- About LegalCORPS
- Nonprofit Organizations
- Small Businesses
- News and Events
Cybersecurity Threats and Trends: Workshop Resources and Videos
Thank you to those of you who attended one of our Cybersecurity workshops. We hope you found it useful. To anyone else, we hope you find these materials useful for protecting your business. Feel free to email firstname.lastname@example.org with questions.
Video of the December 6th Cyber Security Workshop is now available! Please use these videos in conjunction with the resources below to learn more about protecting your business.
Mike Johnson – University of Minnesota – Director of Graduate Studies in Security Technologies, Technological Leadership Institute: Mike Johnson is the Honeywell James J. Renier chair in Security Technologies and director of graduate studies at the Technological Leadership Institute at the University of Minnesota where he is responsible for leading the Master of Science in Security Technologies degree program and providing thought leadership in the areas of cyber security and critical infrastructure protection.He has more than 25 years of professional experience in security risk management, business resilience and enterprise fraud. Prior to joining the University of Minnesota, Johnson was SVP, CISO and Operations Risk Director at Bremer Bank, the IT Director and Compliance Officer for Dean Financial Services, and an FDIC bank examiner. Mike is a founding advisory board member for the Cybersecurity Summit, and serves on the board of directors’ IT committee for Fairview Health Services and the executive committee for Minnesota Cyber Careers Consortium.
Steve Hoge – Medtronic – Senior Legal Director: Steve Hoge is the primary source of legal support for the medical device business that collects and makes available to physicians remote cardiac monitoring information transmitted by patient’s implanted cardiac devices, such pacemakers, ICD’s and implantable cardiac monitors. He also supports Medtronic Monitoring, Inc., which is an Independent Diagnostic and Testing Facility that uses external cardiac monitoring to provide remote cardiac monitoring services used by physicians for diagnostic purposes. Prior to joining Medtronic, Steve was an attorney for Fair Isaac Corporation which provided data processing and hosting, software and predictive analytics to the financial services industry. Steve earned a law degree at the University of Minnesota and a degree in finance from the University of Wisconsin.
Bill Brendel – University of St. Thomas – President & CEO, Center for Ethical Organizations: Dr. William Brendel serves as the President and CEO of the Center for Ethical Organizations at the University of St Thomas. He received his MA in Social-Organizational Psychology (2003) and EdD in Adult Learning & Leadership (2009) at Columbia University in New York. He has close to 20 years of experience as an organization development consultant, researcher, and author.
Additional non-Speaker Panelists:
Sara Ratner – RedBrick Health – Senior Vice President, Compliance and Corporate Systems: As Senior Vice President, Compliance and Corporate Systems at RedBrick Health, Sara leads enterprise information technology and third party software application management, oversees privacy/security and compliance, and serves as executive sponsor to RedBrick’s government programs business. Since joining RedBrick in 2013, Sara has held transformative roles in operations (call center, health screenings, data analytics), and in spearheading a clinical services insourcing project. As a member of RedBrick’s Leadership Team, Sara contributes to the creation of RedBrick’s growth strategy, and has helped the company achieve a leadership position in the corporate health and wellness industry.
Melissa Krasnow – VLP Law Group LLP – Partner: Melissa Krasnow advises small businesses in the U.S. and Canada on data breaches, incident response plans and tabletop exercises, written information security programs, cyber liability insurance, Big Data, artificial intelligence/chatbots, HIPAA, Gramm-Leach-Bliley Act, FERPA, NIST, PCI DSS and state laws, technology transactions, mergers and acquisitions and governance.
- Mike Johnson -Technical Introduction Slides
- George Meinz – Vendor Management Slides (From the workshop held in St. Cloud, not shot on video).
- Steve Hoge – Vendor Management Slides
- Bill Brendel - Ethics Slides
- Business Email Compromise Resource - How and When to Report the Matter to the Federal Bureau of Investigation: A BEC is a type of sophisticated financial fraud targeting businesses of all types and sizes. BECs are carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusions to conduct unauthorized transfers of funds.
- CEO Ransomware Resource - What it is and What to do About it: Ransomware is a type of malicious software cyber actors use to deny access to systems or data. The malicious cyber actor holds systems or data hostage until the ransom is paid.
- Department of Justice Victim Response Resource – Best Practices for Victim Response and Reporting of Cyber Incidents: This is a 15-page extensive guide to how to prepare for a breach before it happens and a step by step guide to planning incident response
- Written Information Security Program: This Standard Document provides general guidance for developing a WISP as may be required by other state and federal laws and best practices. This Standard Document also includes integrated notes with important explanations and drafting tips. It includes recommendations for staying in compliance with state laws other than Minnesota’s but also provides valuable tips for Minnesota Business owners.
- FBI Cyber Division Ransomware Brochure
- DHS Resource List for Small and Medium Sized Businesses: The Department of Homeland Security (DHS) and its partners provide multiple hands-on resources to help stakeholders of all sizes and from all sectors address their cyber security needs.
- Minnesota Cyber Careers Consortium: Information about MN(C)3, a group bridging academia and industry in the cyber security careers space.
- Grey Plant Mooty’s A Legal Guide to Privacy and Data Security: This Guide is designed to alert businesses to legal issues related to privacy and data security.
NIST Cybersecurity for Small Businesses
This recently published guide is specifically written for small and midsized businesses that want to address their cybersecurity risk. It includes process assistance and templates to help you understand the cybersecurity threats and risks for your business, and build an effective program.
National Cyber Security Alliance – CyberSecure My Business
The NCSA has created a portal to help you work through the process of implementing the NIST guidance above. They also have monthly security webinars to improve cybersecurity awareness.
SBA Cybersecurity Page and Cybersecurity Online Training
The SBA is another great resource for small businesses trying to improve cybersecurity capabilities. The second link below directly connects to their online training.
FCC Cybersecurity Page and Cyber Planner tool
The FCC offers additional resources including a “Tip Sheet” on cybersecurity, and a tool to customize your cybersecurity program planning activities.
Stop, Think, Connect for small businesses
This is a great resource for employee awareness materials and other cyber program info.
US-CERT Resources for Small and Midsized businesses
This portal includes an SMB Cybersecurity Tool Kit as well as links to other resources.
Thank you to all of our speakers! Michael Krause and George Meinz also spoke at our workshops but do not appear in the videos.
Michael Krause – FBI – Supervisory Special Agent (Not Shot on Video): Michael Krause has managed cyber intrusions and computer forensics for the Minneapolis FBI since 2012. Over his 18 year FBI career, SSA Krause has served in several FBI offices including Albuquerque, the Criminal Justice Information Systems, and the Office of General Counsel. In addition to his current assignment, he has conducted and managed several investigative assignments to include drug enterprise investigations, terrorism investigations, human intelligence operations, information system development, and intelligence operations. Before entering the FBI, SSA Krause directed comprehensive crime prevention and community development programs for the City of Baltimore, supported non-profit and business development in the Baltics, and practiced law in Iowa. SSA Krause holds a Juris Doctorate and a Bachelors of Business Administration in Accounting from the University of Iowa.\
George Meinz – Gray Plant Moody – Principal (Spoke in St. Cloud only, did not appear in the video): George is a member of the Banking and Commercial Financial Services group at Gray Plant Moody. He focuses his practice on privacy and cybersecurity regulation, consumer and commercial banking and compliance, and payment systems. George is a 1980 graduate of William Mitchell and prior to joining Gray Plant Mooty served as in-house counsel with a national banking services company for over 20 years.