“SMEs have to realize that just because they are small, it doesn’t mean they won’t be targeted. Bad guys target wherever they can get money. Individuals working on peer-to-peer networks often don’t realize they’re sharing the whole contents of their drive. You can find Homeland Security vulnerability assessment documents online from employees (using P2P).”
However, Schmidt said that SMEs will eventually start using managed software security services, with third-party providers managing both low-cost application level security and end-point hardware. They want automatically self-healing and self-configuring software,” said Schmidt.
Small businesses must take security into account in their planning and decide whether to outsource security, invest in training or allocate more resources. If a small enterprise does have a full-time IT manager, that manager should become familiar with security standards such as ISO 17799, he said.
McMurdie said that computer security should follow common-sense procedures.
http://news.com.com/Small+companies+ignorant+of+security/2100-7355_3-6137381.html?tag=ne.fd.mnbc