Speaking at in Sydney, Klein & Co director, Nick Klein, told delegates that a number of companies who have contacted him after suffering a data loss did not have a data recovery plan in place.

"We ask them what happened to the computer that was used to steal information and find out they redistributed it to another staff member two months ago," he said. "Then we ask them what happened to the mobile phone and they say it was replaced."

In addition, companies had not saved backup data which could point investigators to clues as to what data the culprit had stolen.

According to Klein, the most important step companies should take is to develop a data breach plan.