Stewart Twynham's IT security diary - The tip of the iceberg
Whenever I investigate a security problem within an organisation, the initial reaction is usually the same. If it's related to process and procedures, I will be told, "It's a one-off", or "It couldn't happen again, we were unlucky." If it's related to software, I hear something along the lines of, "Well, we'll just fix the bit that was wrong."
Not entirely dissimilar, in fact, to the reaction from the Prime Minister this week, and the suggestion that this whole sorry affair at HMRC was triggered by a junior member of staff not following well laid down procedures.