According to a recently released study conducted by McAfee Avert Labs entitled "Does Size Matter? The security challenge of the SMB", most organizations believe that simply because they are not well known enough, they will not be targeted by hacker attacks. Just to put things in perspective, there are about 6.4 million SMBs (Small and Medium Businesses) in the US alone, and about 953,000 in neighboring Canada. The study surveyed a total of 500 such organizations and found that 52% of them do not take the matter of IT security seriously. Only 21% of said organizations actually realize that a successful attack could possibly put an end to their activities.

Jeff Green, Senior Vice President of McAfee Avert Labs says that to a cyber criminal, the size of a particular organization bears little influence as long as the attack is successful. As recent attacks have shown, it is the small and medium organizations that get targeted the most, because attacks on large organizations are detected more promptly. Hackers want their attack to go unnoticed, they want to be able to propagate their malicious software, and most of the times look to smaller businesses with not so tight security measures.

Out of the 500 respondents, McAfee has discovered that an overwhelming 92% believe Internet access is vital for the organization, but only 50% of SMBs take adequate security measures to protect that connection. In Spain for example, 50% of businesses the study took into consideration needed over one week to recover from an attack. Most of these attacks are successful because the default setting of the security solution put in place are never changed. According to Rick Jackson, Director of North American Small Businesses at McAfee, this practice may give the organization a false sense of security, but it "isn't enough given the complexity and ever changing security threats.

"Working on computers and accessing networked resources and the Internet are the life-blood of modern business, and anything that blocks access to electronic resources is crippling. Small and medium businesses lose roughly half of their revenue annually to security downtime. At medium organizations, spyware alone is responsible for a major portion of downtime costs at 47 percent and small organizations aren't far behind at 40 percent of downtime costs. Server malware is also a big problem for both of these groups," says Jeff Wilson, Infonetics Research.