Prison a 'fair' punishment for data breach failures
By Asavin Wattanajantra,
A quarter of security professionals believe the arrest and jailing of a responsible chief executive or board member is a fair punishment for a serious company data breach, according to an e-crime survey.
Almost all (96 per cent) say that the board or chief executive should be held accountable for security breaches, with 26 per cent believing the chief executive should be ultimately accountable.
This comes just a day after bank HSBC admitted to losing nearly 400,000 customer records in the post.
This was according to a Websense survey released today and conducted at the recent e-Crime Congress in London. Only three per cent believed there should not be a legally enforced punishment, while 59 per cent said that compensation should be given to consumers affected.
Organisations are now under more pressure than ever to handle data loss properly, with 79 per cent of respondents believing stakeholders were putting more pressure to introduce security measures. The brand name, media, personal data security and share prices were key reasons.
Nearly all (96 per cent) believed that there should be an enforcing body that forces global governments to work together against cybercrime.
"This survey indicates a strengthening opinion for action to be taken against cybercrime and data loss on a broader scale than ever before," said Mark Murtagh, technical director for EMEA at Websense.
"We do expect more stringent regulation for security breaches, including those that involve the loss of personal data," he added.
Many felt those at board-level still took a reactive approach to security threats, even though the opinion was that they should take full responsibility if anything went wrong.
"Board members should ensure proactive, strategic action is taken to protect their organisation's essential information. From emerging web-based and e-mail borne security threats to data loss, to prevent sensitive information from getting into the wrong hands," said Murtagh.
Many of the security professionals polled felt that some businesses still did not take data loss prevention seriously enough. The top reasons for companies not taking action was cost and not putting the protection of confidential data as a high enough priority.
Interestingly, 91 per cent of the security professionals polled believed that introducing a recognised security standard would inspire more consumer trust in businesses.
advertisement
Latest Internet Features
The continued curse of cybersquatting
For some, it’s a problem confined to the early days of the Internet. But current figures suggest that the cybersquatting problem is, if anything, growing.
- Where next for Microsoft, Yahoo and Google?
- Top 10 reviews of 2008
- The year in IT news
- Top 10 security stories of 2008
- 15 tech charities that need your help
- Christmas Gadget Roundup
- Why enterprise search is not internet search
- Web helps Wiggly Wigglers win big
- Netbooks vs. Smartphones: Making business mobile
Latest Internet Reviews
EXCLUSIVE - eSoft ThreatWall 250
Rating: 
advertisement
Latest News Videos in Internet
Video: Q&A with Easynet Connect's Chris Stening
PlayIT PRO spoke to Chris Stening, managing director of Easynet’s SME division, about whether ISPs are giving businesses the service they deserve.
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?