Logo
Get A Demo
  1. Home
  2. Blog
  3. Continuous Compliance – It’s All About Respecting Your Customers

Last updated February 15th, 2023 by Michael Hamelin

While at InfoSecurity Europe last month, I had the pleasure of interviewing Christopher Graham, the ICO UK Information Commissioner. I was giving a talk on the concept of Continuous Compliance and what that means from a firewall/network security perspective at the show. As the ICO is a UK regulatory body, I thought it made sense to sit down with Christopher to discuss why companies should focus on compliance, and I’m glad I did.

While many would agree that a proper compliance program is critical to protecting an organization’s brand, Christopher framed it in a way that really resonated with me. Many UK driven compliance initiatives have to do with privacy. The way Christopher sees it (and I agree with him 100%), maintaining customer privacy is all about respecting your customers. Companies are in business because our customers trust us, and if they don’t trust us then why should they do business with us?

As ICO’s Information Commissioner, Christopher can levy fines up to 500,000 British Pounds to companies that, in his words, “get things spectacularly wrong.” However, there is a wide spectrum as to why a company might get fined. There is a big difference between malicious intent – a company with no respect for their customers who engages in unethical business practices versus a company that was trying to do the right thing but was still compromised.

In the second example, things “go wrong” because maintaining compliance is a daily task prone to human error. To make things “go right”, constant vigilance is required – in other words, ensuring sufficient measures are in place to adequately protect customer data in the first place. And that’s where Continuous Compliance is key. Continuous Compliance is not about checking a box – it is about respecting your customers’ privacy, and making sure the proper technology controls are in place to accomplish that.

I encourage you to check out my video interview with Christopher, as we can all benefit from heeding his advice not to “play fast and loose with customer data”.

Best,
Michael Hamelin
Chief Security Architect

Don't miss out on more Tufin blogs

Subscribe to our weekly blog digest

In this post:

Background Image

Related Posts

Navigating Cloud Security Metrics: A Guide for CISOs
Navigating Cloud Security Metrics: A Guide for CISOs
3 Common Challenges and Solutions when Implementing Zero Trust Networking Policies
3 Common Challenges and Solutions when Implementing Zero Trust Networking Policies
Understanding the Application Layer Firewall: The Future of Online Security
Understanding the Application Layer Firewall: The Future of Online Security
Tufin Named “Customer Service Department of the Year” by the Stevie Awards
Tufin Named “Customer Service Department of the Year” by the Stevie Awards

Top Posts

How to Perform a Firewall Audit – Policy Rules Review Checklist
How to Perform a Firewall Audit – Policy Rules Review Checklist
Understanding AWS Route Table: A Practical Guide
Understanding AWS Route Table: A Practical Guide
What is a Firewall Ruleset? How can it help me?
What is a Firewall Ruleset? How can it help me?
Tech How-To: Configure Your Firewalls to Block the “WannaCry” Ransomware Attack
Tech How-To: Configure Your Firewalls to Block the “WannaCry” Ransomware Attack
Close