The Arraya Blog

Last week, buried predictably on a Friday, Marriott revealed it – and, by extension, its guests, had been the victim of a truly massive data breach. All told, the hospitality giant believes attackers gained access to data on some 500 million guests who stayed at its Starwood properties over the past four years. For roughly 327 […]

Thanksgiving is now in our rearview mirror and the excitement of the winter holidays is upon us. As we approach the end of the year, it’s fun to look back at all the things we accomplished – and perhaps finish some of those things we put off until we had more time. One of the […]

Every organization should be concerned about malware – although it seems some should be a little more concerned than others. Certain industries seem to land in its crosshairs far more often. Unfortunately for organizations in malware’s favorite verticals, building an effective cyber security plan can be complicated by the realities of life within those industries. […]

The weeks leading up to Halloween have always been perfect for retelling urban legends and other scary tales. Since October is also National Cyber Security Awareness Month, these stories don’t only have to focus on creeping monsters and vengeful spirits. Instead, they can be about truly terrifying things, like the hacker who, it turns out, was […]

Encryption’s popularity has gone through the roof over the past few years, however, it may not be the cyber security silver bullet some hope. The volume of encrypted traffic traversing the web has increased roughly 90% each year since 2015. If those year-over-year growth patterns hold true, Gartner forecasts that, come 2019, 80% of all […]

GDPR only went into effect in late May, but it’s already inspired like-minded data privacy legislation on this side of the Atlantic. California, America’s technological heartland, recently signed off on a law that will give consumers greater control over their personal data. Much like GDPR before it, the new law’s impact could be widespread. While […]

Rolling out a multifactor authentication (MFA) solution such as the one offered by Duo is a good way to reinforce a cyber security weak point: end users. That is, of course, unless users find this added security to be a productivity roadblock. Should that happen, they may attempt to circumvent it or petition upper management […]

GDPR takes effect on May 25, 2018.  Fines for non-compliance can go as high as 4% of annual global turnover or $20M, whichever is higher.  The two-year transition period started on April 14,  2016, but like most regulations, it’s been easy to push off until later … well later is now.  With just under two […]

One of the great truths in cyber security, just like in life, is that there’s nothing wrong with expecting the best – as long as you make sure to prepare for the worst. Recent research by The Ponemon Institute, however, suggests far too many businesses are expecting the best cyber security-wise and simply leaving it at that. […]

The worst way to find out about a cyber security problem is from somebody outside of your organization. We’re paraphrasing the words of Tom Clerici, Director of our Cyber Security Practice, who wrote something similar in a blog from early last year in which he stressed both the increasing inevitability of cyber attacks and the need for […]