BECOMING A CYBER-AWARENESS CHAMPION

7.24.23 > Mark Ritchie

I was sworn-in as Minnesota’s elected Secretary of State in January of 2007. During my first
year in office, when I was still “learning the ropes,” I faced a challenge never considered in all
my years of preparing to lead this office – a cyber-attack. Early one Monday morning I received
an urgent message from our information technology department informing me that hackers,
most likely from overseas, had exploited a vulnerability in our on-line, digital records system to
disable our entire business services division, a critical component to Minnesota’s entire
commercial infrastructure.

Thus began one of the craziest and most alarming weeks of my eight years in office. For nearly
that entire week most of our office was devoted to both expelling the attackers and figuring out
what to say to the media and to the millions of people who rely on our systems to conduct their
business, finalize adoptions, get clearance for overseas study, and other vital community
functions provided by the Business Services Department of the Minnesota’s Office of the
Secretary of State.

This was our first real experience with the devastating effects of cyberattacks and a fast and
furious lesson in what we needed to do to restore our systems and to build-in the kinds of
cyber protections that we know are an absolute requirement in all our digital systems. For
most of that week we covered ourselves by popping up a message that said something along
the lines of “Our systems are down temporarily for maintenance. We apologize for any
inconvenience.” For a few days we successfully brought our systems back online, only to find
them down again the next morning. It was ultimately determined that a third-party vendor had
supplied search software that turned out to be vulnerable to a SQL injection hack and that had
been discovered and exploited to paralyze our systems. Many lessons were learned in this
awful week, but for me it was the beginning of a new passion – helping others avoid these
cyber nightmares whenever possible.

From that moment on I became a champion for bringing cyber-awareness onto the radars of
my fellow Secretaries of State in the other 49 States and Puerto Rico. One of the ways I
approached this was helping arrange for special briefings at national meetings and professional
conference. I also found that by circulating relevant media coverage and technical information
to my colleagues in other states was a way to keep this concern front and center for many.
During my tenure as National President of NASS, the National Association of Secretaries of
State, this was a major theme and topic of active discussion at all our conferences and
seminars.

But I also become increasingly aware of how cyberattacks were impacting all our lives in
multiple and increasingly alarming ways. Minnesota is the birthplace of the medical device
industry – think pacemakers and heart valves. Cyberattacks on these life-saving technological
miracles began to become a serious matter that cried out for a larger, more comprehensive
approach.

It was during this time that I heard about this wild idea to create an annual CyberSecurity
Summit right here in Minnesota. It seemed like the perfect way to translate my terrible week into a positive contribution to helping others avoid what I had previously endured, and I signed up to help in any way that I could. I feel very fortunate to have been a part of the journey that has taken us to this upcoming 13th annual gathering.

I retired from elected public service after two-terms as Minnesota’s Secretary of State. I am
proud that my successor has proven to be one of the most cyber-savvy leaders in the nation,
successfully taking on and defeating each new wave of cyber-challenges that demand daily
attention of all Secretaries of State.

While I am no longer in office, I have not left behind my passion for working with others on
super important events, like Minnesota’s Cyber Security Summit, to help all of society to better
handle what is now a top-tier national security issue, along with being one of the most
consequential challenges to the very survival of many businesses. One of Minnesota’s
hometown heroes, Target Corporation, is just one example of the many companies that
suffered greatly from devastating cyberattacks.

About this time of each year, I begin to keep a list of all of the folks I want to connect with at
the upcoming CSS, and I begin to read more carefully the tidal wave of news coverage of cyber-
challenges that continue to emerge at an ever-faster pace. I will get a few nights of good sleep
right before we dive into CSS on October 24 th – because I know these few days will be intense
and totally amazing. My great thanks to all who make this gift to the whole planet a special
moment in each year. A few times each year, at the Summit, my mind wanders back to my first
cybersecurity attack back in 2008. Those moments are a reminder of how important every one
of the past 12 Summits have been to me, and to the planet.

 

Mark Ritchie

Civilian Aide to Secretary of the Army; Former MN Sec. of State (2007-2015); Global Minnesota; U.S. Army; State of Minnesota

Former Minnesota Secretary of State Mark Ritchie recently served as President of Global Minnesota is currently serving as a Civilian Aide to the Secretary of the Army. Over the past decade Mark led the public-private partnership working to bring the 2027 Specialised World Expo to Minnesota. Mark’s public service has included serving on the State Board of Investment, Minnesota’s Executive Council, the federal Election Assistance Commission Advisory Board and on the Board of the Minnesota Historical Society.

You can Connect with Mark here at The Summit

Or on LinkedIn