Web 2.0 technologies, such as Facebook, MySpace and Twitter, are a major security concern for businesses, according to research by Deloitte.
A survey of 200 technology, media and telecommunications firms shows 83% view the exploitation of vulnerabilities in Web 2.0 as a significant threat .
"In some cases, employees unintentionally release sensitive information without realising the consequences," said James Alexander, partner in Deloitte's Security and Privacy Team.
"In other cases, employees may be using social networks and the internet for illicit activities that reflect badly on the company. Either way, the company could ultimately be held responsible," he said.
The research revealed 41% of the technology, media, and telecoms companies surveyed have experienced at least one internal security breach in the past year.
By contrast, among financial institutions which have to comply with strict governance regulations, 27% said they had experienced a security breach.
The survey shows that the firms questioned have significantly reduced their spending on security and privacy this year.
Some 32% have reduced their information security budgets. Sixty percent believe they are falling behind or still catching up with security threats.
Businesses are under pressure to drive unprecedented levels of cost and efficiency, said Alexander. But he warned companies that underinvest in security may find themselves vulnerable to increasingly sophisticated attacks.