Most companies don’t encrypt because they have the ‘it-won’t-happen-to-me’ syndrome, seeing it as an extra expense rather than an investment in protecting their assets. Even with the beefed up powers of the Information Commissioner’s Office, which can now impose up to £500,000 fines on companies in breach of the Data Protection Act, most organisations believe that it will never happen to them, pointed out McIntosh.

Interestingly enough, this is why most types of security failures happen ...