streamlined their portfolio into four core categories:

1. VMware Cloud Foundation
2. Tanzu
3. Software Defined Edge
4. Application Networking & Security

Each category offers a comprehensive set of solutions that address your key challenges and use cases.

How does the subscription model benefit you?

Subscription licenses give you access to the latest features and updates, as well as flexible deployment options and consumption models. You can choose the subscription term that suits your business needs, and enjoy the benefits of lower upfront costs, improved cash flow, and reduced risk.

Subscription licenses also enable you to take advantage of their licensing portability for VMware Cloud infrastructure. This allows you to move your licenses across validated endpoints, such as VMware Cloud on AWS, VMware Cloud on Dell EMC, and VMware Cloud Universal.

As part of their transition to subscription licenses, VMware by Broadcom is ending the sale of perpetual licenses and SnS renewals for perpetual offerings effective immediately. This means that you will no longer be able to purchase or renew perpetual licenses or SnS contracts for any VMware by Broadcom solutions.

However, you can still use your existing perpetual licenses and SnS contracts until they expire, and you can continue to receive support and maintenance services as per your SnS agreements. As your perpetual licenses approach expiration, we can help you navigate the new subscription model.

Next Steps: How can we help you with this transition?

We are committed to making this transition as smooth and seamless as possible for you.

As your perpetual licenses approach expiration, we can help you navigate the new subscription model and educate your team throughout this change.

We also encourage you to reach out to us for any questions or concerns you may have. We appreciate your trust and loyalty, and we look forward to continuing to serve you with the best cloud solutions for your business as your trusted advisory experts.

Connect with our team here.

Comment on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities.    

Last week’s Microsoft Ignite event showcased the remarkable strides made in the integration of AI technologies across various industries.  

For those who couldn’t attend, this blog will summarize the key announcements that emerged from the event, focusing on advancements in AI and their impact on productivity tools, developer experiences, responsible AI deployment, and bolstering security measures.  

Easy AI Integration for Developers

Microsoft continues to empower developers with expanded choice and flexibility in generative AI models. The introduction of Model-as-a-Service and Azure AI Studio streamlines the integration and deployment of AI models, making it easier for developers to customize and manage their applications. The availability of GPT-3.5 Turbo and the upcoming GPT-4 Turbo further extends the possibilities for developers, offering enhanced prompt length and control over generative AI applications. 

Expanding the Use of Copilot

Microsoft Copilot, initially introduced eight months ago, has proven to be a game-changer in improving productivity. The expansion of Copilot offerings across various solutions aims to transform productivity and business processes for a wide range of roles and functions. From Microsoft Copilot for Microsoft 365, which is now generally available, to specialized Copilot solutions for service, Dynamics 365 Guides, and Azure, Microsoft is positioning Copilot as a versatile tool that goes beyond individual productivity, as a valuable asset for entire teams. 

Improving the Relationship Between Data & AI

Recognizing the pivotal role of data in AI, Microsoft Fabric is an AI-powered platform that unifies data estates on an enterprise-grade foundation. This platform, integrated with Microsoft Copilot, facilitates a data culture that enhances the value creation of data throughout organizations.  

Empowering the AI Shift in Windows

Microsoft introduced a new, AI-powered experience in Windows 11 and Windows 365. These enhancements aim to empower IT professionals, employees, and developers by making AI more accessible across devices. Windows AI Studio, alongside other productivity tools for developers, reinforces Microsoft’s commitment to making Windows the preferred platform for AI development. 

Using AI Responsibly

As part of Microsoft’s commitment to responsible AI use, they are expanding the Copilot Copyright Commitment (CCC) to Azure OpenAI Service. emphasizes the company’s dedication to defending and indemnifying customers. Azure AI Content Safety, now generally available, provides organizations with a built-in safety system to detect and mitigate harmful content, fostering better online experiences. 

Azure AI Content Safety will also help organizations detect and mitigate harmful content as a built-in safety system within Azure OpenAI Service.  

Continuing a Focus on Security 

In response to the evolving threat landscape, Microsoft introduces new technologies in security solutions, combining Microsoft Sentinel and Microsoft Defender XDR to create the Unified Security Operations Platform. Embedded with Security Copilot experiences, this platform enhances threat protection and simplifies the complexity of security environments. 

Next Steps: Is Your Organization AI-Ready? 

Microsoft Ignite 2023 showcased the rapid changes the technology sector is experiencing with the advancements of AI. As we look ahead, these developments signal a new era of possibilities, where AI becomes an integral part of our daily work lives, driving productivity, efficiency, and innovation. However, with these developments in AI come more complex environments and new security threats.  

Staying current with the latest technology is critical for organizations to maintain a competitive edge. However, it’s imperative that these are implemented with the proper precautions.  

Is your organization ready to unleash the power of AI and gain a competitive advantage? Contact one of our experts to get started today.  

Connect with our team.

Comment on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities.    

In the modern enterprise IT sphere, a hybrid blend of on-premises and cloud-based solutions is optimal for fostering a robust, flexible, and innovative operational framework.

A pivotal aspect of this hybrid setup is the effective management of Exchange recipients. This is instrumental in ensuring seamless communication and operational coherence across the organizational landscape.

At Arraya, we aim to equip organizations with the essential knowledge they need to make well-informed decisions that align with their unique operational needs and long-term strategic vision.

This article will explore two prevalent methodologies for managing Exchange recipients in a hybrid setup so you can determine which method will best fit your organization’s unique needs:

1. Leveraging an Exchange Management Server (EMS)
2. Employing Exchange Management Tools

Utilizing an Exchange Management Server (EMS)

An Exchange Management Server (EMS) acts as a centralized hub for managing Exchange recipients within a hybrid environment. This is utilized in conjunction with Microsoft Entra Connect, formerly known as Azure AD Connect.

Centralized Management: When you install an Exchange server, the Exchange management tools are automatically installed on the server. You’ll use the following tools to configure and manage both the on-premises Exchange and the Exchange Online organization:

• Exchange admin center: The EAC is a web-based management console that is optimized for on-premises, online, or hybrid Exchange deployments. The EAC replaces the Exchange Management Console (EMC) and the Exchange Control Panel (ECP), which were the interfaces used to manage Exchange Server 2010.
• Exchange Management Shell: The Exchange Management Shell is a Windows PowerShell-based command line interface.
• SMTP Relaying: SMTP relaying, facilitated by the EMS, plays a crucial role in email transmission between on-premises and cloud environments, ensuring seamless communication, secure email routing, and effective monitoring of email flow. It’s particularly beneficial during transitions to the cloud, providing a non-disruptive email delivery mechanism and supporting legacy system notifications.

Server Specifications and Version Recommendations

When setting up an EMS, server specifications are crucial to ensure smooth operation. A lightweight virtual machine (VM) is often recommended, with the following specifications:

• OS: Windows Server 2016 or Windows Server 2019; based on the latest support policies from Microsoft
• Processor cores: 4 recommended
• Memory: Between 12GB and 16GB
• Disk space: 100 GB recommended

For the Exchange version, while Exchange 2016 has been a popular choice due to its free availability, you should consider the latest version that aligns with your organization’s needs and budget to ensure you’re in compliance with Microsoft’s support policies.

Employing Exchange Management Tools

Exchange Management Tools, including the Exchange Management Shell and the Exchange Toolbox, offer an alternative method for managing Exchange recipients when all your recipients are in Exchange Online. In these cases, you may be able to decommission your Exchange server and manage recipients using Windows PowerShell.

These tools can be installed on client computers or servers within the Active Directory domain to aid in managing the Exchange organization.

For more information, check out: Install the Exchange management tools

Manage recipients in Exchange Server 2019 Hybrid environments | Microsoft Learn

Decommissioning Exchange Servers

Post-migration to Office 365, organizations might consider decommissioning on-premises Exchange servers. However, this step requires careful planning to ensure no loss of critical data and functionality. Microsoft provides guidelines on when it’s safe to decommission, emphasizing the importance of retaining an on-premises Exchange server for managing mail-enabled objects if Microsoft Entra Connect, formerly known as Azure AD Connect, is in use.

Alternative Solution – Active Directory Only

If you are not familiar with Windows PowerShell or do not wish to have any Exchange Management server installed and configured, an alternative solution is to utilize Active Directory ONLY to manage some recipient configurations. This is not recommended but it is possible.

Some AD attributes to utilize include:

• displayName
• proxyAddresses
  • Utilize SMTP for Primary SMTP Address for a user
  • Utilize smtp for alias addresses
• msExchRecipientTypeDetails

Required: This does require extending the schema to include Exchange centric attributes.

Next Steps: Ensure Operational Coherence Across Your Organization

The choice between employing an Exchange Management Server or utilizing Exchange Management Tools hinges on various factors including organizational requirements, technical expertise, and your long-term IT strategy.

Is your organization ready to manage your Exchange recipients using a full Hybrid Exchange set up? Or can you lower your overhead costs by utilizing lighter weight solutions?

Reach out to our experts to create an actionable and pragmatic plan, tailored to your organization, today. 

Connect with our team.

Comment on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities.    

Microsoft made an exciting announcement today. Copilot, their highly anticipated AI assistant feature, will be generally available on November 1^st.  

Microsoft Copilot is expected to fundamentally change how we relate to and benefit from technology. This feature will merge the power of Large Language Models (LLM) with your organization’s data to significantly enhance efficiency and effectiveness in day-to-day tasks.  

Effortless Integration and Application 

This intelligent digital companion will be available as an application and will seamlessly reveal itself when you need it most, incorporating the context and intelligence of the web and your work data. Copilot will span across Windows 11, Microsoft 365, Edge, and Bing, ensuring a comprehensive and cohesive user experience. 

Enhancing Productivity and Collaboration 

Copilot isn’t merely a tool for questions and answers but a multifaceted AI assistant that will delve deep into your universe of data, encompassing emails, meetings, chats, documents, web resources, and more. Users can prompt Copilot for what they want in natural language and the technology is smart enough to answer or even act on diverse tasks. 

Copilot will integrate seamlessly into the Microsoft 365 suite of apps.  

For instance: 

• In Word, you can request that Copilot draft a two-page project proposal based on specific data.   

• In Excel, Copilot can project the impact of variable changes and generate visual aids, like charts, to help visualize.  

• In PowerPoint, Copilot can create a presentation and include relevant stock photos. 

• Teams, Copilot can summarize meetings (even ones you missed), and discussions, and suggest next steps.  

As users embrace Copilot, Copilot Lab will be there to guide them in utilizing this tool to its fullest potential. By teaching users to provide the right prompts and suggestions, Copilot Lab aims to help users derive maximum benefits from this transformative tool.  

Next Steps: Prepare Your Organization for AI-Powered Transformation 

Copilot represents a significant leap forward in the realm of AI-powered innovation.  

With its seamless integration into the Microsoft platforms that most individuals use daily, combined with the ability to tackle complex work challenges, Copilot promises to reshape the way we work. 

Is your organization prepared to leverage AI’s potential?  

Reach out to our experts to create an actionable and pragmatic plan, tailored to your organization, today. 

Connect with our team.

Comment on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities.     

Multifactor authentication (MFA) has emerged as a foundational requirement for enhancing security and meeting compliance and insurance standards. If you currently rely on Cisco Duo Access Gateway (DAG), for MFA, important changes are on the horizon.  

This blog will highlight the upcoming end-of-life for DAG and the urgency of transitioning to Duo Single Sign-On.  

The Countdown to October’s End-of-Life 

Duo Access Gateway (DAG) integrations were discontinued in May 2022, and Cisco will soon cease operations for existing users.   

October 16 – 26, 2023: Duo Access Gateway will reach end-of-life.  

To ensure uninterrupted security, a transition to Duo Single Sign-On is imperative.  

Embrace the Benefits of Duo Single Sign-On 

The shift to Duo Single Sign-On presents a range of advantages that enhance security and user experience: 

1. Streamlined Set Up: There is no need to set up and maintain an on-premises web server as Duo handles this directly through cloud hosting. 

2. Instant Admin Panel Changes: The changes in the Duo Admin Panel take effect immediately, eliminating the need for downloading and uploading JSON files.  

3. User-Friendly Interface: The revamped Duo Central is managed in the Admin portal and boasts a new, mobile-friendly design. 

4. Simplified Login: Duo Universal Prompt offers a simplified and accessible login experience. 

5. Passwordless Authentication: Duo Passwordless replaces passwords with biometric platform authenticators and security keys. 

6. Expanded Compatibility: Duo Single Sign On now supports M365, Cisco ASA, and Palo Alto GlobalProtect and allows you to configure any application that uses SAML. 

Next Steps: Register for a Cisco Duo MFA Assessment 

To empower your organization’s transition to Duo Single Sign-On and optimize its deployment, we’re offering a complimentary Cisco Duo MFA Assessment.  

Our cyber security experts will assess its efficacy and usage. From licensing levels to user enrollment, we leave no stone unturned.   

Following the assessment, you’ll receive a detailed report outlining the results, a summary of the authentication methods of each app, and recommendations for bolstering your deployment’s effectiveness.  

This assessment will ensure that your critical applications remain securely fortified and that your users experience a seamless login process.  

In a world of ever-evolving threats and compliance mandates, MFA stands as a pivotal pillar in your defense strategy. Don’t let your organization’s protection lapse in October; empower it with cutting-edge security measures.  

To get started with your Cisco Duo MFA Assessment, register here.  

In the fast-evolving landscape of cybersecurity, staying up-to-date with the latest trends is crucial to protect digital assets and thwart potential threats.  

DEF CON and Black Hat both concluded last week, offering a platform to exchange knowledge and showcase innovative breakthroughs in hacking and the cybersecurity space. This year offered a plethora of insights that are set to reshape the future of cybersecurity.  

The Arraya Cyber Team attended the conference in person and put together their key takeaways to bring you up to speed.  

Rapid AI Adoption Outpaces Adequate Protection 

AI is being utilized by millions of people from very different perspectives. Security professionals, government officials, criminals, and more are all testing ways in which AI can be leveraged to their advantage.  

Red teaming, the practice of simulating attacks to expose vulnerabilities, has always been an integral part of cybersecurity. However, AI-powered red teams are now capable of autonomously creating sophisticated attack scenarios and adapting their tactics in real time. This introduces a new level of complexity for defenders, who must now grapple with AI-generated attacks that can continually evolve, making defense a more dynamic challenge. 

Further, there are still ways in which users can bypass the security controls for large language models and there is no clean way to audit what’s coming out of chats with Generative AI.  

AI will remain top of mind for security professionals moving forward as AI continues to develop and be leveraged in new ways.  

Quantum Cryptography’s Imminent Impact 

Quantum computing has been on the horizon for some time, promising to revolutionize various industries, including cybersecurity. Featured discussions at DEF CON underlined the imminent impact of quantum cryptography on the realm of digital security.  

In essence, the encryption capabilities of today will be child’s play to the quantum-resistant encryption algorithms of the future.  

Experts at the conference stressed the importance of preparing for the post-quantum era by developing quantum-resistant encryption algorithms now. As quantum computers become more powerful, cryptography must evolve to ensure data remains secure against quantum-enabled attacks.  

Elevating API Security to the Forefront 

One of the standout themes at Black Hat 2023 was the elevated emphasis on Application Programming Interface (API) security. APIs serve as the backbone of modern applications, enabling them to communicate and share data. However, their significance also makes them a prime target for cyberattacks.  

As showcased in the most recent IBM Security X-Force Threat Intelligence Index, the exploitation of public-facing applications was the top initial access vector of 2023. The connections between applications now create a vulnerability ripple effect as one application’s security affects another, and so on.  

The conference showcased a range of talks and workshops dedicated to identifying, addressing, and mitigating API vulnerabilities. Experts highlighted the importance of rigorous API testing, secure coding practices, and regular audits to ensure that APIs are shielded from unauthorized access, data breaches, and other potential threats. 

It’s clear that we don’t know as much as we thought we did when it comes to API security. One DEF CON session highlighted new classes of web race-condition attacks, which leverage concurrency risks that use synchronized requests to overcome a limit. Until we know more, additional scrutiny should be added to state-dependent application functions to ensure they fail closed.

Focus on 365 Security Flaws 

As Microsoft 365 is ubiquitous in conducting business, it continues to be a prime target for attacks. During Black Hat, there were numerous sessions that highlighted ways in which an attacker could tamper with and exploit 365.  

A researcher unveiled a potential security vulnerability in Microsoft’s approach to automatically integrating OneDrive into new Windows installations. This could allow attackers to exploit the automatic setup process and gain unauthorized access to the user’s OneDrive files. Further, your SharePoint integrity could be at risk, providing unauthorized individuals with the ability to modify your website’s content. Azure logs could also be modified, affecting the accuracy of your SIEM alerts.  

As such a large player for millions of businesses, 365 will remain an enormous target. Microsoft has been made aware of these security flaws, but your out-of-the-box 365 subscriptions will always benefit from extra protection.  

Next Steps: Protect Your Complete Digital World 

The insights and learnings from DEF CON and Black Hat 2023 will play a pivotal role in shaping the strategies and approaches that cybersecurity professionals adopt to safeguard digital assets and protect against threats. 

These highlighted the need for professionals to stay adaptable and informed and for businesses to continue to prioritize their cybersecurity.  

From risk assessments and threat detection to incident response and managed security services, Arraya’s expertise ensures that you stay ahead of evolving cyber threats. Arraya empowers you to navigate the complex cybersecurity landscape with confidence. 

Contact one of our cybersecurity experts today to begin a partnership that will safeguard your digital assets.  

Connect with our team.

Comment on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities.     

The IBM Security X-Force Threat Intelligence Index provides a comprehensive overview of the cybersecurity landscape. This report reveals critical trends and attack patterns observed in the past year so you can better understand the threats your organization is facing and how you can proactively defend against these attacks.

The ongoing pandemic and geopolitical unrest continue to create fertile grounds for cybercriminals to exploit, raising the urgency for organizations to enhance their cybersecurity defenses.

This year’s report highlighted the increasing threats in cyber extortion, phishing, and backdoor attacks.

Our key findings from the report include:

• The top initial access vector of 2022 was the exploitation of public-facing applications. This threat highlights the need for increased attack surface management.
  
• The average cost of a data breach increased from $4.35 million in last year’s report to $4.45 million. This is an increase of 15% over the last 3 years.  
  
• The manufacturing sector is now the most targeted industry, accounting for 24.8% of attacks in 2022 and beating out finance and insurance who previously held this title for years.
  
• Phishing remains the top initial access vector, accounting for 41% of incidents. Spear phishing attachments accounted for over half of all phishing attacks. It’s anticipated that this trend will grow exponentially with the adoption of AI by threat actors. There were also twice as many thread hijacking attempts per month, which involve an attacker impersonating someone within an existing email conversation.
  
• Backdoor deployment was the most common type of attack action and was observed in about one-quarter of all incidents. However, 67% of these backdoors were identified and disrupted before ransomware could be deployed.
  
• Ransomware still constitutes a large share of the incidents, reaffirming itself as a continued threat. While ransomware incidents dropped from 21% in 2021 to 17% in 2022, the speed at which ransomware can be deployed has increased by 94% over the last few years. In 2019, it took over two months to deploy ransomware. In 2021, it took only 3.85 days on average.

These evolving threats require a proactive and robust approach to cybersecurity. That’s where Arraya Solutions comes in. As a full-service technology consulting firm, Arraya is equipped to assist organizations in preparing for and responding to these emerging cybersecurity challenges.

Next Steps: Get on the Offense of Your Cyber Security with Arraya

Arraya can help your organization implement key security solutions that align with the latest trends and threat vectors, including:

1. Security Awareness Training: Equip your employees with the knowledge to identify and avoid threats.
2. Endpoint Protection Platforms and Firewalls: Protect your systems with proactive solutions.
3. Intrusion Detection and Prevention Systems (IDS/IPS): Detect and prevent cyber threats in real time.
4. Data Encryption: Safeguard your sensitive data, even in the event of a breach.
5. Patch Management: Stay up to date with the latest software versions and security patches.
6. Backup and Disaster Recovery Solutions: Ensure your organization can quickly recover in the aftermath of a security incident.
7. Managed Detection and Response (MDR) / Managed SIEM: Benefit from 24/7 threat monitoring and rapid incident response, managed by Arraya’s experts.

By demonstrating a robust approach to managing cybersecurity risks, organizations can not only better protect themselves against cyber threats but also potentially reduce their cyber insurance costs.

At Arraya Solutions, we understand the complexities of today’s cybersecurity landscape. From preparing for the latest challenges to assessing and implementing solutions that best protect your organization, we can help you respond effectively in the event of a cybersecurity incident. By partnering with us, you can focus on your core business, knowing that your cybersecurity is in safe hands.

To proactively protect your organization, it’s essential that you monitor your attack surface to uncover blind spots, misconfigurations, and process failures before someone else does.

To get started, take advantage of our FREE attack surface review with IBM Security’s Randori Recon. Register today or contact one of our cybersecurity experts to learn more.

Connect with our team.

Comment on: LinkedIn, Twitter and Facebook.     

Follow us to stay up to date on our industry insights and unique IT learning opportunities.