A leading industry expert has warned that most small to medium-sized enterprises do not understand the full range of security threats their computer systems are exposed to.

Tony Neate, managing director of Get Safe Online, acknowledged that the majority of SMEs now have adequate measures in place to protect themselves from traditional threats such as viruses - but he said more advanced attacks continue to pose a real and present danger.

He emphasised how unprepared small businesses could increasingly find themselves in need of disaster recovery services as malicious groups exploit newer concepts such as phishing, malware, spam and spyware attacks.

Commenting in particular on the risk posed by spyware programmes - which surreptitiously install themselves on a PC before relaying personal information to advertisers and criminal gangs - Mr Neate advised SME managers to verify the scope of protection their security software offers.

"Over 90 per cent of small businesses now have got firewalls and anti-virus but not so many have got anti-spyware," he noted. "Some people don't realise the difference between anti-virus and anti-spyware, which is an issue."

Research for Connect in 2007 found that 88 per cent of UK businesses were interested in Disaster Recovery systems primarily to protect their critical applications and data.