Businesses are failing to secure their Wi-Fi and VoIP networks adequately, leaving themselves open to growing security threats.
IT body the National Computing Centre (NCC) is warning that, although organisations are addressing IT security generally, through virus protection, spam blocking and firewalls, newer technologies are being neglected.
The NCC research found 40 percent of respondents either haven't secured their wireless network at all or have done so only partially. Just 15 percent have VoIP security in place.
VoIP networks are potentially open to phishing (or "vishing"), spam and denial-of-service attacks and could be increasingly targeted by hackers, according to the NCC.
Stefan Foster, managing director of the NCC, warned that Wi-Fi networks are attracting a growing amount of attention from fraudsters. He compared running unsecured Wi-Fi to locking the front door in a house but leaving the windows open.
Companies are more alert to the risks posed by high-capacity USB sticks, with three-quarters of respondents saying they recognise the risk potentially posed by the devices. But only 11 percent have actually introduced controls on their use.
Despite the internal security threat from employees, a quarter of respondents dismissed formal security training as not relevant.
The research also found that close to two-thirds (60 percent) of organisations employ IT staff dedicated to security, although these tend to be larger companies.
The research is part of the NCC Benchmark of IT Strategy 2007 report, which looks at current trends in IT strategy in 190 end-user organisations.