MetLife strongly believes in the responsible use of information we collect about individuals. Here’s a preview of our ongoing efforts.
Every MetLife employee is required to comply with privacy laws and regulations when processing personal information held by the company. In 2020, we conducted cybersecurity training for all employees to raise awareness about potential threats when working remotely and to provide them with clear actionable guidelines to inform their everyday tasks and decision making.
We review and update our policies, standards, and procedures on a regular basis to keep them current in light of laws, regulations, emerging threats, and new and changing technologies. An internal committee of Business Information Security Officers with representation from Technology, Law, Internal Audit, Human Resources, the MCPO, and other Lines of Business areas helps oversee our information technology security policies, emerging risks, and compliance requirements.
Our policies and procedures are designed to protect the confidentiality and security of personal information. We are guided in our efforts by our privacy, risk, and security policies, which describe how we treat the information we receive about our customers. Some of our key focus areas include:
- Cybersecurity Safeguards and Risk Management
- Cybersecurity Monitoring
- Cybersecurity Incident Response
- Cybersecurity & E-Discovery Investigation
- Cybersecurity Threat Intelligence
We are also participants in various industry cybersecurity groups and events such as National Cybersecurity Awareness Month (NCSAM), a national public awareness campaign sponsored by the Department of Homeland Security that was created to raise awareness about cybersecurity and staying safe online. In fact, MetLife is one of hundreds of organizations that have become National Cybersecurity Awareness Champions — with best practices on how to keep customer data safe.