Security professionals urge serious punishments for online data theft

Cyber crimes like credit card frauds have seen an exponential rise

A recent global survey of security professionals wants penalties and punishments, including imprisonment, for those held for data breaches that expose consumers' data.

Almost 98% of the respondents want punishments such as fines (65%), mandatory disclosure (68%) and compensation for consumers' affected (55%).

16% of the 102 professionals from 15 countries who took part in the survey even want arrest and jail sentence for chief executive officer or board members of the company from where the data theft happened.

The survey was conducted by Texas-based Websense, a company that engages in protecting organisations from latest cyber attacks and data theft.

All respondents were among the delegates, including security professionals from government and public and private sector organisations, and senior managers with responsibility for risk, audit and compliance, who attended the e-Crime Congress in London on March 10.

45% of the security professionals feel companies have a lackadaisical approach towards taking action against data loss and theft. "Though these companies have it as an agenda item, it is not a priority item," the survey stated.

Emphasising that an efficient data management system is a key issue a company must look at, 70% say CEO should hold ultimate responsibility on account of a security breach.

The issue is even more serious with advent of Internet of Things (IoTs). 93% believed that IoT will increase the vulnerability level of companies towards data theft.

With e-commerce gaining more strength globally and a drastic increase in the number of online transactions, cyber crimes like credit card frauds making headlines are also on a rise.

Three quarters of security professionals feel that publicity has helped other companies create a case for budget, focus and resources. Only 15% believe that the headlines have hindered this as they make companies feel powerless to protect against these attacks.

Interestinlgy, a third of respondents felt there are still companies that believed their business would not be affected by data loss. 35% felt that companies believe they are protected, but the technology being used is not appropriate to combat data theft.

Last December, hackers leaked five unreleased online and security numbers of many employees from Sony Entertainment's website. This is just one of the many incidents that have added to the concerns of online customers.