One in seven large UK organisations was hacked last year and the annual cost to companies of security breaches now runs to billions of pounds, PricewaterhouseCoopers said this week.
The results of a government-backed study published by the consultants on Tuesday revealed a record level of hacking incidents affecting large organisations. It also found the average large organisation faces a 'significant' outsider attack every week, while small businesses face one a month.
On average, each large organisation suffered 54 significant attacks by an unauthorised outsider last year, twice the level in 2010, while 15% of large organisations had their networks successfully penetrated by hackers. The average cost of a large organisation's worst security breach of the year was £110,000-£250,000 and between £15,000 and £30,000 for a small business.
Chris Potter, PwC information security partner, said: 'The UK is under relentless cyber attack and hacking is a rising risk to businesses. The number of security breaches large organisations are experiencing has rocketed and as a result, the cost to UK plc of security breaches is running into billions every year.
'Since most businesses now share data with their business partners across the supply chain, these numbers are startling and make uncomfortable reading for business leaders.'
Universities and Science minister David Willetts, added: 'This survey showing the changing nature of the threats in cyberspace is a timely reminder for UK businesses to make sure their information systems are protected so they can take full advantage of the online world.
'The survey demonstrates why the Government is right to be investing £650m to improve cyber security and make the UK one of the safest places to do business in cyberspace.'
As well as hacking, the survey shows organisations are experiencing data protection breaches, data loss events and computer frauds - especially if they haven't invested in staff education.
More than nine out of ten (93%) of respondents from large organisations had experienced a security breach in the last year and 76% of small businesses. PwC said the most serious breaches resulted from combined failings in people, process and technology.
The survey also found that investment in security had continued to increase, despite the economic slowdown. Organisations spend an average of 8% of their IT budget on information security. Those suffering a very serious breach spent on average 6.5% of their IT budget in this area.
However, 12% of businesses said senior management give a low priority to security, and one in five spend less than 1% of their IT budget on information security.
Mr Potter added: 'Organisations that suffered a very serious breach during the year spent slightly below the overall average on security. The key challenge is to evaluate and communicate the business benefits from investing in security controls.
'Otherwise, organisations end up paying more overall. Given that most organisations take a lot of action after a breach to tighten up their security, scrimping and saving on security creates a false economy. The cost of dealing with breaches and the knee-jerk responses afterwards usually outweigh the cost of prevention.