Key findings from the survey of some 1,000 companies include:
Three quarters of businesses that reported system penetration rated it as their worst security incident of the year (worse than, for example, virus infections);
The main concerns were not so much financial loss or service disruption, but the time spent on investigation and remedy - a quarter took between two and 10 man-days of effort;
Firewalls were the main line of defence against intrusion, with more than three quarters of businesses using one, although in 50% of the cases, this was their only defence;
Around half of all businesses have their websites hosted externally and so rely solely on their provider for security, yet worryingly many were unaware of what defences those providers had against attack;
Yet, despite increasing network security incidents, businesses remain largely satisfied about the effectiveness of defences, with 72% expressing confidence in their ability to detect or prevent security breaches;
But this confidence may be misplaced because many organisations do not test their network security, although larger organisations are tending to use more tools to scan their systems for vulnerabilities;
Businesses that carry out these checks reported more attempts to probe their website security but also said they had suffered less actual penetration of their systems by outsiders.
Andrew Beard, the PwC advisory services director involved in the survey, said:
"The survey findings point to a real concern that businesses without the right monitoring and intrusion prevention processes in place may have a false level of comfort. Scanning and hacking activity may not be detected until it is too late to react."
The full results of the PwC and DTI biennial Information Security Breaches Survey will be launched at InfoSecurity Europe in London, 27th-29th April.