Around 41 percent of Chinese mainland and Hong Kong respondents reported that former employees were the most likely sources of internal breaches of security.

"The potential threat posed by former employees echoes a trend highlighted in our survey in which respondents claimed that four out of five economic crimes against businesses in Chinese mainland were inside jobs," said Sinn.

"Companies will give many workers privileged user-access tools, but implementation of key insider-threat safeguards is declining," said Chun Yin-cheung, a partner at PwC China's risk assurance practice in Shanghai.

"Compromises attributed to third parties with trusted access increased, while due diligence weakened."

The survey also showed that while many Chinese mainland and Hong Kong respondents reported that they currently had data protection policies in place, 84 percent of them increased their information security budgets this year.

But many companies admitted they still depended too heavily on law enforcement agencies for tipoffs rather than detecting incidents themselves.

"China has paid close attention to cybersecurity and enacted laws and regulations, but financial losses are difficult to quantify and increase the difficulty in the measurement of penalties," said Wu.

"To tackle the challenge, companies should ensure that their cybersecurity strategy is aligned with business objectives and is strategically funded, and they should identify their most valuable information assets and prioritize protection of this high value data," said Sinn.

"Companies should understand their adversaries, including the motives, resources and methods of attack to help reduce the time from detect to respond," said Cheung.

"They also need to assess the cybersecurity of third parties and supply chain partners, and ensure they adhere to your security policies and practices."

Wu said it would be wise for firms to collaborate with others to increase awareness of cybersecurity threats and plan their response tactics.