Experts from several security firms, including Symantec, McAfee and The Boston Consulting Group, feel that the focus on securing “large retailers” and big corporate entities from the threat of cyber attack is inviting increased opportunity for criminals to reach into the vulnerable and ill-prepared “small to mid-sized businesses“, according to a recent article published by NBC News online.
The article indicates that smaller businesses are “particularly vulnerable because cyber-criminals know they likely spend less to protect their digital information and infrastructure” since they might not have the financial ability to keep up. As the article states, the level of security at a smaller business may prove to be a bit “static” leaving their systems with no way to “evolve” and “keep up with criminals’ newest tricks.“According to the article, Symantec’s 2013 Internet Security Threat Report informs that in that year “31 percent of all attacks were aimed at companies with less than 250 employees.”
John Rose, a security expert and senior partner at The Boston Consulting Group, was quoted in the article to say that security and data breaches are currently taking place “among smaller employers.” The article went on to quote Rose to say, “It’s not happening with any lower frequency than the Targets you’re reading about.” Pat Calhoun, senior vice president at McAfee, was also quoted in the article to say, “Security is a dynamic environment. It’s not just a single firewall and you leave it alone.” These unprepared, “static” security placements, according to the article, “attract cyber-thieves because those stagnant systems allow criminals to more easily nab personal data — then slip away undetected for as long as possible.”
Read more in the full article at NBC News about the concerns for small to mid-size businesses and how the recent attacks on the larger retailers like Target should be an example of what could be in store for these smaller organizations.