Only three percent of respondents believe that there should be no legally enforced punishment for such breaches.
The survey of 107 attendees at this year's eCrime Congress was conducted by IT security firm Websense.
Unsurprisingly for the audience, 96 percent said that governments should work together to tackle cyber-crime.
A large majority, 79 percent, said that companies that allow consumer data to be exposed should be fined.
The respondents who advocated jail sentences for data breaches believe that responsibility should rest with the chief executive or a board member.
This might be linked to the fact that IT security specialists feel that they are not listened to at board level.
Three-quarters said that company boards still adopt a reactive approach to data loss, rather than planning for its prevention, and 45 percent blame the board's reluctance to spend money for this policy.
"Board members should ensure that proactive, strategic action is taken to protect their organisation's essential information from emerging security threats and data loss to prevent sensitive information getting into the wrong hands," said Mark Murtagh, technical director at Websense.
Data breach bosses 'should go to jail'
By Andrew Charlesworth on Apr 9, 2008 1:04PM