The report also found that large organisations are still at high risk, with 93 percent reporting breaches in the past year. The average cost of the worst security breach for large organisations was between £450,000 and £850,000, and the vast majority of these were through cyber attacks.
While 81 percent of respondents reported that their senior management places a high or very high priority on security, many businesses leaders have not been able to translate expenditure into effective security defences, according to the report.
"Spending on cyber control as a percentage of an organisation's IT budget is up this year from an average of 8 percent to 10 percent, but the number of breaches and their impact is also up as well so it is clear that there is work to be done in measuring the effectiveness of the security spend," said PwC information security director Andrew Miller
Sign up for Computerworld eNewsletters.