Pub 1 2012 Issue 2

March 2012 21 Leading advocate for the banking industry in Kansas. Stephanie Chaumont is a Security and Compliance Consultant for CoNetrix with a background in education. CoNetrix is a provider of information security consulting, IT/GLBA audits and security testing, and tandem – a security and compliance software suite designed to help financial institutions create andmaintain their Information Security Program. Visit our website at www.conetrix.com. seem like a challenge since the FFIEC has told you what you need to say, but try to convey how relevant this is to your customers. Play on the topic on most people’s minds most of the time: themselves. They don’t want to lose money; they don’t want their information to be stolen… Security is important to them, so if they understand the risks and how to help control those risks, they will surprise you at how important security can become to them. 2. Know your audience. They are not bankers, and very few of them read information security articles in their spare time. Lose the industry lingo and use language everyone can under- stand. If a middle school student can pick up your education materials and understand that they need stronger passwords, then you have succeeded. 3. Know your audience. In this overstimulated age, people are in a hurry and are easily bored. Don’t use 20 words when 10 will suffice. In an effort to follow the spirit of the law, spend a little extra time on the delivery and design of your information so that your customers will want to read and will understand what you have to say. Time spent on education is never wasted time.