In the real world the security landscape can be a harsh environment. Hackers are using more sophisticated attack methods to penetrate networks and steal company data; social networks are being compromised and used to distribute malware, and instigate phishing attacks; and the proliferation of mobile and cloud applications are opening new vulnerabilities ripe for exploitation.

These vulnerabilities are equally true for small and mid-sized businesses (SMBs), but too often SMBs misjudge their level of risk exposure as it is often the big corporate security breaches and embarrassing data compromises that command media attention.

For every one of these big security breaches, there are probably dozens – if not hundreds – of breaches at companies with less than 500 employees. Businesses often wrap themselves in a false sense of security believing that they are not as interesting or valuable to hackers and cybercriminals. That belief is wrong.

What most businesses fail to realise is that they are dealing with the same treacherous security environment as those headline-hitting enterprise players and must be mindful to the threats posed by social networks, mobile devices, advanced persistent threats (APTs) and conventional attack vectors.