In recent weeks up to half a dozen IT professionals have been sacked for failing to secure corporate information.

Now this has really raised the data protection stakes. Analysts are predicting more sackings and harsh disciplinary measures for those who do not secure their enterprise.

I don't have a problem with accountability, it is necessary, especially if negligence contributes to a security breach.

But what isn't fair is scapegoating. In most cases those responsible for breaches are usually following accepted practices within their companies. They don't usually have the authority to introduce change, or more importantly, the resources.

So when problems do occur, there is this mad "do something" mentality that inevitably leads to scapegoating.