Boston Business Journal, By Chris Doggett, Kaspersky Lab North America
There's nothing small about "small" business. According to 2010 data for Massachusetts, there were nearly 135,000 businesses that employed fewer than 500 employees.
Compare that to the number of businesses with more than 500 employees – approximately 3,000 – and you see that small businesses account for a staggering 97 percent of all employers, and employ 46 percent of the private-sector workforce.
Now let’s look at these businesses through the lens of IT and data security: Approximately 72 percent of the 855 data breaches analyzed by Verizon in 2012 were at companies with 100 or fewer employees. This is the case for two main reasons:
1) Like all predators, cybercriminals set their sights on the weakest targets – small businesses often lack the budget, staff and sophistication to assemble strong defenses, making them an easy target where the chances of thieves getting caught is much lower.
2) No company is “too small to be worthwhile” for the bad guys – while many don’t offer enormous paydays for criminals, even small companies have valuable intellectual property, access to financial resources, and in most cases, customer data that can be easily sold or used to commit additional crimes.