No Mercy for CEOs of Defaulting Companies

by CXOtoday Staff    Apr 29, 2009

It seems people want stricter laws for not only cybercriminals but also companies that compromise their client data.

At this year’s e-crime Congress, nearly 30% respondents said CEO and board members of companies that expose consumers’ confidential data through a serious data breach should be imprisoned.

This represents an increase of 5% when compared to last year. 93% of the respondents believed companies are under more pressure to protect against data loss due to the current economic climate.  

The survey was conducted by Websense on delegates attending the 7th annual e-Crime Congress in London earlier this year.  These included security professionals from government and public and private sector organisations, as well as senior managers charged with responsibility for risk, audit, and compliance.

Alarmingly, around 46.6% respondents said that data loss is not a priority currently because of cost cutting during the economic downturn. More than half of respondents also said companies are not taking action against data loss because there are no legal requirements to do so.

In India, the IT ACT 2000 is the main legislation for monitoring e-commerce, regulating the use of computers & computer systems, and for matters concerning data security, data breaches, etc. In December 2008, an amendment was passed to this act that has come under criticism for being far too lenient on cybercriminals and defaulting companies (for most cases, defaulters can get away with a fine and/or a few years imprisonment). Perhaps it is time that our policy-makers wake up and be stricter in matters of information security.

Related links:

App Security Market on a Roll: Survey
25% CXOs Admit to System Compromise
Perceived Security can Misdirect Investments