That was the interesting admission from the chief executive of RSA Security Art Corviello at his company's conference in London today. The show is running for three days and has some interesting names and faces from the international IT security scence including BT's Bruce Schneier, and the Infromation Commissioner Richard Thomas.
For his part Corviello thinks that businesses have been spending on the wrong types of security systems and acting reactively to security issues rather than anticipating problems.
The debate has now gone onto whether Alan Greenspan's comments last week that self-regulation of financial markets didn't work so does that mean that self-regulation of Internet privacy and personal information hasn't worked either. A panel of experts is chewing that over now and will update with their fndings.
Apparently senator Obama is pushing a general consumer privacy law which given the current poll's looks like it may well be on the cards.
Others think there are way too many "hoops" to jump through when it comes to regulation in Europe according to one of the panel who works for Barclays - he has just insisted that no part of his bank is being nationalised!