top of page

Services
Professional services
Security Risk Assessment
Expert-led, customized assessment with a clear fix-first roadmap.
Virtual CISO (vCISO)
Build your security program with senior guidance and execution.
Compliance as a Service (CaaS)
We build and run your compliance program so you stay audit-ready year-round.
Penetration Testing
Prove what’s exploitable before attackers do.
Incident Response
Incident response readiness plus on-call support when it counts.
Managed Services
Third-Party Risk Management
Securely manage vendor relationships from start to finish.
Security Awareness Training
Empower your team to recognize threats.
Email Security
Protect your inbox from phishing and spam.
Vulnerability Management
Continuous scanning and alerts for swift risk remediation.
Managed Detection & Response (MDR)
Quickly detect, respond, and recover from advanced threats.
Password Management
Secure, manage, and simplify passwords.
Dark Web Monitoring
Monitor exposed data before it’s used against you.
Industry
Healthcare
Ensure patient trust with robust data protection and compliance.
Financial Services
Safeguard financial data while meeting compliance at every level.
K-12 Education
Enhance student safety and privacy while supporting educational goals.
Framework
HIPAA
SOC 2
Additional frameworks
Simplify security: How to build your security program with NIST CSF 2.0
Download the ebook
Resources
Resources
Blog
Stay updated with the latest trends and insights in cybersecurity. From industry news to expert analyses, our blog keeps you informed.
Podcast
Listen to expert discussions on pressing cybersecurity issues. Featuring interviews and practical advice, our podcast keeps you engaged and informed.
Security community
Stay updated with the latest security news and join the conversation. Connect with peers, share insights, and leave comments on the most recent updates.
Guides and reports
Access comprehensive guides and reports with actionable insights and strategies to improve your security stance.
Master HIPAA: How to achieve compliance with our ultimate guide
Download the guide
Company
Contact
Partners

Free Cybersecurity Review

News

Public·3 members

George Sutton

George Sutton

George Sutton

Minnesota Deploys National Guard to Winona County in Response to Their Second Cyber Attack of 2026

April 13^th, 2026

❓What:

A ransomware attack targeted Winona County, Minnesota (April 6–7, 2026), impacting critical systems and digital services.
The attack persisted over multiple days, forcing portions of the county network offline and disrupting operations.
Due to the scale and complexity, local and commercial response capabilities were insufficient, prompting deployment of the Minnesota National Guard cyber protection team.
Response efforts involved state, federal (FBI), and external cybersecurity partners.
This marks the second ransomware incident affecting the county in 2026, indicating persistent targeting.

⚠️Impact:

Operational Disruption: Government services and systems were taken offline, forcing manual workarounds (e.g., paper-based processes).
Critical Service Risk: Attack impaired the county’s ability to deliver vital services, though emergency services remained operational.
Escalation to State Resources: Incident severity required military cyber assistance, highlighting gaps in local response capacity.
Repeat Targeting: Multiple attacks in a short timeframe reinforce that local governments are high-value ransomware targets due to limited resources.
Extended Recovery Timeline: System restoration is phased and could take weeks or longer, increasing business interruption risk.

💡Recommendations:

Establish & Test Incident Response
- Develop a formal IR plan with defined escalation paths (including state/federal coordination).
Ransomware Resilience
- Maintain offline/immutable backups and validate recovery regularly.
Network Segmentation & Hardening
- Limit lateral movement; continuously identify and remediate vulnerabilities.
Continuous Monitoring & Detection
- Deploy EDR/XDR and centralized logging (SIEM) to improve early detection.
Third-Party & Government Coordination
- Pre-arrange mutual aid and cyber response partnerships (e.g., National Guard, law enforcement).
Post-Incident Maturity Improvement
- Conduct lessons learned and continuously strengthen controls after each event.

Read the full story HERE

20 Views

bottom of page