InSecurity Podcast: Mike Daugherty on Battling FTC Cybersecurity Oversight

What if I told you that there might be companies out there who deliberately spoof data breaches in order to blackmail prospective “customers” into paying for their breach remediation services?

What if I told you that, after failing to be a good little victim to such a scam, LabMD began hearing from the Federal Trade Commission (FTC) about its security and technology practices? Would you believe me if I said that, in a battle that is now in its seventeenth year, our guest has attempted the impossible and stood up to both the crooks and the FTC?

Rather than settle a case that he knew was wrong, our guest refused to live in the world he was given. He has battled to change that world and keep his company’s name and his own name from being steamrolled by the bureaucracy of a government agency that may not really know what they are doing when it comes to data privacy and security.

Joining Matt Stephenson on the InSecurity podcast are Mike Daugherty and Malcolm Harkins.

Mike is the CEO of LabMD who refused to be the victim of a phony “Breach Mediation” company, which led to a decade-long battle with the Federal Trade Commission.

Malcolm is the Chief Security and Trust Officer at Cylance. He is not one to sit idly by and let the cybersecurity industry focus on profits over people.

Imagine what might happen when you get these two in a room together…

About Mike Daugherty

Mike Daugherty is embroiled in the biggest regulatory cybersecurity legal battle in the country today. The CEO of LabMD, a cancer testing laboratory, author, speaker, consultant and policy advocate, he has spent most of the last decade defending his company against charges that it had deficient cybersecurity practices.

The early years of his entering and fighting Washington DC are chronicled in his book, The Devil Inside the Beltway. In so doing, he has become the only litigant to challenge the basic authority that underlies more than 200 enforcement actions relating to cybersecurity and online privacy that the FTC has brought over the past 15 years.

Every one of the 200+ litigants before him – including some of the largest companies in the world – have settled with the FTC, creating an unquestioned and untested belief that the FTC has broad authority to regulate in these areas.

Following oral arguments in June, 2017, before a panel of the 11th Circuit Court of Appeals, on June 6, 2018, he actually prevailed. In so doing, he toppled key pillars of the FTC’s cybersecurity and online privacy edifice, successfully exposing and challenging The Administrative State. The cybersecurity regulatory framework for all of industry has been flipped on its head.

About Malcolm Harkins
As the Chief Security and Trust Officer at Cylance, Malcolm Harkins (@ProtectToEnable) is responsible for all aspects of information risk and security, security and privacy policy, and for peer outreach activities to drive improvement across the world in the understanding of cyber risks and best practices to manage and mitigate those risks.

Previously, he was Vice President and Chief Security and Privacy Officer at Intel Corp. In that role, Malcolm was responsible for managing the risk, controls, privacy, security and other related compliance activities for all of Intel's information assets, products and services.

About Muhammad Ali
Muhammad Ali is The Greatest of All Time.

About Matt Stephenson
Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV.

Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come before.