Blog

Screen Shot 2016-06-04 at 7.58.41 AM

02 Jun Video Interview: LabMD’s Mike Daugherty on Battle With FTC

Screen Shot 2016-06-04 at 7.47.01 AM

Screen Shot 2016-06-04 at 7.58.41 AM

Reblogged from Tracy Kitten‘s post here

Mike Daugherty, the president and CEO of LabMD who is fighting a legal battle with theFederal Trade Commission over two security incidents in 2008 and 2012, contends the agency is overstepping its regulatory authority. And he warns bankers and merchants to beware because new FTC probes into PCI compliance and EMV deployment could be on the way.

See Also: 2016 State of Threat Intelligence Study

“You have a whole bunch of people in Congress who want the administrative state and the regulators to be seen as saviors,” Daugherty says in this video interview with Information Security Media Group. “The problem is, we’re at a tipping point, in finance, in technology, in medicine, because we’re being regulated by lawyers, not people who are really educated in the areas that they’re regulating.”

In this interview at ISMG’s recent Washington Fraud and Breach Prevention Summit, Daugherty also discusses:

  • How he expects the FTC actions related to cybersecurity incidents to soon impact every industry;
  • How he believes LabMD’s case changed the way the FTC investigates security incidents; and
  • Why he contends that more oversight from the FTC will not enhance cybersecurity;

Atlanta-based LabMD, which has ceased operations, was a clinical and anatomic medical laboratory that specialized in analysis and diagnosis of blood, urine, and tissue specimens for cancers, micro-organisms and tumor markers. Daugherty founded LabMD in 1996 after 14 years in surgical device sales with U.S. Surgical Corp. and Mentor Corp. He is author of a book about the FTC’s investigation of his firm: “The Devil Inside the Beltway: The Shocking Expose of the U.S. Government’s Surveillance and Overreach into Cybersecurity, Medicine and Small Business.”

*Tracy Kitten is Executive Editor for http://BankInfoSecurity.com

Read More
michael_daugherty_at_home__01

26 Apr BusinessWeek reports on the FTC destruction of LabMD

Reblogged from Bloomberg Businessweek

A Leak Wounded This Company. Fighting the Feds Finished It Off

Michael Daugherty learns the high price of resistance.

michael_daugherty_at_home__01

Daugherty at home. Most of what remains of his $4.6 million business fits in his garage.

The first phone call that changed Michael Daugherty’s life came in May 2008. Daugherty was a happy man, running a good business in a nice place. That’s how he talks about it, like the opening five minutes of a movie, setting up how great everything is before disaster strikes. His Atlanta-based company, LabMD, tested blood, urine, and tissue samples for urologists, and had about 30 employees and $4 million in annual sales.

Daugherty is a middle-aged guy distinguished by small, kind brown eyes and a big, meaty laugh—a business everyman of a certain vintage, with a salesman’s mix of friendly and aggressive. He’s from Detroit, and you can occasionally hear it in his vowels. Kevin Spacey could play him in the movie.

Here’s where the story turns dark. That Tuesday, LabMD’s general manager came in to tell Daugherty about a call he’d just fielded from a man named Robert Boback. Boback claimed to have gotten hold of a file full of LabMD patient information. This was scary for a medical business that had to comply with federal rules on privacy, enshrined in the Health Insurance Portability and Accountability Act. I need proof, Daugherty told his deputy. Get it in writing.

 

labmd_file_boxes__02

LabMD artifacts Photographer: Johnathon Kelso for Bloomberg Businessweek

(more…)

Read More
AAEAAQAAAAAAAAR-AAAAJDlmZTE0YWFiLTM4YTUtNGQ5Zi05Y2RhLThkMWFhZjg0YjY3OA

24 Mar Cybersecurity Firm With A History Of ‘Corporate Blackmail’ Raided By The FBI

AAEAAQAAAAAAAAR-AAAAJDlmZTE0YWFiLTM4YTUtNGQ5Zi05Y2RhLThkMWFhZjg0YjY3OA

Sharing the latest from TechDirt

from the fate-of-CEO-Robert-‘Whitey’-Boback-currently-unknown dept

Cybersecurity is a crowded field. Not every competitor will make it. That’s inevitable. Tiversa is one of the also-rans.

Tiversa is helmed by Robert Boback. Back in 2009, Boback was already well-versed in the cybersecurity hard sell. Here’s what he had to say about P2P software in front of a Congressional audience — an audience well-versed in the art of selling fear to fund additional government products.

Boback showed off a document, apparently from a senior executive of a Fortune 500 company, listing every acquisition the company planned to make — along with how much it was willing to pay. Also included in the document were still-private details about the company’s financial performance. Boback also showed numerous documents listing Social Security numbers and other personal details on 24,000 patients at a health care system, as well as FBI files, including surveillance photos of an alleged Mafia hit man that were leaked while he was on trial.

Boback was stealthily pitching his company’s P2P monitoring service. During this hearing, he also claimed to have come across documents containing details about the President’s helicopter on an Iranian computer.

(more…)

Read More
justice-500x310

19 Mar Exclusive: DOJ probes allegations that Tiversa lied to FTC about data breaches

Things are finally starting to break through. This is the tip of the iceberg. Stay tuned.

Originally posted Thursday March 17th on Reuters

Federal agents are investigating whether cyber-security firm Tiversa gave the government falsified information about data breaches at companies that declined to purchase its data protection services, according to three people with direct knowledge of the inquiry.

The Federal Bureau of Investigation raided Tiversa’s Pittsburgh headquarters in early March and seized documents, the people said.

The Justice Department’s criminal investigation of Tiversa began after Richard Wallace, a former Tiversa employee, alleged in a 2015 Federal Trade Commission hearing that the cybersecurity firm gave the agency doctored evidence purporting to prove corporate data breaches, the people said.

Wallace testified that Tiversa falsified information to make it appear that sensitive data was being accessed by users across the country.
(more…)

Read More
snoop-wall

11 Feb Fed officials: Hackers would start small on way to banking system

Jan. 16–Hackers looking to sabotage the U.S. banking system could break into larger companies by targeting smaller institutions, warn officials at the Federal Reserve in Boston, who have launched a pilot program to help thwart cyberattacks.

“We’re focused on the small and medium (banks) because they’re a great door into some of the larger organizations,” said Kenneth C. Montgomery, first vice president and chief operating officer at the Federal Reserve Bank of Boston, who joined fed President Eric Rosengren for a sit-down with Boston Herald editors and reporters yesterday.

(more…)

Read More
tech-freedom

10 Feb TechFreedom to FTC: If You Can’t Prove Likely Injury, You Can’t Penalize Security Practices

WASHINGTON, DC — On Friday, TechFreedom urged the Federal Trade Commissioners (FTC) not to reverse the dismissal of a lawsuit brought by FTC staff against LabMD, a small cancer testing lab that went out of business under the weight of the lawsuit, but has continued to challenge the FTC’s approach to data security with pro bono representation. In an Amicus Curiae brief, TechFreedom argues that the FTC must not ignore the most important limit that Congress has placed on the FTC’s sweeping power to prohibit business practices: that a practice must “causes or is likely to cause substantial injury.”

(more…)

Read More
5CB60E14-66E2-457E-BD53-1A0FDA2B5BC3

14 Jan How a Lone Conservative Firebrand Became the FTC’s Worst Nightmare

The article below is reblogged from The Atlantic

Most com­pan­ies fa­cing a law­suit from the Fed­er­al Trade Com­mis­sion try to settle as quickly as pos­sible.
Fight­ing the FTC means years of ex­haust­ing and ex­pens­ive lit­ig­a­tion. The com­mis­sion doesn’t even have the au­thor­ity to im­pose fines for most vi­ol­a­tions, so a set­tle­ment usu­ally just means the com­pany has to change its be­ha­vi­or, agree to some in­de­pend­ent audits, and ride out the wave of neg­at­ive news cov­er­age. It’s an easy choice for most cor­por­ate ex­ec­ut­ives.

(more…)

Read More
top-10-influencers-in-health-infosec-showcase_image-4-a-8775

11 Jan Top 10 Influencers in Health InfoSec – Michael is number 6!

Michael is honored to be #6 on Healthcare Information Security’s List of Leaders!

Fourth Annual List of Healthcare Information Security Leaders

Reblogged from Healthcare Info Security
HealthcareInfoSecurity announces its fourth annual list of top influencers, recognizing leaders who are playing significant roles in shaping the way healthcare organizations approach information security and privacy.

(more…)

Read More