Schmidt also said that there has been a fundamental shift in the way in which organisations conduct business.

"Previously, organizations built isolated systems but today we have greater connectivity and a lot of supply chain partners," he said.

"It's not just about us being secure but we have to make sure our business partners and their business partners are secure."

Application security is critical especially in development processes, he said.

"Don't confuse quality and security. Lock 80 percent of the doors in a building and it isn't a secure facility; that's exactly what we are seeing in application security today," Schmidt explained.

"The downstream business costs of poor software development processes are very costly and hard to measure.

"It is better to build security into the development process so you are spending at the front end rather than paying damages on the backend."

Schmidt said business also needs to take more care when it comes to wireless security.

On the subject of IT security policies, he said paper policies are good at keeping regulators happy but its important to enforce them and ensure they work.

"And remember to encrypt, encrypt, encrypt," he said.