It seems so, at least, from a finding in a recent survey of more than 600 full-time employees and 100 C-suite-level leaders at companies with fewer than 500 employees.

In the survey, conducted by Switchfast, an IT consulting and security outsourcing firm, 35 percent of the employee group, but a disturbing 51 percent of the executives, said they were convinced that their business was not a target for cybercriminals.

Such complacency with respect to cybersecurity is a notable risk, according to Switchfast. Calling the devil-may-care attitude a “common misperception,” the firm notes in its survey report that small businesses are prime targets for hackers because of their size.

Large companies make headlines when cybercriminals strike. At the same time, they have dedicated IT and security staff to vigilantly do battle with wrongdoers. That makes smaller companies more vulnerable.

“Negligent employees remain the number-one cause of data breaches at small businesses,” writes Switchfast — and here, “employees” means anyone who works for a company, including executives. “Seemingly innocent actions, like connecting to a Wi-Fi hotspot in a coffee shop or hotel lobby, can cause some of the [greatest] damage to a small business.”

Read more