Almost 20 per cent of corporate PCs are infected with some form of malware, according to a report by threat protection company Damballa in its latest State of Infections report.
Furthermore, there was no correlation between size and infection, with large organisations - which ought to have better resourced IT and computer security departments - seemingly no better protected than small and medium-sized businesses.
"Company policies, more than company size, determined the cleanliness of any given network," claims the company.
One of the key threats, it found, was organisations allowing contractors and other third parties full access to their corporate networks, with administrative rights, in some cases, and not even restricting mobile devices. Such organisations were found to have higher than average malware infection rates.
Furthermore, ransomware malware has boomed this year, especially as a result of the Gameover Zeus Trojan, which encrypts PC hard drives and demands payment in return for the decryption key.
The network behind Gameover Zeus was busted in the summer following an international response, but the is already being re-built by its backers, believed to be in Eastern Europe - probably either Ukraine or Russia.
"We recommend that security teams work under the assumption that prevention is not fail proof, so the ability to automatically detect and accelerate the time to response is essential to minimizing risk," said Damballa chief technology officer Brian Foster.