“Divide and conquer” is a battle plan that probably goes back further than the Romans, and it is one on which e-criminals and cyber saboteurs have been all too happy to rely in the UK.

The government’s new Cyber Security Strategy not only sets up two new organisations to help protect the country against the growing digital threats we face, but identifies 16 other bodies that already have responsibility for dealing with such attacks.

Nobody is trying to pretend that cyber defence is easy, and perhaps there is a very good reason why we need 18 different organisations working together –­ or at least, trying to.

But as most IT security experts know, it is human factors that the best hackers target, and even with the best will in the world, 18 different groups with 18 different priorities and prejudices mean an exponential increase in the potential for gaps through which cyber criminals can attack.

In theory, the new Cyber Security Operations Centre (CSOC) to be set up at GCHQ will be responsible for co-ordinating all these organisations in a coherent way. Good luck with that.

But what this means is that the success or failure of the government’s plan will depend entirely on the authority and accountability vested in CSOC. The centre’s location at the government’s top-secret communications monitoring site rather suggests its focus will be on high-level cyber espionage and terrorism ­ – somehow it seems unlikely it will be that bothered about the sort of low-level, frustrating hacking activity that is the daily bane of most businesses’ life.

It would be churlish to criticise the Cyber Security Strategy because it has so plainly been needed for so long, and its arrival is to be welcomed, even though it is belated. But to counter the increasingly sophisticated threats the UK faces, we need a simple, streamlined, co-ordinated operation that has the real teeth needed to take action.

If one does not emerge, those gaps will loom ever larger for both the casual hacker and the malicious cyber attacker.

Richard Thomas, the outgoing Information Commissioner, can look back at his tenure as the UK’s data watchdog with some satisfaction. During his time in charge, the subject of data protection has garnered hitherto unimaginable levels of attention, and Thomas has sought to take a sensible but firm approach to data protection issues. There has also been the introduction of Freedom of Information rules to add to an already significant workload.

But however well he has set about his task, there has always been the suspicion that his efforts have been somewhat hamstrung. The publication of the Rand review, which Thomas commissioned, confirms those misgivings.

That review is clear in its recommendation that current European data protection legislation needs an overhaul. And so it does.

That Thomas should prepare to leave his post by calling for more business-friendly rules is no surprise. It is a common theme from anyone with an interest in data protection.

The vast majority of business leaders accept and recognise the duty of care they have over the information that they collect and store about their customers and fellow citizens. They are happy to abide by sensible rules governing personal data.

But there is so much in the current European data protection directive ­ – which is the basis for the UK’s Data Protection Act –­ that is not sensible and could cause firms to unintentionally find themselves on the wrong side of the law. That situation needs to be addressed urgently.

The trouble is, calls for more business-friendly data protection rules are nothing new. Indeed, one of Thomas’s first acts as Information Commissioner was to promise such an approach.

There is, however, scant evidence that the regulators within Europe have any appetite for change. For sure, crafting rules that are to govern a technology environment that changes at lightning pace is a thankless task.

If there is to be any prospect of change, it is vital that Christopher Graham,the incoming commissioner, takes up the baton.

The principle of Occam’s Razor says that when all of a number of possible solutions are equal, you should always choose the simplest. Clearly nobody told the authorities in charge of tackling the growing problem of e-crime.

As our analysis this week shows, we seem to have gone from the sub-prime to the almost ridiculous.

From having practically nobody tackling e-crime after the demise of the National Hi-Tech Crime Unit (NHTCU) in 2006, there is now such a confusing mass of organisations that it becomes hard to see how well they can truly address the issue.

Let’s not be entirely critical – there is a clear acceptance that the police have been deficient in the past, and as a result there are now several organisations that, we hope, will lead to a much larger base of the specialist resources needed to beat cyber criminals.

But from the point of view of the victims, whether business or consumer, the lack of clarity over which organisation incidents should be reported to, and who will investigate them – or even if they will be investigated at all – leaves a lot to be desired.

The latest Symantec research illustrates the scale of the problem – a 200 per cent increase in malware last year, much of it designed to steal financial details and other personal information.

The question marks over e-crime policing are such that the National Audit Office is to look into the scale of the challenge and the effectiveness of the government’s response.

But businesses also deserve particular criticism – despite calling for more resources and support to tackle the e-crime threat, not a single penny in private sector funding has materialised for the new Police Central E-crime Unit, a body that was set up specifically to re-establish the links with industry that were lost when the NHTCU disappeared.

Electronic crime is only going to grow at an ever faster pace – that much at least is simple for all to see.

There is one word that is being ever more frequently used when talking about business, government and employment ­- trust.

As customers, we trusted banks and the financial services industry to know what they were doing and to make the right decisions about investing our money. As we now know, in too many cases, we were wrong.

As citizens, we have allowed government to build up vast amounts of information about us on the basis that the data would be secure, and used only for the purposes for which it was originally obtained. After numerous data loss scandals and controversy over information sharing, there are plenty of critics who would say we were wrong.

And as employees, we increasingly expect our employers to be mature enough, and to use secure technology intelligently enough, to allow us a better work/life balance -­ with next week’s flexible working legislation giving a push further down that road. But with surveys suggesting that many companies do not trust their staff sufficiently to work remotely, we have to wonder, were we wrong?

In the post-credit crunch world, trust will be perhaps the biggest issue facing business and government leaders. We used to talk of things as being “as safe as houses”, or “as safe as the Bank of England”. But what can we talk about now? Who do we trust? And how do we know we can trust them?

The answer to that question will lie largely in the hands of IT experts. Technology is central to delivering trust. Whether it is to enforce regulatory compliance, to secure and monitor databases, or to provide communication and collaboration with remote workers, IT will be at the heart of managing the risks faced by organisations of all sizes and sectors.

Companies will need to sell the fact they can be trusted, and the way they use technology will be a high-profile aspect of that.

IT leaders are set to take a key role in establishing those trusted relationships and delivering the systems to prove it.

One of the London free newspapers last week trumpeted the headline: “Google puts a spy in your pocket”.

The story was about the search firm’s latest application for mobile phones, called Latitude, which allows users’ location to be tracked and helps find local services.

The software is a great example of the sort of location-based mapping services that will only become more popular.

So why all the fuss? Simply because it is seen as a better story to focus on the concerns of privacy campaigners than on the benefits of an innovative new service.

Of course it is right that people are made aware of the potential downside of any new technology. But Google’s software is entirely based on users opting in and making a conscious decision whether or not to use the system. Nobody is forcing them.

This is a perfect example of how the privacy debate has swung too far away from the many good things that technology can achieve.

A House of Lords committee last week slammed the government over its unrestrained use of data collection and surveillance. They were of course absolutely right to do so. Because it is equally true that the exploitation of technology to intrude on privacy has gone too far.

But the debate seems incapable of staying focused on finding a middle ground whereby personal data can be used wisely to deliver better services, and the authorities are made subject to reasonable restrictions on how they can use that information.

What is missing is the element of choice. Foolishly or otherwise, the younger generation posts personal details on the web with abandon –­ but they do it out of choice.

Conversely, what choice do citizens have about how government uses the vast databases it has built up? Very little.

If the surveillance society becomes a reality, it will happen because technology has allowed it. So technology ­ – and its practitioners ­ – must engage with the debate and deliver solutions that ensure we still have a choice.

Innovation has become one of the most over-used words in technology, but it remains perhaps the most important one in IT leaders’ vocabulary.

It is one of those words that suffers for being too open to interpretation.

When it emerges from the mouth of a politician, you can usually assume it means little more than some vague

commitment to a policy to support skills development or encourage research investment and will no doubt be superceded by another new policy when it fails.

From business leaders, the word is often part of a warning that without it the UK economy will lose out to emerging innovation hothouses such as India and China.

So it is all the more important that IT managers know what they mean when they put innovation at the top of their priority list – which is exactly where it should be.

For one thing, it is not to be confused with invention. Instead, innovation is about smart people doing things more smartly than the competition. It is about ways to use emerging technologies that work for your business. And it means taking measured risks on new ideas and building a culture to support innovators.

There are two great examples in these pages. Lastminute.com two years ago set up an innovation group, who found the key to success is quick development, using agile methodologies to bring ideas to fruition.

At Visa Europe, the company faces a never-ending task of being smarter than the credit-card crooks. A constant process of innovation in product development is essential. Proof-of-concept testing helps to identify ideas that will work for consumers. There are valuable lessons that can be learned from both organisations.

Chief executives will always expect strict return on investment plans for any IT spending and especially so in a recession. But to make a real difference, it is return on innovation that needs to be part of the IT leader’s pitch.

Data privacy is without a doubt one of the defining challenges of the digital age. For too long, the issue has been wrapped up in clichés around Big Brother and the surveillance society that provoke much argument but no proper debate.

The government, it seems, is only too willing to allow others to shout at each other and avoid any meaningful solutions while it continues its database-creating frenzy.

The regularity of stories revealing further areas where Whitehall’s creeping influence has grown over people’s information only serves to foster the image of a government that wants to use our data how it can, while it can. Our story this week that central government workers will have to hand over their bank details – ­ joining their counterparts in local authorities – ­ is another example.

The government has genuine reasons to want all this information, and it is easy to build a justification around crime reduction, better public services and lower costs. Yet too often it shoots itself in the foot by losing data or over-reaching itself.

The European Court of Human Rights last week put the national DNA database firmly into the latter category, ruling that two British men who were arrested but not convicted of crimes should have their records removed from the system, stating that the UK government “had overstepped any acceptable margin”.

Next year a new Information Commissioner will be appointed, and he or she will take on the role in a very different environment from the one in which the present holder, Richard Thomas, started. More than ever, this increasingly high-profile position needs to be held by someone who will champion the privacy of the individual.

The only long-term solution is to give back control of data to the people who own it ­ – and that is us. Emerging privacy-enhancing technologies will help to make this happen.

With that firmly in mind, it is time for the government to lead the privacy debate, to make itself a beacon for responsible use of our information, and not to grab as much data as it can before more people resort to the law to prevent it.

For those unfamiliar with the UK and its pleasant pastures seen, the changes being introduced this week will pass unnoticed. Indeed, for the vast majority of Britons, the fact that foreign nationals who apply for residency will now be required to apply for identity cards may also pass unseen. But this is an important change, and one with which no Briton can be entirely comfortable.

For too long, this government has been wed to the idea of introducing identity cards, without elucidating a clear argument for so doing.

This paper has consistently argued that some form of standardised electronic personal identity management system would be invaluable to citizens, and their desire to safeguard online and physical transactions, without compromising their rights to privacy.

Yet the ham-fisted attempts to first impose an ID card on a sceptical public, followed by the latest ruse to sneak it through the back door, have undermined the project. The government’s lamentable record on looking after personal data has heightened public concerns about ID cards.

It could -­ and should -­ have been so different. Consumers are becoming more attuned to the importance of identity in this digital world. The technologies that may help protect individuals and provide a robust identity, such as biometrics, are gaining acceptance.

The use of biometric readers, such as fingerprint scanners, even iris readers, are no longer the preserve of James Bond movies. They have become a workaday part of many of our lives.

As is so often the case with government IT projects that go awry, it is not the technology that is to blame, but the quality of leadership. So even if the deployment of ID cards passes off without a hitch, the scheme is fundamentally flawed because of a lack of public support and the perverse decision to ignore the recommendations of the Treasury-commissioned Crosby study.

It is a shame that for some senior government figures it appears to be more important to dogmatically pursue this cause, rather than take the time to build a system in which we can all believe. It is not yet too late to introduce a workable system for identity management, but it is looking increasingly unlikely that it will happen.