The recent spate of high-profile data security breaches and the regulatory responses to them have once again thrust issues of data management into the limelight. I have spent the past few months looking at the issue and talking to leaders from the private and public sectors about data security issues. What has emerged is that there is a decided lack of ownership when it comes to data security, which cuts across all organis­ations.

There is a widespread perception that information security is an information technology issue and that produces a tendency to focus on security safeguards such as encrypting data on laptops, preventing use of USB memory sticks, password protection and so on. However, even in these areas experience shows that there is a long way to go.