"Attackers are very sophisticated, and these are now very well-planned attacks," said Leo Cole, general manager for security solutions at Trustwave, a cybersecurity company. Hackers are after specific data and may first compromise the systems of a company's suppliers to gain access to the network of their prime target.
Trustwave released a survey Tuesday of more than 800 information technology professionals from around the world, and the findings suggest that companies are still not doing what they should to secure their intellectual property and customer data.
(Read more: Krebs on security reports from the Web underbelly)
Four out of five pros surveyed said they felt pressured to unveil projects before all the security bugs are out—and money is often the driver of the hurry-up attitude, according to Cole.
"Security is seen as something that will slow projects down, so they will roll those projects out initially without security," he said.
Such pressure may have played a role in the breach of Target's payment terminals, which were being upgraded in time for the busy shopping period. Its own employees express concerns about security vulnerabilities months before, according to the The Wall Street Journal.
At some businesses, bosses put too much faith in the cloud. Though virtual storage offers savings and flexibility, Cole said, it also comes with security issues.
Companies need to ensure that "they're getting advice on how to move into the cloud in a secure fashion," he added.