The research also showed that business PCs, laptops and mobile devices are vulnerable to threats from malware as the majority have no endpoint security to protect against unauthorised access or malware.
Interestingly, 73 per cent of respondents said that their organisation's IT security policy includes data protection guidelines such as the use of USB drives for transporting data.
"It is worrying that a majority of companies feel safe against data loss, yet over half do not have basic security measures in place to stop the type of employee behaviour that caused the leak at HMRC," said Nick Lowe, regional director for Check Point in northern Europe.
"Securing any kind of sensitive data must be automated so that employees cannot alter or stop the security processes.
"Organisations have to protect their data, themselves and their employees against the risk of data leaks, and automation is the only way to do that."
According to the report, 85 per cent of companies strongly agree with mandatory notification of affected parties in the event of a data breach, as is the law in most US states.