Michaels Store Breach: Free Grand Rapids conference on preventing similar IT nightmares

GRAND RAPIDS, MI — When retail giants like Target and Michaels fall victim to hackers that put millions of their customers at risk, any size business can feel vulnerable to a similar IT nightmare.

Michaels, the national arts and craft retailer with 35 stores in Michigan, recently reported 3 million of its customers’ payment cardsmay have been stolen in a breach over several months.

It gives shoppers another reason to worry about the safety of their personal data following a massive pre-Christmas security breach at Target, that the retailer estimates exposed the debit and credit card information of at least 100 million customers.

This week, a free cyber security conference is being offered to both businesses and individuals in Grand Rapids. It’s a collaboration of the local Better Business Bureau, the West Michigan Cyber Security Consortium and the Trivalent Group, a Grandville tech firm that provides security among other services for its clients.

“We are just open and vulnerable to things now that we never thought we would be,” said Phil Catlett, chief executive officer of the Better Business Bureau serving West Michigan.

The April 23 conference titled “Are You The Next Target?” is a result of Catlett approaching Trivalent CEO Larry Andrus about bringing experts together to address the issue, and advise local businesses on how to better protect their data from hackers.

The timing was good because Andrus was already part of a collaboration of IT professionals called the West Michigan Cyber Security Consortium which was bringing in national expert Colby Clark from FishNet Security to speak to the group. At Catlett’s request, Andrus expanded the invitation to the general public.

Clark is the co-author of “Hacking Exposed Linux” and the director of incident management for St. Paul, Minnesota-based FishNet Security.

Besides hackers targeting retailers, Clark is expected to address another cyber security nightmare: the Heartbleed bug, which can reveal the contents of a server’s memory and expose private data such as usernames, passwords and even credit card information. Several companies from Tumblr to Yahoo recently warned customers to change their online accounts because their systems are vulnerable to the bug that affects services that use the popular OpenSSL security library.

SSL is the standard security technology that establishes an encrypted link between a user’s web browser and the server where a website is hosted. Encryption, considered essential to Internet security, is used to secure numerous kinds of data transfers, including email, instant messaging, social media, and business transactions.

Conference organizers say every business and organization must understand how to protect the safety of their employees and customers by guarding confidential information not only online, but also on their computers, file servers, and even in the Cloud.

Beyond taking steps to make networks more secure, the conference will address the legal responsibilities businesses and groups have in protecting information and networks. Jennifer Puplava, an attorney with Mika, Meyers, Beckett & Jones, will discuss the legal obligations and liabilities of companies even though the United States still lacks comprehensive cybersecurity legislation.

So far, more than 200 people have registered for the half-day conference that will be run from 7:30 a.m. to noon at Grand Valley State University’s Eberhard Conference center, 301 W. Fulton St.

Catlett is encouraging everyone from businesses to customers take precautions.

“It’s up to every single individual to be diligent about this,” Catlett said.

Brad Andrus, Trivalent’s marketing manager, said registration for the conferencewill continue through 5 p.m. Tuesday, April 22. More information at