Companies all across the web are responding to a multitude of security threats by encrypting the web. Energy and resources are being expended to do the better thing and make their systems as difficult as possible to compromise. This is a great thing.
However, the small business usually doesn't have the resources or know-how to tackle these kinds of complex technology problems. The little guys don't know about encryption, Open SSL vulnerabilities, two-factor identification, or risk assessment. That makes small business substantially more vulnerable to attack and compromise: their IT systems are easier to hit and exploit by comparison.
I'm spending a great deal of time this quarter talking security with my clients. I'm making a slew of recommendations to improve their defensive posture. It's the right thing to do. It'll help provide a reasonable deterrent and make them less vulnerable as low-hanging fruit. If you have concerns about the state of information security in your small business, give me a call. I'd be happy to talk about practical, low-cost approaches to address these problems.