UK firms are not only unprepared for hackers but have little comprehension of the way the latest attacks are mounted.
The need for greater awareness of potential security problems accompanies the shift towards greater mobile working, which threatens to leave companies even more exposed to web criminals.
"Businesses are facing a big problem. A firm's internal systems are accessible from so many different devices including personal phones and other mobile devices and we have more or less lost the battle of keeping those devices secure," said Philippe Jan, a cyber security expert and lecturer at Lancaster University.
Speaking at a roundtable organised by UKFast he added that the fenced-in network had become a thing of the past.
"Now, that fence has been blown away. The last frontier, the last battle we have to win is the one to protect the actual data," he added.
Tony Richardson, a data protection specialist, said that an individual record or name was worth £1,000 in the cyber community and more had to be done to get the issue higher up on the corporate agenda.
"Security awareness needs to be brought to the table. Unfortunately very few businesses, even in the corporate sector, pay any more than lip service to it. We can keep throwing technical solutions at this problem but it's the education, or rather the lack of it, that needs to be addressed," he said.
The requirement for the channel to provide greater user education was a theme of the debate and Dave Whitelegg, from ITSecurityExpert.co.uk, said that the hackers were able to exploit the lack of defences put up by firms.
"Most of the hack attacks are very simple, they've been around for over a decade yet businesses are still falling victim to them because they are ignoring the need for education amongst their staff," he said.