Regulations are Becoming, Well, Regular | Security Awareness

Regulations governing data privacy and cybersecurity concerns tend to get updated, well, regularly. Are your employees ready?

Alright, all those who believe information security and privacy regulations are going to lighten up over the next 18 months, raise your hands.
You know better, of course. Not only is that a pipe dream, but both the trend and tone of regulatory policy are becoming increasingly aggressive, shifting from “privacy by consent” to “privacy through accountability.” What, exactly, does that mean?
Well, for starters, it means a tougher standard for organizations to train their people. Last year’s PCI 3.0 requirements are a great case in point. No doubt we’ll be seeing more and more privacy and information security regulations enacted and tightened up across all jurisdictions. And as they take effect, you can bet that they’ll also come with increases in both scope and accountability.
All of this, of course, directly impacts your own information security policies and practices. So is your privacy and security awareness training keeping pace with the changing regulations—to say nothing of the ever-evolving threat landscape? It matters tremendously that it does, because falling behind means increasing your potential liability. And the judicial system isn’t exactly becoming more forgiving.
Perhaps the regulatory bodies are catching on to the “check the box” attitude many organizations seem to take on compliance. While the requirements generally mandate some level of training, they’re not simply seeking a minimum level of compliance anymore—they’re looking for a diligent effort on the part of the organization to take the matters of privacy and information security seriously. In other words, as recent judicial events have demonstrated, mere compliance just won’t cut it anymore. Hence the regulatory updates that increasingly lead with new education and awareness training requirements.
With the update to PCI and other regulations, this would be a terrific time to revisit your privacy and security awareness programs overall. Contact us now for a free assessment of your true readiness; we’ll be happy to help you sort it all out.

Share this Post