A recent survey of public and private UK organisations has revealed that nearly two thirds are not planning to change IT spending priorities in light of the data loss at HM Revenue & Customs.

IT security firm Check Point found that under half have deployed data encryption, and fewer than 40 per cent have any endpoint security deployed on PCs, laptops and mobile devices.

The email survey showed that the majority of respondents believe their company to be secure against data leaks, and just 11 per cent believe that a highly publicised loss of personal data would influence their IT spending priorities.

The research also showed that business PCs, laptops and mobile devices are vulnerable to threats from malware as the majority have no endpoint security to protect against unauthorised access or malware.

Interestingly, 73 per cent of respondents said that their organisation's IT security policy includes data protection guidelines such as the use of USB drives for transporting data.

"It is worrying that a majority of companies feel safe against data loss, yet over half do not have basic security measures in place to stop the type of employee behaviour that caused the leak at HMRC," said Nick Lowe, regional director for Check Point in northern Europe.

"Securing any kind of sensitive data must be automated so that employees cannot alter or stop the security processes.

"Organisations have to protect their data, themselves and their employees against the risk of data leaks, and automation is the only way to do that."

According to the report, 85 per cent of companies strongly agree with mandatory notification of affected parties in the event of a data breach, as is the law in most US states.