"Many people said the ICO would not have the guts to fine a local authority in the midst of economic trouble. It tells us something about his guts and his appetite," Room told IT PRO.
"In one fell swoop he has shown the ICO is one of the strongest [data protection bodies] in Europe."
As the fines were not close to 500,000 limit, Room said it is likely more hefty monetary penalties are in the pipeline.
However, Room said he was against the use of a cap, comparing the fines to the 2.27 million Zurich was told to pay earlier this year for losing data that was "arguably less important."
Nevertheless, the fines should have a positive impact on businesses, Room added.
"It should have a deterrent effect. It would be perverse if it didn't," he added.
Mark Fullbrook, director UK and Ireland at Privileged Identity Management (PIM) and information security expert at Cyber-Ark, agreed firms may now wake up to the need for proper data protection.
"Today's news should hopefully serve as a wake-up call for all those that have ignored this ticking time bomb for so long," Fullbrook said.
"The products are out there, so organisations need to get wise or risk the wrath of an ICO eager to flex its muscles."
Ed Macnair, chief executive (CEO) of Overtis, suggested the fines were not substantial enough, even though they may appear to be tough.
"At first glance this looks like the ICO has real teeth. However, in the case of the stolen laptop, the penalty is less than 3 for each lost record," Macnair said.
"When you consider the fact that A4e is a 145 million company, the breach has had a higher impact on the 24,000 individuals whose confidential information has been lost."
"Similarly, this council had clearly not learned from the first devastating security breach and continued to use the same insecure channel for sharing highly sensitive information," he added.
-
What does modern security success look like for financial services?Sponsored As financial institutions grapple with evolving cyber threats, intensifying regulations, and the limitations of ageing IT infrastructure, the need for a resilient and forward-thinking security strategy has never been greater
-
Yes, legal AI. But what can you actually do with it? Let’s take a look…Sponsored Legal AI is a knowledge multiplier that can accelerate research, sharpen insights, and organize information, provided legal teams have confidence in its transparent and auditable application
-
‘Hugely significant’: Experts welcome UK government plans to back down in Apple encryption battle – but it’s not quite over yetNews Tulsi Gabbard, US director of national intelligence, has confirmed the UK plans to back down on plans that would see Apple forced to create a "back door" for authorities.
-
‘A huge national security risk’: Thousands of government laptops, tablets, and phones are missing and nowhere to be foundNews A freedom of information disclosure shows more than 2,000 government-issued phones, tablets, and laptops have been lost or stolen, prompting huge cybersecurity concerns.
-
23andMe 'failed to take basic steps' to safeguard customer dataNews The ICO has strong criticism for the way the genetic testing company responded to a 2023 breach.
-
The UK cybersecurity sector is worth over £13 billion, but experts say there’s huge untapped potential if it can overcome these hurdlesAnalysis A new report released by the DSIT revealed the UK’s cybersecurity sector generated £13.2 billion over the last year
-
"Thinly spread": Questions raised over UK government’s latest cyber funding schemeThe funding will go towards bolstering cyber skills, though some industry experts have questioned the size of the price tag
-
AI recruitment tools are still a privacy nightmare – here's how the ICO plans to crack down on misuseNews The ICO has issued guidance for recruiters and AI developers after finding that many are mishandling data
-
“You must do better”: Information Commissioner John Edwards calls on firms to beef up support for data breach victimsNews Companies need to treat victims with swift, practical action, according to the ICO
-
LinkedIn backtracks on AI training rules after user backlashNews UK-based LinkedIn users will now get the same protections as those elsewhere in Europe
