Expect more intrusive IT regulation, security chiefs warned