Use the fine to help them become compliant
For my money, the ICO should get the power to appoint an auditor/advisor to oversee data breach offenders, helping/forcing reforms until they are compliant. Ideally a similar model to the court appointed auditor that Apple are fighting tooth and nail with at the moment.
If a company can shrug off £500K fines, perhaps an independent government employee doing rigorous penetration testing of their networks should send the requisite shivers down spines, especially when they realise the auditor could stumble across more naughty activity that they'd have a legal duty to report. As an added benefit the Directors would get a first hand taste of how important it is to protect data.