The number of cyber-related security incidents increased 48% to 42.8 million last year, according to a PricewaterhouseCoopers (PWC) worldwide survey.

The average financial loss from breaches grew 34% to $US2.7 million ($3.1 million), while the number of organisations reporting financial hits of more than $US20 million ($22.7 million) nearly doubled, the Global State of Information Security Survey shows.

PWC Australia National Cyber Leader Steve Ingram says despite greater awareness there is still complacency about cyber threats, with global information security budgets dropping 4%.

“We know it can cost much more to remediate cyber incidents than prevent them, so it seems counterintuitive that organisations would choose to invest less overall.”

The number of detected cyber incidents has increased at a compound annual rate of 66% since 2009.

Large organisations with gross annual revenue above $US1 billion ($1.1 billion) detected 44% more incidents last year, while organisations with revenues from $US100 million ($113.9 million) to $US1 billion recorded a 64% rise.

“Mid-tier companies are now the weak link and are coming in for increased attention from cyber criminals, because larger organisations have implemented more effective security measures,” Mr Ingram said.

High-profile attacks by nation states, organised crime and competitors remain among the least-frequent incidents, but they are the fastest growing.

Reports of cyber attacks by nation states increased 86% globally and 24% in Australia, with incidents most likely under-reported.

Incidents attributed to current employees increased 5% in Australia compared with 10% worldwide, while hacks by current and former service providers, contractors and consultants fell 17-19% here compared with a global rise of 15-17%.

About 67% of New Zealand survey respondents plan to increase their security budgets in the next year.

“New Zealand organisations were above average in developing a cyber-security strategy, but poorer when it comes to executing it,” PWC partner and Cyber Practice Leader Adrian van Hest said.

The survey’s results are based on responses from more than 9700 security, IT and business executives in more than 154 countries.