In a speech at the RSA on 29 October, Richard Thomas highlighted the risks associated with large databases, the need for tougher sanctions to deter data breaches and called on chief executives to take responsibility for the personal information their organisations hold.
"The number of breaches brought to our attention is serious and worrying. I recognise that some breaches are being discovered because of improved checks and audits as a welcome result of taking data security more seriously. More laptops have now been encrypted and thousands of staff have been trained. But the number of breaches notified to us must still be well short of the total. How many PCs and laptops are junked with live data? How many staff do not tell their managers when they have lost a memory stick, laptop or disc? Many losses are probably simply undetected."