The data breaches at Target and Neiman Marcus have expanded, as millions of consumers' personal information has been stolen. Large retailers naturally are paying more attention to securing data, but the threat may be heightened for small to midsized businesses.
Smaller ventures are particularly vulnerable because cybercriminals know they likely spend less to protect their digital information and infrastructure. Cheaper security measures also tend to be static, meaning those systems don't evolve to keep up with criminals' newest tricks.
It's not like small businesses haven't already felt the wrath of breaches before. Last year, 31 percent of all attacks were aimed at companies with less than 250 employees, according to Symantec's 2013 Internet Security Threat Report. Data breaches "already are happening among smaller employers. It's not happening with any lower frequency than the Targets you're reading about," said John Rose, a security expert and senior partner at The Boston Consulting Group.
"Security is a dynamic environment," said Pat Calhoun, senior vice president at McAfee, which is part of Intel and offers security solutions. "It's not just a single firewall and you leave it alone." Less ambitious, fixed security measures in turn attract cyberthieves because those stagnant systems allow criminals to more easily nab personal data—then slip away undetected for as long as possible.