FAILURE to make broadband connections secure is costing Welsh business £42m per year, according to research by Star Internet.
The research suggests that firms using broadband DSL Internet connections are five times more vulnerable to security attack.
The cost to UK business as a whole is claimed to be almost £2 billion per year.
The research was undertaken for Star Internet by market analysts The Yankee Group.
It showed that the number of business broadband DSL lines grew almost fivefold in 2002 and is expected to grow by 150 per cent this year to around 510,000 lines.
Star Internet said this growth is driven by an understanding of the benefits that broadband can bring small and medium sized firms.
But while SMEs recognise the obvious value of a broadband connection, few realise the implications that DSL's always-on connection have for security.
The research stresses that for SMEs, always on means always vulnerable.
Firms that fail to take sufficient security measures are leaving the equivalent of the back door wide open, day and night, to hack attacks, email viruses and other security breaches.
Simon Jackson, marketing manager at Star Internet, said: "As the Internet and email has become critical to so many companies in Wales, the introduction of broadband has to be good news.
"But too many are falling prey to an 'always connected, rarely protected' trend that could lead to devastating losses.
"At the very least, online security breaches cost management and specialist IT consultants' time in dealing with problems.
"But the threat is potentially much more significant than that, with worst case scenarios including the breach of confidential information and the impact it can have on your image and reputation."
Graham Finnie, senior consultant at Yankee Group said: "A successful attack can be just as devastating as a fire or a burglary, but many small businesses do not fully understand the risk they are running."
Given the potential damage, Star Internet recommends that three core areas of security be addressed from day one: firewalls, virus detection and intrusion detection.
Firewalls provide perimeter protection to a company, validating the flow of information to and from a business and also blocking potential intrusions. Email borne viruses are a major problem for UK business and last year email security company MessageLabs had to stop one virus for every 212 emails.
Intrusion detection devices monitor and gather data on potential threats, identifying not only the source but also the point of an external attack.
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules hereComments are closed on this article