The cost to businesses of a single bug or virus attack can be as much as £66,000, research has revealed.
The estimate, contained in a report from analyst firm Datamonitor, comes as users face threats from the latest flaw in Microsoft Internet Explorer and the "Mary" e-mail bug which tempts users with porn.
Users are still waiting for a patch from Microsoft to prevent Explorer from downloading damaging code from hacked websites. This code, in turn, allows users’ desktops to be hacked remotely.
Analysts at Datamonitor surveyed 55 companies around the world of all sizes to find out how much such attacks can cost. Of the companies questioned, only 18% had not suffered any form of security breach.
Of those who had suffered, 72% said bugs or viruses were the most costly. Excluding the firms who would not reveal the exact financial loss, Datamonitor said 11% had lost more than £66,000 from a single incident, and 43% had lost more than £5,000.
Based on the overall findings, Datamonitor estimates the most serious incidents can cost an average of £26,000 compared with an average annual cost of breaches of £27,000 - meaning just a single incident can cause widespread damage to businesses.
Datamonitor siad these figures correspond to those from a survey carried out by PricewaterhouseCoopers, a professional services firm, and the Department of Trade and Industry and the DTI in the UK, which estimated the annual cost of security breaches to be £30,000.
However, firms should not solely come to rely on security systems to tackle the threats, advised Datamonitor.
For example, they should educate staff not to open suspicious attachments, as infected ones can cause the most damage. In addition, firms should take the patching of systems with the latest security updates more seriously.
"Organisations that do not put enough resources into IT security because they do not believe they are at risk are putting their heads in the sand," said Ian Williams, analyst at Datamonitor and report author.
"Even if hackers do not directly target you, that does not mean that you will not suffer a security breach costing several thousand dollars."