Not enough is being done to prevent low-level cyber-crime because it is not a priority to the police or Home Office, according to independent peer Lord Erroll.
Erroll told Microsoft's Architectural Insight Conference that cybercrime has been a contentious issue for some time and is not going away.
'E-Crime is climbing steadily, but it's not a Home Office or police priority,' said Erroll. 'There is a feeling that all we need to do is say use a firewall or anti-virus product and lock the doors of your data. This doesn't work. There is no ability to prosecute level two crimes where the amount lost is low because it is below the individual police area's radar.'
He urged resistance to proposals to water down the Data Protection Act.
'We need to resist this and make sure that it works. Chinese walls are useful but if we are going to use them we have to make sure they work,' he said.
Erroll says government wants to make personal information more widely available.
'The government wants to increase data sharing to make joined up government more efficient,' he said. 'Change your address once and it will ripple through the entire organisation. It has lots of benefits but huge dangers. Systems need to be able to handle those who are the exception and who do not want their address and data moved around.'
There is a danger that legislation passed on cybercrime is useless, because it's not enforced properly, according to Erroll.
'It is pointless passing laws that can't be enforced and some of the laws we are passing are just PR exercises,' he said. 'Common law uses incentives and we need to think about how we can incentivise people to help make things more secure.'
Ed Gibson, chief security officer at Microsoft UK agrees that people will steal information if it is not secure.
'If you don't protect it then they will take it over and use it,' he said.
Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes
Focus on cost efficiency, simplicity, performance, scalability and future-readiness when architecting your data protection strategy