Three out of five businesses across Australia, France, Germany, Italy, the UK and the US expect to have their data breached this year, a new study suggests.
Around half of 600 senior IT decision-makers around the world – polled by identity management firm SailPoint – reported a breach in 2016, while nearly a third said they probably would not know if they had been breached.
The average cost of a data breach at a major company was £3.1m ($4m) last year, although the average amount is much smaller for a UK business at £660,000.
Some 35% of the surveyed firms said they suffered two or more breaches in the last 12 months.
The study comes days after the WannaCry cyber-attack infected more than 200,000 computers in 150 countries, disrupting governments, businesses and healthcare systems.
"This year's Market Pulse Survey highlights that the conversation is clearly changing as organisations consider how to mitigate their risk – or minimise their exposure when a breach happens," said Juliette Rizkallah, chief marketing officer for SailPoint.
"This is a positive change, as fostering open conversations and best practices will only benefit these organisations when they find themselves in the unfortunate position of being breached."
Half of the survey respondents said they were concerned about proper visibility into who has access to what across their corporate network, while four out of five respondents viewed having strong identity governance as central to their corporate security programme.
"There is a silver lining to our report. It's clear that now more than ever before, organisations better understand what – and where – their risks are, and that identity management can help address those risks," Rizkallah said.
Identity management would ensure that only the right people have the right access to applications and data at the right time, she added.
NHS services were badly affected after the WannaCry computer virus struck on 12 May, with some surgery and GP appointments being cancelled in the aftermath.
The virus took control of users' files and demanded a payment of £230 to unlock them.