Forty per cent of small and medium businesses vying to win defence contracts are being rejected because of lax cyber-security practices, prompting a new joint campaign to lift standards across the industry.

Warning that some firms have already been targeted, the Defence Department and Australian Industry Group will release on Monday a new guidebook for SMEs to help them gain a greater understanding of government requirements across cyber security, securing their premises and hiring personnel to handle classified information.