The owners of many small and medium-sized enterprises (SMEs) mistakenly believe that they are less at risk of IT security attacks than larger organisations, according to new research.

Grant Thornton found that there is a belief among SMEs that the size of a company is directly proportional to the threat of IT attacks and breaches.

However, the company warned that this is simply not the case. John Dunne, IT security manager with Grant Thornton's risk management services practice, explained: "The threat to IT systems will always be one of the highest risks to any company, regardless of its size.

"Escalation of cyber terrorism, Denial of Service (DOS) attacks and the growth of spam, spyware and 'botnets' have caused companies, both large and small, with poorly secured networks and websites, to become a target."

Mr Dunne added that it was hard for SMEs to quickly improve their IT security systems, saying: "Obtaining high quality IT security does not happen overnight or 'out of the box'."

The increases threats posed by IT threats means that SMEs need to have disaster recovery systems in place in case their business is attacked.