Considering the number of viruses, denial of service attacks and phishing, one would expect companies to have documented security policies.

Well think again. 47% of the top 350 UK companies do not have an Information security policy. In many cases, (71%) the security policy is drawn up by the IT department.

The survey was commissioned by IT services company LogicaCMG. 20% of the 350 companies took part with their senior executives being interviewed.

A security breach would have a significant impact on the share price according to 83% of investors. 68% of investors went so far as to say that a company's security would be a significant factor in deciding whether to buy the shares.