According to the UK's Information Commissioner's Office (ICO), the number of reported data breaches in the last 5 years has gone up dramatically. The data indicates that local government data breaches have increased by 1,609% since 2007, the most dramatic example of the trends.
Local government data breaches are the top target for data breaches, though public sector organizations also went up 1,380% in the last 5 years, private sector went up 1,159%, National Health Service up by 935% and central government breaches up by 132%.
Given the number of data devices now in use as well, as the vast increase in the data stored and used by organizations, we would expect a 5-year trend to show an increase in data breaches, though perhaps not this dramatically. Some of the increase can be accounted for by new mandatory reporting requirements, though not entirely.
If you look at the data in specific, it shows a year-to-year increase that shows clearly that breach prevention is not catching up with increased risks. The report also concludes that increased financial penalties by the ICO have had no effect on curbing these trends.
Do you think financial penalties are effective at forcing proactive security measures? Why or why not?