The severity of IT security breaches is increasing, according to a new study.

The Computing Technology Industry Association (CompTIA) found that there were actually fewer security breaches last year, but that the severity of those that did take place had doubled.

This data was compiled from the feedback of 1,000 professionals working in the IT field, and showed that more than a third (34 per cent) of organisations had reported a major security breach last year.

That was down from 38 per cent in 2005 but the average severity had risen from 2.3 out of ten to 4.8.

"We are making real progress at reducing the number of breaches, but the threats are becoming more sophisticated," Brian McCarthy of CompTIA told PC World.

The main security threats identified were spyware, viruses, abuse by authorised users and a general lack of user awareness.

Separately, Equifax warned that businesses face a risk from phishing attacks and identity fraud.

Research for Connect in 2007 found that 88 per cent of UK businesses were interested in Disaster Recovery systems primarily to protect their critical applications and data.