It’s an old story but it keeps on running. Companies employ PR companies to put themselves before the media. The main way they do that is through press releases.
So would you be happy if your PR company put out a release announcing an initiative but which omitted not one but three key facts?
- Who was launching it
- Why they were launching it
- Why anyone else would care
How could they get it so wrong?
Here it is, in all its glory, with only the PR company’s name stripped out to protect its blushes. Though, under enough pressure, I might publish that too….
The Common Assurance Metric (CAM) launched today is a global initiative that aims to produce objective quantifiable metrics, to assure Information Security maturity in cloud, third party service providers, as well as internally hosted systems. This collaborative initiative has received strong support from Public and Private sectors, industry associations, and global key industry stakeholders.
There is currently an urgent need for customers of cloud computing and third party IT services to be able to make an objective comparison between providers on the basis of their security features. As ENISA’s work on cloud computing, has shown, security is the number one concern for many businesses and governments. Existing mechanisms to measure security are often subjective and in many cases are bespoke solutions. This makes quantifiable measurement of security profiles difficult, and imposes the need to apply a bespoke approach, impacting in time, and of course cost. The CAM aims to bridge the divide between what is available, and what is required. By using existing standards that are often industry specific, the CAM will provide a singular approach of benefit to all organisations regardless of geography or industry.
[Quotes about how wonderful it is removed from here]
The project team anticipate delivery of the framework in late 2010 followed by a process towards global adoption for organisations wishing to obtain an objective measurement of security provided by cloud providers, as well as the level of security for systems hosted internally.
You’ll notice other issues (polite word) in there too. Who is ENISA, mentioned in the second para but never explained? Why is the first sentence only barely comprehensible — or even grammatical — on the first read-through? The second sentence in the second para doesn’t belong there, it should be at the top of that para. Since when does the phrase “impacting in time” qualify as English? And as for the last sentence/para, how many times did you have to read it to extract what the hapless writer was driving at?
Finally, why do people still feel the need to double-space between sentences? I gave up typewriters and starting using a word processor almost 30 years ago, and haven’t felt the need to do that since then…
It makes you wonder.