New York, 3rd February 2009. Metacompliance today took its campaign to increase the profile of User Awareness in Information Governance to a global audience, by guest presenting at the weekly PCI Knowledge Base Webinar Series.
Tara Hutton, Customer Relationship Manager at Metacompliance, presented a compelling case for the importance of User Awareness to Information Governance during the hour long webinar, demonstrating effectively the negative impact that a lack of awareness can have on the security of information in an organisation. Metacompliance have been advocates of automated user awareness programmes for a number of years, and Tara demonstrated to delegates exactly how utilising automated self-certification technology can generate an immediate and effective increase in awareness and risk mitigation, and can help organisations striving for PCI Compliance to meet the rigorous demands of Requirement 12.
David Taylor, Founder of the PCI Knowledge Base, is also a vocal supporter of automated user awareness. He commented that “One of the biggest problems with PCI compliance continues to be that the mandates have only been communicated to a select few in many organizations. To ensure ongoing compliance, awareness and training of PCI and other security regulations must become part of the corporate culture.” Tara Hutton agrees:
“The PCI Compliance deadline is fast approaching, and there is a worrying lack of attention being given to Requirement 12, it is almost being treated as the last mile, an afterthought. PCI Compliance is only a point in time, and the original intent of the standard was that organisations consistently do everything they could or should do to prevent a data breach. The fact that 89% of all breaches in 2008 were directly attributed to employees makes it clearer than ever that organisations should be implementing ongoing user awareness programmes; the statistics tell us that they are not. Visa Europe has announced significant fines, the only way companies are going to ensure sustainable security of information and avoid these fines and penalties, is by using automated self certification.”
The PCI Knowledge Base is the largest independent research community focused on the security of payment and related financial and personal data. Its mission is to facilitate the exchange of experience and advice relative to the Payment Card Industry security standards and other related data security and privacy laws. David Taylor, founder of the PCI Knowledge Base and IT Security expert, is also a vocal supporter of automated user awareness:
MetaCompliance, uses automated self certification to allow organisation to implement an ongoing user awareness programme that will deliver on corporate IT Security objectives:
• User Accountability via Automated Self-Certification;
• Elicit and enforce 100% response across ALL users;
• Demonstrable Compliance via aggregated, secure audit and reporting;
• Automated Risk Assessment to continually measure IT Security Posture;
• Pre-written, mapped IT Security Policy Content;
• Automated, repeatable process that are the key to Sustainability of Compliance.