A significant proportion of IT security professionals feel that jail would be a suitable punishment for chief executives or board members responsible for a serious data leak, a new survey has found.

According to a study by Websense, 25 per cent of security professionals think that custodial sentences are a suitable response in this situation.

It also found that 96 per cent of respondents feel that the board of chief executives should be held responsible for breaches.

Just three per cent said there should be no legally enforced punishment for data loss.

Mark Murtagh, spokesperson for Websense, said: "Board members should ensure proactive, strategic action is taken to protect their organisation's essential information.

"From emerging web-based and e-mail borne security threats to data loss, to prevent sensitive information from getting into the wrong hands."

Many of those polled also felt that many firms do not take IT security seriously enough.

Last week, ZDNet reported that Debi Ashenden, research fellow at the Defence College of Management and Technology at Cranfield University, believes that firms need to educate their workers about best practice in order to improve IT security.

According to a recent survey by Connect, the two biggest IT headaches for businesses were 'everyday hassles with IT' (37 per cent) and 'security concerns' (32 per cent) In a recent survey of SMEs for Connect, the two most important benefits of outsourcing were 'guaranteed response times' and 'allowing in-house IT staff to concentrate on more strategic issues'.