Few companies have the proper audit trails in place to get convictions against hackers, according to security firm NTA Monitor.
The company claims that its research shows firms failing to maintain log files adequately - and in some cases not bothering to switch the logs on at all.
Roy Hills, technical director at NTA Monitors, said companies do not turn on their logs because traffic gets monitored elsewhere, and because it uses up too much disk space.
"Other companies do log, but don't keep the records long enough," he added.
"I've seen several huge corporations where the log files are overwritten every 30 minutes. If they were attacked, there would be no record of what had happened.
"Then there are the people who are logging but not getting it right - like storing the information on public folders that hackers can access and easily cover their tracks."
Companies also forget time synchronisation, said Hills. A serious incident is likely to involve several different systems, but companies cannot piece together what has happened if they are unable to track from one log to another.
The Home Office is to review the existing Computer Misuse Act to see if it still provides enough protection against hackers and other problems.
But Hills said: "Most companies won't be able to supply the evidence needed to secure convictions, meaning criminals will get off scot-free despite any change in law."
'Sunlit wet sidewalk' provides evidence of methane rainfall on the north pole of Saturn's moon Titan
Methane rainfall indicates the start of the summer season in Titan's northern hemisphere
Scientists believe there could be other hydrides or superhydrides with super conducting properties
Resetting the telemetry circuits and associated boards brought the instrument back to operations mode
Fortnite news and updates: Flaw in Fortnite authentication could have helped attackers steal player login credentials
Attackers could have used Fortnite security flaw to buy in-game currency on players' stored credit cards