"More malicious codes are knocking on the door," Nick Engleman, CA's business development manager for security, said.
The figures are based on the response of computer security specialists from 180 companies -- small to large enterprises -- and represent 182,287 PCs and 7304 servers, according to Jonathon Wettin, a CA market researcher.
CA claims the research represents 7 per cent of the Australian computer-using workforce.
Moreover the research suggests 45 per cent of Australian businesses feel virus problems are getting worse, up from 20 per cent of organisations in 1999.
"(Businesses) blame email and the web," Peter Waterhouse, CA's national business manager, e-business infrastructure, said.
They have good reason to be pessimistic. Email and the internet are the source of 71 per cent of infections, Waterhouse said.
"Ignorance is not bliss," he said. "Forty-five per cent of infections are not recognised by businesses."
The report said 32 per cent of organisations surveyed could not accurately detect if their system had a virus.
CA speculates that 84 per cent of large businesses and 64 per cent of small businesses were hit by the I Love You Bug, with no contingency plan in place.
Australian businesses have been lazy and "reactive" to virus threats, Engleman said. Companies need to move to a "proactive, predictive state", he said Waterhouse suggests Australia has a poor record in recovery time. "Fifteen per cent of organisations (surveyed) took days," he said. "That's not quick enough for businesses and certainly not quick enough for the community."
Waterhouse added that we only have ourselves to blame. Only 20 per cent of businesses CA surveyed updated their antivirus software one a month, or relied on a prompt from their suppliers, he said.
Seventy-three per cent of viruses have a detrimental effect on business and e-business operations, Waterhouse said, citing deleted files and man hours lost in post-attack labour as typical complaints in the I Love You bug aftermath.
Engleman believes the challenge for the courts against virus-makers is the "contentious" task of proving intent.
"(Penalties could) infringe on personal freedom," he said. "It's fine to write the (virus), but not to spread it."
Engleman added, "It's difficult (for the law) to cross the barrier of what people are doing on their home PC and in big business."