Over half of industries linked to national security have suffered politically motivated cyber attacks on their networks, according to a new Symantec study.
Only one-third of these critical industries "feel extremely prepared" for all types of attack - with the energy industry displaying the most confidence - while small businesses feel the least prepared, the research noted.
Respondents who had been targeted experienced an average of 10 attacks over the past five years, with an average cost of $850,000 to their businesses.
Forty-eight per cent of respondents expect attacks in the next year and 80 per cent believe the frequency of such attacks is increasing.
Some 90 per cent of respondents said they had engaged with their government's Critical Information Infrastructure Program, with 56 per cent being significantly or completely engaged.
Security training, awareness and comprehension of threats by executive management, endpoint security measures, security response, and security audits are areas that need the most improvement, according to the research.
Iias Chantzos, director of government relations for Europe and Asia at Symantec, said: "Security is about the people, process and technology [and] unless the process is in place to deal with things, you will always be vulnerable.
"[Organisations] should make sure that systems are protected, patched and in line with policies and have 24/7 monitoring."
The recent Stuxnet worm showed it may be possible for attackers to carry out a "first strike" through a cyber attack, he added.
"We can no longer live under the assumption that cyber security is about credit card fraud and spam. Governments will need to think of cyber security as an element of national security," Chantzos said.
Return to security news headlines
View Security News Archive