Panel discussion at CES 2024: How Will AI Impact the Jobs of the Future?

In recent years, we’ve seen a significant shift in the threats targeting businesses. “Everybody focused on the human harms, people couldn’t check into their hotel rooms; people couldn’t use an ATM… the nature of the technical exploits is not what we focus on in terms of harm… that’s not what we focus on in terms of harm,” states Kayne McGladrey, a field CISO at Hyperproof and senior IEEE member. This reiterates the transition from mere inconvenience to significant operational disruptions and economic consequences that cyber threats now pose.

The security industry can do a better job of promoting emerging technologies in security environments by linking their solutions to measurable outcomes that matter to CISOs. Those outcomes could be to either reduce sales friction or to show measurable progress in key risk indicators that board members care about. For example, while according to the recent “The Impact of Technology in 2025 and Beyond: an IEEE Global Study,” 48% of technologists said that the top application for AI in 2025 will be real-time cybersecurity vulnerability identification and attack prevention, vendors should still be prepared to explain how investments in their solutions can produce progress over time and support agreed-upon business objectives, outside of the technical benefits. Unfortunately, most emerging technologies primarily discuss technical benefits and features, not business outcomes. For example, if a CISO cares about multifactor authentication coverage, vendors should explain how their solution improves coverage and ties that to higher business resiliency. That would also reduce friction in B2B sales where a high degree of MFA coverage could be cited as a key control in a SOC 2 type 2 report, for example.

If approved, the proposed new HIPAA rules will reshape the landscape of healthcare cybersecurity, partially addressing the recent OIG report’s findings on the ineffectiveness of current HIPAA audits. For CISOs, these changes present both opportunities and challenges as they work to enhance their organizations’ cybersecurity practices. The updated compliance requirements for electronic protected health information promise significant benefits but also come with associated costs. As these rules are open for public comment over the next sixty days, healthcare CISOs have a window to provide their insights and influence the final regulations, ensuring they align with the practical realities of safeguarding sensitive health data.

“To protect their personal data, consumers can take several practical steps to remove their information from data broker websites and opt-out of marketing. First, they should identify where their data is held by searching major data broker sites, public records, and credit reports. Once identified, consumers can use the “Opt Out” or “Remove My Data” links provided on these websites to submit removal requests, ensuring they confirm their identity and track the progress.

Additionally, they should familiarize themselves with regulations like the California Consumer Privacy Act (CCPA), which allows them to request the deletion of their personal data and opt-out of its sale. Consumers can also use online tools and services designed to automate the opt-out process from marketing lists and data brokers.

I’ll be speaking on WWJ-AM (Detroit, MI) today at 12:30 PM ET. Looking forward to discussing cyber security with Brian Larsen.

Global supply chains have been under intense strain in recent months, a situation that has been made even worse by the growth of cyber attacks, especially in the form of ransomware. The transportation sector, which has been largely deregulated, needs to adopt recommendations by industry and government organizations for implementing measures that they might have overlooked in years. The price of failing to do so can be high, with ransomware attacks threatening to shut down critical logistics operations for days or even longer.