At a recent speaking engagement about PCI and SOX compliance, I asked the audience to get out their wallets and pull out their credit cards. Then I asked them to hand the card to the person on their right.
Everyone got out their wallet. Nobody would hand over the card.
The point of the exercise was to get everyone thinking about PCI (Payment Card Industry-Data Security Standard) in a personal way. You can read more about my take on PCI and SOX compliance in my article.
The event was our Security Summit 2007.