Prison a 'fair' punishment for data breach failures
By Asavin Wattanajantra,
A quarter of security professionals believe the arrest and jailing of a responsible chief executive or board member is a fair punishment for a serious company data breach, according to an e-crime survey.
Almost all (96 per cent) say that the board or chief executive should be held accountable for security breaches, with 26 per cent believing the chief executive should be ultimately accountable.
This comes just a day after bank HSBC admitted to losing nearly 400,000 customer records in the post.
This was according to a Websense survey released today and conducted at the recent e-Crime Congress in London. Only three per cent believed there should not be a legally enforced punishment, while 59 per cent said that compensation should be given to consumers affected.
Organisations are now under more pressure than ever to handle data loss properly, with 79 per cent of respondents believing stakeholders were putting more pressure to introduce security measures. The brand name, media, personal data security and share prices were key reasons.
Nearly all (96 per cent) believed that there should be an enforcing body that forces global governments to work together against cybercrime.
"This survey indicates a strengthening opinion for action to be taken against cybercrime and data loss on a broader scale than ever before," said Mark Murtagh, technical director for EMEA at Websense.
"We do expect more stringent regulation for security breaches, including those that involve the loss of personal data," he added.
Many felt those at board-level still took a reactive approach to security threats, even though the opinion was that they should take full responsibility if anything went wrong.
"Board members should ensure proactive, strategic action is taken to protect their organisation's essential information. From emerging web-based and e-mail borne security threats to data loss, to prevent sensitive information from getting into the wrong hands," said Murtagh.
Many of the security professionals polled felt that some businesses still did not take data loss prevention seriously enough. The top reasons for companies not taking action was cost and not putting the protection of confidential data as a high enough priority.
Interestingly, 91 per cent of the security professionals polled believed that introducing a recognised security standard would inspire more consumer trust in businesses.
advertisement
Latest Internet Features
Keynote's Umang Gupta on the health of the Net
The chief exec of Keynote Systems discusses the future of web performance and how PC and mobile worlds will crossover.
- Q&A – Tom Ilube, head of Garlik
- Ten of the most infamous ‘black hat’ hackers
- What next for Microsoft?
- Becta, open source and education: Too little, too late?
- Working 9-5: Not a way to make a living?
- Managing the public face: Why perception is king in IT
- Who'd be an ISP?
- The impact of the Eee PC
- Creating a mobile data management policy
Latest Internet Reviews
AVG Internet Security SBS Edition 8.0
Rating: 
advertisement
Latest News Videos in Internet
Video: Q&A with HTC chief Peter Chou
PlayThe company that brought us the XDA phone is at it again, and should give both Apple and BlackBerry a run for their money.
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?