Britain needs data breach notification laws
It will take a new law to force businesses to encrypt data and prevent data breaches.
So claims Kevin Bocek, director of product marketing for Thales, speaking to IT PRO at the RSA Conference in London this week.
Bocek said that data breach notification laws in countries like the US and Germany mean that data security issues now have attention at board level, because it had become a significant business issue.
Germany, for example, now has a data breach notification law that went into enforcement in September that established clear fines and penalties. In Britain there is no such law.
The Information Commissioner's Office (ICO) and the Financial Services Authority (FSA) has no clear authority to establish fines or punishments.
"I suspect you'll see other EU states follow Germany's lead," said Bocek.
Bocek said that it shouldn't be a problem for such a law to be put in place in Britain, as it had support from consumers in terms of privacy and also from a business perspective.
Once a law were put in place, Bocek believed that it would motivate businesses to put in security controls like encryption quicker than was presently being done.
"Organisations are now talking about risk management in IT and once they adopt that like we've seen in the US, businesses will move to talk about technologies like database and tape encryption," Bocek said.
The state of Salesforce: Future of business
Three articles that look forward into the changing state of Salesforce and the future of businessFree Download
The mighty struggle to migrate SAP to the cloud may be over
A simplified and unified approach to delivering Enterprise Transformation in the cloudFree Download
The business value of the transformative mainframe
Modernising on the mainframeFree Download
The Total Economic Impact™ Of IBM FlashSystem
Cost savings and business benefits enabled by FlashSystemFree Download