Aussie security pros support legal sanctions for data loss

Nearly all Australian security professionals believe that the law should hold companies accountable for serious data breaches that expose consumers’ data, according to a recent survey.

The survey, conducted by security vendor Raytheon Websense, shows that 65% of security professional respondents support mandatory disclosure, 60% believe the law should mandate customers that are affected and 59% are in favour of fines.

Around four in 10 believe that the CEO should hold ultimate responsibility for a data breach, and 23% even support jail sentences for the CEO or board members in the event of a serious breach.

The scale of the threat is only growing as new technologies emerge, with 72% of respondents believing that the advent of the Internet of Things will make companies more vulnerable to data theft.

More than half (62%) of Australian security professionals believe that the increased instances of data theft disclosures reaching the headlines has helped them make a case for budget, focus and resources.

But nearly a quarter (24%) believe that the headlines have hindered their efforts by making companies feel powerless to protect against data theft attacks.

“Despite all of the large-scale attacks we’ve seen over the past year, many businesses still don’t recognise the risks they face and the potentially devastating impact of a breach,” Raytheon Websense ANZ Sales Engineering Manager Bradley Anstis said.

The survey indicates that 27% of respondents feel that their companies still don’t believe that their business would be affected by data loss. In addition, 37% believe that a company will only do what’s necessary for legal compliance.

Around 43% of respondents believe that a lack of action to protect against data theft can be blamed on too much complexity, while 35% cannot afford the investment required.

Image courtesy of my_southborough under CC