Computer crime now affects 90% of businesses, costing the UK a grand total of £2.4bn a year, according to the National Hi-Tech Crime Unit.
Despite this, 33% of the 200 organisations surveyed for the Hi-Tech Crime Unit said they did not carry out security audits.
Thirty-five per cent of organisations had no crisis management team to deal with incidents, and 33% had no formal risk assessment process.
Staff awareness of potential security risks was also patchy, the survey revealed. Only 28% of firms said their workforce was aware of security issues, although awareness rose to 64% for management and 92% for IT staff.
Most firms had anti-virus software and firewalls, but only 41% had implemented data encryption for laptops and other portable devices connected to their networks.
More than 70% believed they were investing sufficient resources to prevent computer-related crime, rising to 82% in the financial sector.
Eighty per cent said they intended to maintain their security budgets or spend more next year, rising to 95% in financial services.
Viruses, worms and Trojans were the most frequent forms of attack in 2004, with large firms being hit by an average of seven attacks a day. Larger organisations reported damage from virus infections on average once every three days.
Fifteen per cent of company systems had been used for illegal or illegitimate purposes, 14% had experienced denial of service attacks, and 10% experienced data theft. Just over 50% of attacks came from inside the company.
Nearly 66% of those surveyed said they would alert the police to a computer-related crime.
Cost of e-crime
Viruses, worms and Trojans £677m
Illegitimate use of company systems £46m
Equipment theft £384m
Unauthorised access £44m
Data theft £33m
Sabotage/damage to data £6mor networks
Financial fraud £622m
Telecoms fraud £77m
Cost to companies with more than 1,000 employees
Source:National Hi-Tech Crime Unit/NOP