GRA Quantum Named to 2019 MSSP Alert Top 200 Managed Security Services Providers List

Third Annual List Honors Leading MSSPs, MDR Service Providers & Cybersecurity Companies Salt Lake City, UT., Sept. 24, 2019 — MSSP Alert, published by After...

Why Take the Risk? Addressing Privacy Concerns with an MSSP

One concern that often arises when a company is considering hiring a Managed Security Service Provider (MSSP) and outsourcing their security functions is the risk of...

Get More Bang for your Buck: Hire an MSSP vs. an In-House Expert

Many leaders in security feel some degree of uncertainty when they see the price tag that accompanies Managed Security Service Providers (MSSPs). While the hesitation is...

3 Red Flags to Look Out for When Choosing an MSSP

If you’ve decided to outsource your security to a managed security services provider (MSSP), you may now be on a mission to find the right one. The bad news is that not...

5 Factors to Help You Decide: Build or Buy a SOC

It’s no longer a question of if you need a robust security plan, it’s now a matter of how you will achieve this.  For small businesses and enterprises alike, there is a...

GRA Quantum Launches a Comprehensive Managed Security Services Offering

GRA Quantum builds a modern, technology-agnostic Security Operations Center to provide comprehensive, tailored Managed Security Services. SALT LAKE CITY, December 5, 2018...

5 Reasons Why You Should Hire an MSSP

In today’s day in age, most organizations understand that they are at risk to cyber-attacks and are scrambling to get a firm handle on their cybersecurity programs. Many,...

GRA Quantum Welcomes New Director of Managed Security Services

Our team at GRA Quantum is excited to welcome our newest member, Jen Greulich, as the Director of Managed Security Services.  Jen brings a passion for keeping...

5 Steps to Managing Security Risks Associated with Your Partners & Vendors

Today most businesses find themselves in the position of requiring a strategic partnership with a third-party to address many different business needs and requirements....

Define Your Unique Security Threats with These Tools

It takes only minutes from the first action of an attack with 5 or less steps for an asset to be compromised, according to the 2019 Verizon Data Breach Investigations...

7 Steps to Building a Cybersecurity Strategy from Scratch

When your organization is young and growing, you may find yourself overwhelmed with a never-ending to-do list.  It can be easy to overlook security when you’re hiring new...

Tips for the IT Department on Reducing Cyber Clutter

Just like kitchen drawers and closets, computers accumulate clutter over time. And when you have an entire organization’s worth of people to watch and exponential amounts...

Top 3 Challenges with Securing the Cloud

By 2020,  it’s predicted that 83% of company workload will be stored in the cloud (Forbes).  This rise in usage and popularity comes at no surprise with how...

Small and Mid-size Orgs: Take Notice of this Trend in the 2019 Verizon Data Breach Investigations Report (DBIR).

43% of breaches in 2018 involved small businesses. Hackers know you’re vulnerable and they’re acting on it. We’re big fans of the DBIR over here, not just because we’re...

4 Reasons Your Organization Needs a Data Loss Prevention Strategy

When deciding how to go about protecting your company’s sensitive data, there are plenty of different solutions to choose from, such as endpoint controls, file system...

7 Steps to Strengthen Your Cybersecurity Program Today

Managing a security program in today’s ever-changing cyber threat landscape is no small feat. Many administrators struggle with knowing where to even start. Cybersecurity...

Top Cybersecurity Concerns with Huawei 5G Dominance

The Internet of Things (IoT) is creating a need to progress cellular capabilities to provide necessary support to currently 14 billion IoT devices connected globally and...

3 Factors to Consider When Securing Big Data

Big data is the new toy in town—a technological commodity that is driving development, but is also a major point of contention between companies, users, and governing...

3 Ways Small Organizations Can Take a Proactive Approach to Security

While most large enterprises have recognized the value in taking a proactive approach to security, many smaller organizations may not yet realize that they’re also...

Three Tips to Help You Secure IoT Devices in the Workplace

The popularity of Internet of Things (IoT) devices is steadily on the rise.  In fact,  IoT Analytics projects that there will be 22 billion active IoT devices by the year...

Cybersecurity Predictions for 2019 from the Experts at GRA Quantum

The past year has shown that no organization is immune from cyber-attack, with major brands like Facebook, Under Armour, and Ticketfly among those breached.  Heading into...

Best Practices for Securing Remote Access Connections

Looking at computer security breaches that have occurred over the years, there are a couple of details that stand out. First, that a lot of breaches occur because of...

A Brief History of Cyberwarfare

The United States of America is becoming increasingly more vulnerable to threats from cyberwarfare. In early October, it was revealed that almost all of our Department of...

Address Cyber Fatigue by Fostering a Culture of Cyber Awareness

Employees continue to be one of the top concerns for security professionals.  However, it’s not always the malicious insider that is the cause for distress, but instead...

How to Obtain the Cyber Security Budget You Need

Financial stress can be a cause for anxiety across all business departments, but if you’re in charge of developing a cyber security budget, you may be feeling extra...

Securing our Elections: Is the Executive Order Enough?

Concerns of election interference are again brought to our attention as the upcoming midterm elections next month draw closer. Officials are on high alert after the...

Simple Tips to Help You Become More #CyberAware This October

October, National Cyber Security Awareness Month (NCSAM), is our yearly reminder to evaluate our habits: Are we really following cyber security best practices or are we...

Don’t Be the Easy Target: What Attackers Look For and How to Stay Off Their Radar

The FBI recently disclosed that nation-state cyber attackers – such as the North Koreans – conduct extensive reconnaissance on their targets prior to carrying out...

Cybersecurity by the Numbers

As a security professional, you’re no stranger to the challenge of convincing your leadership of the need for cybersecurity.  Here’s a list of some of the most compelling...

GRA Quantum’s Summer Interns Gain Real-World Experience

Earlier this summer, we welcomed a group of four talented interns to our family at GRA Quantum.  Right from the beginning, this group has shown the type of ambition that...

Three Ways To Elevate Your Security Posture in 30 Days

With the ever-growing amount of security breaches in the news, you need to take action before the next headline is about your organization.  But, it can be overwhelming...

Maria Butina, Malicious Insiders and “The Long Game”

In the world of “insider threat” defense, one of the biggest fears security officials share is the malicious actor who gains legitimate access to a company or...

Highlights from the Verizon 2018 DBIR

The more things change, the more they stay the same. As long-time contributors of the Verizon Data Breach Investigations Report, we’re especially invested in the insights...

New York Dept Financial Services Cyber Security Requirements: How do they affect you?

24% of all breaches in the past year affected financial organizations, according to the Verizon Data Breach Investigations Report (DBIR). While the federal government...

3 Warnings to Watch for When Selecting a Penetration Testing Vendor

Did the Equifax Breach Just Make the CISO’s Job Easier?

If you’re accountable for your organization’s security, it’s safe to assume that you’re up against some internal challenges in creating an effective security strategy,...

Equifax continues to receive blows in data breach

Equifax is receiving a one-two punch after announcing a breach that compromised as many as 143 million American consumers. Let’s put that into perspective, size-wise, as...

Prepare for the Next Shadow Brokers Dump

The Shadow Brokers recently launched a subscription program that gives anyone access to potentially pernicious exploits and data. According to the service announcement,...

Cryptography Corollary: Password Probabilities

It seems like not a month goes by without reports of data breaches involving passwords. It seems like there’s no hope to be had in constructing strong passwords. Over the...

WannaCry Ransomware Campaign

 Situation Report GRA Quantum is actively monitoring the rapid proliferation and widespread impact of the WannaCry ransomware campaign (also known as WannaCrypt, WCry, or...

2017 Verizon DBIR Highlights Cyberespionage

Cyberespionage should best be understood within the framework of conventional espionage. The growing connectedness of the world and an overall lag in the development of...

A Cybersecurity Nutrition Label Could Fix Market Failure

Consumers care about security and privacy. The U.S. should embrace a cybersecurity nutrition label to inform customers, unlock their latent preference for security, and...

Securing the Forgotten Physical Space: Technical Surveillance Countermeasures

Technical Surveillance Countermeasures (TSCM)  prevent, detect, and neutralize the threats that eavesdropping and surveillance devices pose to organizations. TSCM is a...

Cybersecurity Clubs: A Growing Trend

Computer Science students are out-innovating their institutions by creating cybersecurity and hacker clubs that implement a hands-on approach to cybersecurity education....

Password Managers: One for All, All in One

Password managers provide secure alternatives for storing and organizing login credentials. They increase the use of strong, complex passwords and diminish the stress of...

A Closer Look: Network Penetration Testing

  A thorough penetration test identifies possible vulnerabilities, determines how they can be exploited, and works to mitigate them.   In a previous post, we...

Basics of Bluetooth: How Does Bluetooth Work?

Bluetooth ushered in the wireless generation. Don’t expect to get rid of it anytime soon. Bluetooth devices have become ubiquitous in the last 20 years. They’re in our...

A Closer Look: Incident Response

When a threat hits, incident response is responsible for diagnosing the vulnerability. Through a disciplined approach, incident response breaks down the resolution of...

Cryptography Corollary: Introduction to Hash Functions

Hash functions are strong cryptographic tools, but sometimes they’re not as secure as we’d like.   We’ve previously explored the foundations of encryption. It’s...

Common Ground? Digital Infrastructure Investments

To say that areas of agreement are few and far between in today’s political climate would be an understatement. Some exist, however—most notably on the need to...

An Introduction to Bitcoin and the Blockchain

Bitcoin’s blockchain technology is relatively immature but will likely revolutionize how we exchange information.   When it was introduced in 2009, it was loathed by...

Deciphering Encryption Finale

We’ve explored various kinds of encryption all through this series. We saw that ciphers have a long history of success, failure, and innovation. We discovered that no...

The New Normal – Cyberwarfare in the Corporate World

“There are two kinds of companies out there: those that have been hacked, and those that don’t know it yet.” A timely reminder from former FBI Director Robert Mueller...

Deciphering Encryption: Discrete Logarithms

Last time, we explored the RSA Cryptosystem. We observed that its security is reliant upon the difficulty of factoring large integers, but advances in computing are...

New Regulations, New Challenges in New York

Beginning this year, financial and insurance companies in the state of New York will have to comply with some of the country’s most stringent and far-reaching...

Russian Hacking and the Way Forward

On January 6, the Office of the Director of National Intelligence released a declassified version of the intelligence community’s assessment of alleged Russian...

Deciphering Encryption: Asymmetric Ciphers

Up to now, we have seen how symmetric algorithms achieve encryption. For example, we’ve seen that RC4 is a simple but insecure stream cipher. We’ve also seen two block...

Deciphering Encryption: The AES Block Cipher

Last time we explored the once-popular Data Encryption Standard (DES) block cipher. We observed that it implements the confusion and diffusion principles described by...

Deciphering Encryption: The DES Block Cipher

We’ve seen that stream ciphers like RC4 encrypt each character of a message individually. This seems intuitive, but this can actually make a cipher insecure. That is, the...

Deciphering Encryption: Stream Ciphers

We saw last time that ciphers are useful tools to hide information from prying eyes. We also classified ciphers into two families: Symmetric algorithms and asymmetric...

Why This Election Can’t Be Stolen

The race for the presidency of the United States in 2016 has been a hotbed of cyberespionage that has raised doubts about the legitimacy of the electoral process. Over...

Deciphering Encryption: Introduction to Ciphers

Securing messages is a significant problem that people have been trying to solve for well over 2000 years. This problem can be solved in part by using encryption....

From Everywhere At Once: DDoS Attacks

Have you ever been unable to carry on a conversation with somebody because too many other people were talking to you at once? Overwhelming you with so much information...

The Candidates on Cyber Issues: Trump and Johnson

In our last post we saw how Hillary Clinton and Jill Stein compare on major cyber issues. In brief, Clinton’s position is moderate and pragmatic, and Stein’s position is...

The Candidates on Cyber Issues: Clinton and Stein

It’s an election year, which means it’s time for candidates to present their platforms and policy proposals. Even more exciting is that it’s a presidential election year....

Cyber Basics: Quantum Computing

It must’ve sounded like something from Star Trek when D-Wave Systems unveiled the first commercially available quantum computer in 2007. The name “quantum computer”...

Cyber Basics: The Internet of Things

A World of Data One in five people now use a health wearable of some form. Users can now collect data about sleep patterns, exercise routines, heart rates, and calories...

Attitudes Toward Cyberwarfare

At first glance, the United States, China, and Russia all have similar public attitudes toward cyberwarfare. By and large they deem cyberwarfare and cyberespionage to be...

Canada’s Approach to National Cybersecurity

The hack of the Canadian-based dating website Ashley Madison made waves in the cybersecurity community last year. The company put its users’ personal data at risk, and as...

All is Fair in Love and Cyberwar

The Geneva Convention established rules and reinforced norms in war after the indiscriminate violence and the brutal treatment of other non-combatants during World War...

Cyber Basics: Layered Cyber Defenses

For 21st century companies it is virtually impossible to conduct business without connecting private enterprise networks to the public internet. Such connectivity allows...

Owning Your Online Presence

There is a dedicated type of hacker out there that deals not in code and zero-day exploits, but in psychology and social engineering. Their hacker tools include...

Cyber Basics: Designing A Network 

This blog post will attempt to make sense of a concept that is ubiquitous in cyber vernacular but whose exact meaning remains obscure to many people: computer networks....

A Cyber Prophylactic

The Brazilian government will be handing out 9 million free latex prophylactics around Rio de Janeiro during the Olympics, according to Reuters. While the initiative is...

Cyber Basics: Least Privilege & Division of Duties

Imagine you are going on vacation, and you ask your friend to look after your dog while you’re away. To do this your friend would, of course, need your house key before...

The Greatest Hurdle Of The 2016 Olympic Games

The forthcoming Olympic Games in Rio de Janeiro, Brazil are subject to no shortage of media coverage. Concerns about Zika, Brazilian presidential politics, and underlying...

Cyber Basics: Combating Social Engineering

Manipulating people into surrendering their personal information is a simple tactic that remains one of the biggest cyber threats to individuals and organizations. While...

Hedge Fund Security

In the summer of 2015 Fortelus, a British hedge fund, lost over £740,000 after its Chief Financial Officer, Thomas Meston, fell victim to an attack. The scammers posed as...

Ominous Influence: Foreign Cyber Threat to US Elections

The 2016 US Presidential Election is, perhaps more than any election past, being shaped in large part by outsiders. The most anti-establishment influencer though, as it...

Cyber Basics: Computers Held Hostage

  Imagine surfing the web and stumbling upon a pop-up ad declaring you the lucky winner of a prize. To claim your prize, all you have to do is click the link. You...

Cyber Basics: Cyber Attack Surface

In August 2012, an unsuspecting employee at the Saudi Aramco oil company clicked on a malicious link in a phishing email and began one of the most expensive hacks in...

Pokémon Go Hacks

Pokémon Go, a newly launched augmented reality game for smartphones, has swept the nation since its release just last week. As of yesterday in the US alone, the game...

Cyber Basics: Antivirus, A Trusted Prescription

Every day more than 60,000 people fall victim to malware, and they may not even know it. Luckily, though, it doesn’t have to be a hassle to defend yourself. A simple step...

OPM: One Year Later

It’s been one year since the US Office of Personnel Management (OPM) announced it had been the target of a massive data breach, and much of the discussion revisiting the...

Cyber Basics: Beware of Public Wi-Fi

It’s a typical scenario: you find yourself waiting for your morning coffee and decide to check your work email. You notice that the coffee shop has a public Wi-Fi...

Cyber Basics: Software Patching

We have all been harassed by (sometimes overly) persistent popups on our home screens urging us to install system updates. No matter how many times they appear, however,...

Guarding Against Cyber Snooping

Spying is not like the movies. From Bridge of Spies to 007, state-sponsored espionage is no longer confined to the treasure troves of government secrets. Today’s biggest...

Cyber Basics: Passwords That Work

Credit agency Experian conducted a study a few years ago which showed that the average person has twenty-six online accounts but only five unique passwords. Between...

Back to Cyber Basics

With the number of threats growing and the likelihood of an attack against individuals or firms increasing, it’s never been more important to understand the ins and outs...

Adding Cyber to NATO’s Deterrent Arsenal

Twenty-five years after the collapse of the Soviet Union, the specter of a nuclear holocaust has faded. The threat of weapons of mass destruction still looms, to be sure....

Securing Devices and Protecting Patients

In late 2015 the Food & Drug Administration (FDA) advised hospitals to stop using an insulin infusion pump made by Hospira due to a proven vulnerability whereby a...

Data Centers, Risks in Relocation

Following the dissolution of the Safe Harbor pact in October, US companies are increasingly investing in foreign data centers. Both firms and consumers should be wary of...

Pivotal Year for China’s Cyber Armies

In 2015, media reports attributing data breaches to China exceeded by a wide margin those of any other state-sponsor of cyberattacks in consistency, volume and severity....

Bank Vendors: New Pressures, Raised Standards

“A company may have the most sophisticated cybersecurity protections in the industry, but if its third-party service providers have weak systems or controls, those...

The Role of Boards in Cyber Strategies

Cyber crimes continue to be costly for organizations. A recent study reveals that the average annualized cost of cyber crime increased by 20 percent to $15 million this...

The Future of Network Defense Collaboration

Later this month the United States and United Kingdom will launch Operation Resilient Shield, a joint protocol to test the cyber readiness and cooperative capacity of the...

The Cyber Caliphate

The Islamic State of Iraq and Syria (ISIS) has revolutionized how terrorist groups use the Internet to recruit and inspire followers.  Since 2014 the group has spread its...

Ransomware and the Internet of Things

Growth in the number of connected objects is bringing a whole new set of security concerns to consumers and producers alike. With 200 billion devices predicted to be...

Automotive Cybersecurity

The “connected” car market is expected to be worth $44.4 billion in 2018, with 21 million of the cars sold in that year fitted with so-called smartphone integration...

Cyber Due Diligence

Whether pursuing an acquisition, inking a contract with a vendor, or partnering with another firm, companies routinely conduct due diligence to ensure that their...

Boardroom Counter-Surveillance

Industrial espionage has grown to become an all-too common reality for today’s businesses. In the United States alone, experts have estimated that private...

Smart Cyber Mandates

In August, the US government encountered two serious setbacks in its quest to strengthen the nation’s cybersecurity. In Congress, the Senate failed to proceed to a vote...

Cyber Risk Insurance

Even the best-defended enterprises can fall victim to devastating cyber attacks. When disaster strikes, organizations with a robust cyber risk insurance policy are able...

State-Sponsored Cyber Threats: Syria

As the Arab Spring reached Damascus in early 2011, a previously unknown group called the Syrian Electronic Army (SEA) emerged online. Their stated purpose was to counter...

State-Sponsored Cyber Threats: Iran

A decade of crippling international sanctions has not deterred the Islamic Republic of Iran from aggressively developing its offensive cyber warfare capabilities. From a...

Cuba: The Next Information Security Frontier

Cuba’s rapprochement with the United States in recent months has sent shockwaves of enthusiasm throughout markets and the diplomatic community alike. Normalization of...

State-Sponsored Cyber Threats: China

Since 2002, the leaders of the People’s Republic of China have made the modernization of China’s armed forces one of their highest priorities. Military leaders have...

State-Sponsored Cyber Threats: Russia

Among the leading actors in state-sponsored cyber warfare, the Russian Federation stands out for its highly sophisticated and stealthy attacks on foreign governments and...

Improving Cyber Awareness Training

We live in an age of increasing cyber insecurity. This past year has demonstrated that governments, businesses, and individuals alike can all be targets of cyber attacks....

Information Security as a Competitive Edge

The recent case of corporate cyber espionage between the St. Louis Cardinals and the Houston Astros is the first of its kind in Major League Baseball. The hacking scandal...

State-Sponsored Cyber Threats: North Korea

State-sponsored cyber attacks are on the rise. Motivated by patriotic devotion or the draw of lucrative careers, many hackers now lend their skills to military and...

Failure of Intrusion Detection Systems

On 4 June 2015, the White House announced the Office of Personnel Management (OPM) had been the subject of a massive cyber attack. The breach, resulting in the theft of...

Data Insecurity Behind The Great Wall

On June 1 the Chinese government kicked off its second annual Cybersecurity Week in Beijing. The Cyberspace Administration of China, Ministry of Education, and Ministry...

Pentagon Enlists Silicon Valley

Since his early 2015 swearing-in, Secretary of Defense Ashton “Ash” Carter made updating the 2011 US Department of Defense Strategy for Operating in Cyberspace a top...

Mitigating cyber risks for law firms

Law firms are natural targets for cyber crimes. A 2012 cybersecurity report estimated that 80 percent of the 100 largest American law firms had suffered “some malicious...

Healthcare’s Battle With Cybersecurity: Part II

Security experts from across the US healthcare industry are meeting in Atlanta this week to take part in the 3rd Annual Healthcare Cyber Security Summit. They plan to...

International Cyber Codes of Conduct

In Moscow last week, Chinese President Xi Jinping and Russian President Vladimir Putin signed a bilateral agreement on cybersecurity. As part of the deal the two...

Embracing Collective Cyber Defense

In April, the US House of Representatives passed two pieces of legislation aimed at bolstering information sharing between the government and the private sector. If...

Healthcare’s Battle with Cybersecurity

In a few weeks, security experts from across the US healthcare industry will meet in Atlanta, GA to address the growing cyber threat to their organizations. The meeting...

Cyber Threats to Critical Infrastructure

Recent industry data shows that cyber attacks on critical infrastructure (CI)—such as energy distribution networks, financial systems, and communications networks—pose a...

The Cost of Data Breaches

Over the past year, a number of high-profile data breaches have illuminated how unprepared some of North America’s largest corporations are in the wake of increasing...

The Chinese Imitation Game

China’s National People’s Congress (NPC) concluded its annual legislative session in Beijing last week, covering in part a controversial Anti-Terrorism Law with strict...

The Future of Cyber Warfare

During recent cyber attacks on Sony Pictures, hackers seized the company’s computer network and collected an impressive amount of data, including customer and employee...