From a hacker's point of view, larger organizations in the financial services sector may offer the biggest bang for their efforts considering the amount of sensitive data they transact, but SMBs lack the resources to protect their perimeters, said Symantec's Dean Turner, director for global intelligence network.

"Your small-medium business owner is the accountant, he's the CEO, he's the IT guy, the sales guy, the chief cook and bottle washer," said Turner. "And that's a lot on one person's plate."

Turner was referring to a recent report by Symantec entitled Report on the Underground Economy that discusses a thriving ecosystem of cybercriminals advertising and selling stolen data like credit card information and financial accounts to meet demand.

According to the report, credit card information is the most advertised category of goods and services in the underground with stolen data available for as little as 10 cents to $25.

Brian O'Higgins, chief technology officer with Ottawa-based intrusion prevention technology vendor Third Brigade Inc., said what makes SMBs a target is the lack of resources, expertise and awareness -- the "triple whammy." Yet, he added, SMBs, like enterprises, are also running transactions and servers that cybercriminals want to target.