According to security software maker, Symantec, 43 percent of all cyber attacks in 2015 targeted small businesses. This makes sense when you apply the law of the jungle. Predators go for the easy prey. Small businesses often operate on shoestring budgets, which means they focus their resources on the most immediate and urgent tasks, like selling products and customer support. But in the competitive internet enabled world, they need on-line exposure. So they advertise with Google. They use email and instant messaging. They might have web sites, blogs, and links to and from other vendors. Tom Desot, CIO at Digital Defense Inc., estimates that a company with 30 to 50 employees might have an initial expense of $50,000 to properly secure all its computing platforms. After that employee training and ongoing system updates can add thousands of dollars in annual costs.

With their resources prioritized at generating business, many choose to forgo the expense of the security necessary to protect their on-line presence. So on the one hand they’re jumping up and down in the virtual world screaming, “Here I am!!”, on the other hand they leaving their cyber doors unlocked 24/7. This makes them easy (and obvious) targets for cyber predators. Something as simple as an unwitting employee opening an email attachment that appears to be a legitimate message from a bank, a credit card provider, or even the boss, can usher in the hackers. And make no mistake, gone are the days of hacking for fun or bragging rights. Hacking today is big business.

Once hackers gain access to computers, they can use them for their own purposes, often without the knowledge of the owners. For example, Rick Hogan, CEO of website design company Bleevit relates the story of one of his clients, a family owned restaurant business. After the restaurant’s website was hacked, the criminals created additional pages and filled them with pornography. These pages showed up in search results and damaged the restaurant’s reputation. The intrusion went on for months because the owners paid little attention to the website. Even after the intrusion was discovered and cleaned up, the damage persisted. They couldn’t put a link on Facebook for six months because the site address was flagged as pornography.

Now which do you suppose cost more, the upfront security or the loss of sales, damaged reputation, and cost of cleanup?