Iain Kerr, Protegrity president and CEO, is visiting a number of his firm's major customers in Europe next week, including Lufthansa in Germany and Gap, the store chain.
He took the time to talk to Infosecurity about what is happening on the IT security regulatory front and, in particular, the UK's newly enhanced penalties for data breaches, which have risen 100-fold to half a million pounds in the worse cases.
According to Kerr, the increased penalties are something he is pleased to see – and not just because it increases the potential sales for his company.
"Basically the new penalties give the Information Commissioner's Office (ICO) teeth to attack the problem of data breaches. Where major companies might previously have simply risked a fine of five thousand pounds, now they're going to be concerned about a fine of a 500 grand. It's a lot of money", he said.
"This type of regulation is what the industry needs. We're already seeing similar moves in other countries, which is excellent news, as it starts to get the message across that companies cannot take risks with people's data", he added.
Kerr went on to say, in the US, the Payment Cards Industry (PCI) rules – which apply to any major companies handling payment card transactions – have been the driving force over the last year or so, but in the UK he expects the new ICO penalties to be a driving force in the IT security vendor industry.
"Here in the US we're seeing companies regularly getting hit with fines of $25 000 or $50 000 for mistakes they've made on the data security front. It's painful, but it's accepted. But it's actually not the fine that hurts the most – it's the effect on a company's reputation", he said.
"This is why we think that the new ICO penalties will make their mark, as companies will be very worried about taking a hit on their reputation by being hit by a major fine", he added.
Because of this, Kerr says he expects to see a flurry of companies investing in new and improved IT security this year, in a bid to stave off a possible hefty penalty and an event heftier effect on the company's share price, due to a dent in its reputation.
"The IT staff we talk to are thrilled about the enhanced regulations from the ICO. They say it will increase the urgency with which companies adopt new IT security, although there's always going to be a few who will simply wait for a breach to take place before they invest in good security," he said.