A new survey of IT professionals suggests that external hackers have very little to do with corporate data leaks.

The survey, which was commissioned by IT software and services provider Compuware, found that data breaches at companies are caused by staff in 75 per cent of cases, compared to just one per cent by outside hackers. Overall, 79 per cent of US companies suffered at least one data breach last year.

"Enterprises must recognise that simply trusting employees will inevitably prove detrimental to their security, their risk postures and their business interests," wrote Perry Carpenter, a research director at Gartner.

"A mixture of tried-and-true security practices, security awareness, and low and high-tech toolsets will provide the most effective and comprehensive defence against the insider threat."

Overall, 41 per cent of breaches occurred on mainframes, which raised serious concerns since 80 per cent of the world's data is stored on such systems.

The survey interviewed 3,596 IT professionals in the US, UK, France and Germany each with an average of nearly nine years' experience.

The US led in the incidence of data breaches, followed by France at 63 per cent and the UK at 55 per cent. Only 39 per cent of German companies suffered breaches last year.

Hacking was slightly more prevalent in the UK, accounting for three per cent of breaches compared to 37 per cent by malicious insiders and 63 per cent by negligent insiders. Interestingly, 25 per cent came from outsourcing suppliers.

The survey also highlighted a distinct lack of accountability for breaches within companies.

Over half of those questioned said that no single person was held to account over breaches, and that the chief information officer took the blame in just 25 per cent of cases.