More than one in ten (13 percent) UK firms don't have security software installed on their company computers, says Panda Security.
According to the security firm's 'International Barometer of Security in SMBs', more than half (57 percent) of these firms believe security software isn't important.
Furthermore, 14 percent of those firms that do have security software have failed to keep it up-to-date. Panda said UK firms are the worst offenders when it comes to updating security software out of 20 European countries surveyed. The European average of firms failing to keep security system current is just four percent.
Despite the number of companies using antivirus software in the UK rising compared to last year, Panda said 46 percent of firms said they had experienced a virus, compared to 38 percent in 2009.
A third of these infections came from surfing the web, while USB devices were also responsible for a third of infections. Email and peer-to-peer (p2p) software accounted for 16 percent of infections.
The majority of UK firms spent the same on PC security this year, compared to last year. However, 15 percent of firms claimed their investment in security had significantly increased. Meanwhile, investment in security training continues to be low with 46 percent of companies admitting to not training staff even in basic IT threat avoidance.
"The barometer shows that there is still a long way to go in educating people about the importance of having comprehensive security on their desktop," said Luis Corrons, technical director, Panda Security.
He said it was alarming that a "high percentage of users are failing to update their security systems".
"It's extremely important to keep all security systems up to date to ensure that known vulnerabilities are properly patched. Users that don't apply the security fixes released by manufacturers run the risk of being targeted by cyber criminals, as these security holes can be used to infect or infiltrate systems."