All but 2% of respondents surveyed at an international gathering of computer security professionals earlier this month believe the law should address data breaches that expose consumers' personal information, and 16% advocate criminal charges against offending companies' CEO or board members.
The respondents — 102 of the 700 IT security pros attending the E-Crimes Congress in London — said legal punishments should include fines (65%), mandatory disclosure (68%) and compensation for the consumers affected (55%).
Conducted by security solutions provider Websense at the event, the survey also found a sizable majority (70%) believe the CEO is ultimately responsible in the event of a data breach, followed by those who believe responsibility lies with the chief security officer (13%), board members other than the CEO or CSO (9%), the IT department (5%) and the individual employee involved (4%).
For the full story go to Multichannel.com.
