While over half of large organisations experienced breaches in security, only 25% of small business experienced the same.
Controlling employee access to networks through personal devices can prove difficult with the recent phenomenon of BYOD.
Companies that put a BYOD policy in place can help avoid security and connectivity issues. Currently, only 20% of big businesses allow their staff to use their own BYOD tool kit in the office.
Tony Grace, COO of Virgin Media Business says there needs to be a change in mindset.
"Last year was clearly a bumpy road for companies introducing personal devices at work. That's natural enough as no-one has so far been able to come up with the magic solution. CIOs shouldn't see this as a burden and in 2013 they can take the lessons learned and turn these personal devices into business enablers to really help drive the bottom line.
In the run up to Christmas, it was predicted that a tablet would be sold every second. Many companies could see an influx of tablets and other personal devices received over the Christmas holiday.
Larger businesses without clear policies in place could encounter more security threats as more employees will use unsecure devices on company networks.
"With sales of tablets expected to have gone through the roof over Christmas, it looks like personal devices in the workplace is here to stay," added Grace. "But with just a fifth of large firms having a BYOD policy, businesses will continue to experience security breaches until connectivity, security and user policies are put in place."
Ed Macnair,CEO of SaaSID, told CBR that CIOs need to focus less on the device and more on securing their browser.
"Considering the doubling of tablet and smartphone sales over Christmas, it's not surprising that BYOD breaches are expected to increase in 2013," Macnair told CBR. "However, CIOs are trying to tackle the BYOD issue using mobile device management solutions. The problem with this approach is that it is device-centric and there are simply too many form factors nowadays.
"In a world where the use of Web applications is becoming second nature, organisations need to stop focusing on the device," he added. "They need to secure the browser: the interface between the user and the cloud. By managing Web application access through the browser, the physical device becomes irrelevant and CIOs regain control over who can access their company data, when they can access it and what users are allowed to do".