The HMRC employee who lost two discs containing the details of 25 million child benefit recipients deserves "an award", a former Cabinet Office consultant claims.
Speaking at the Socitm conference in Newport, Harvey Mattinson, a consultant at Communications-Electronics Security Group, said, "One mistake by somebody has changed the face of the world completely. We should give the person who made that mistake an award.
"Twelve months ago, nobody had really worried about security. Various incidents made us step back and ask ourselves some fundamental questions."
Mattinson was assistant director for assurance and standards while he was on a six-year loan to the Cabinet Office.
He said, "People at the top, including ministers, don't understand how to protect information. If we don't have leadership, we dont have a starting point." He added that the UK is "not doing very well at the moment" on keeping data secure.
It is impossible to eliminate risk and make information 100% safe, Mattinson said, and the best an organisation should hope for is making it 80% safe. Companies should get advice from experts, put the right procedures in place, spread data across different places instead of keeping it in one place, and work to get the right culture for keeping data safe.