Radio interview on WWJ-AM

The regulatory environment for health-care organizations places a high value on personal health information, writes Kayne McGladrey of Integral Partners. However, the dark web market value of PHI has cratered, according to cybersecurity firm Flashpoint. A PHI record that sold for an average of $75 to $100 in 2015 would net $0.50 to $1 in 2017, he writes.

Companies should pay special attention to consistent classification and labeling of data, as it’s one of the biggest hurdles to effective data governance. Setting default labels for new data (for example, dubbing them confidential) can ensure that policies and technical controls are applied consistently across the organization. This also frees up data creators from having to manually label all newly created information. “In that way, a data steward only needs to review data labels when that data is crossing a security barrier such as preparing a file to send to a client or third-party vendor,” notes Kayne McGladrey (@kaynemcgladrey), director of security and information technology at Pensar Development.

“We can anticipate that any nation-state with a propaganda department or agency is working to right-size their capabilities to spread disinformation.” It’s especially true, he adds, among nation-states with larger budgetary allocations since they can use automation and “office employees” to distribute the narratives.

“We already have security challenges that we haven’t been able to adequately address,” said Kayne McGladrey, IEEE Senior Member and Field CISO at Hyperproof. “The metaverse is likely to inherit these challenges. For example, phishing and theft of credentials have carried over to the metaverse. We’ve seen NFT and cryptocurrency scams, too, in the metaverse.”

IEEE Senior Member Kayne McGladrey said that “These threats are not merely theoretical, although at the moment, they are still relatively limited in their application. It is reasonable to expect that threat actors will continue to find innovative new uses of generative AI, extending beyond business email compromise, deepfakes and the generation of attack code.”

My slides from the 2019 IEEE Vision Innovation Challenges Summit