UK readers may have noticed that the Information Commissioner’s Office (ICO) will have new powers to fine organisations responsible for security breaches from 6 April 2010. Fines of up to £500,000 can be imposed for serious breaches of the Data Protection Act. The ICO press release is here.
Jonathan Armstrong of Duane Morris, with whom I've shared several conference platforms, thinks this will make CEOs and other senior people take more notice and should make some IT security budgets less prone to cuts. As he says, "If the ICO can levy some decent fines early on, people may take more notice." His article is here.
We can only hope that tougher UK legislation will start to make a difference to the lackadaisical attitude of some senior people towards security!
2 years ago