In a joint Oracle and Inc. study, the leaders of the fastest-growing companies in America were surveyed about the qualities that made them personally successful, the reasons for their businesses' success, and their plans for the immediate future.

The results? It all comes down to sales, talent, and explosive growth.

On the other end of the spectrum, these business leaders did not feel that "managing security" and being "tech savvy" were key factors to their success.

What does this mean for small and medium businesses (SMBs)? Well, it means that they have put security on the back burner--and they do so at their own peril.

Forty-three percent of cyber crimes are directed at small businesses. Criminals know that SMBs--while offering smaller payoffs--are easier targets than big businesses. As the survey highlights, business leaders are not focusing enough on keeping their systems and data safe.

Here are just a few reasons why it's time to start seriously focusing on security:

1. Cyber crime is much more than just an annoyance.

While some business leaders feel like they're doing their jobs by simply backing up their data, they're in for a big surprise.

Cyber criminals aren't just interested in making mischief. They are thieves. They steal personal identity information, rob bank accounts, file fraudulent tax returns and pocket the refunds, and commit insurance and Medicare fraud.

According to the National Small Business Association, the average attack resulted in $32,000 missing from the business' accounts. Other estimates put the number closer to $87,000.

In addition (and even more troublesome), the National Cyber Security Alliance found that 60 percent of small companies victimized by cyber attacks go out of business within six months.

2. Without the right insurance, you can be put out of business in a hurry.

Small business leaders hate taking on new expenses, but investing in cyber insurance just might be the smartest investment SMB executives can make.

Cyber and privacy policies cover a large number of damages caused by an attack. These include:

  • Fines and penalties
  • Loss resulting from identity theft
  • Notification costs
  • Credit monitoring

When you are talking about the extent of potential liabilities, this kind of insurance, no matter how painful the premiums, is worth a line item in your budget.

3. Your mobile devices are ripe for the picking.

The use of mobile devices is way ahead of efforts to secure them. Even if you have great security protocols in place at the office, many businesses fail to provide the same level of security for employees using phones and tablets. These devices not only contain valuable data but are used to access data held in company-owned systems.

When it comes to mobile, there are significant security holes. Phones are stolen. Phones are lost. Employees can open the wrong email (phishing), which allows malware to invade their operating system and compromise their (and maybe your) data.

If you're not focusing on security, then you're not doing things like:

  • Educating your employees about cyber/data security
  • Establishing stringent password requirements
  • Utilizing biometrics (fingerprint identification)
  • Banning "remember me" from any account (in case of theft)
  • Avoiding free Wi-Fi (most lack real security, so spend a bit more on your data plan)
  • Installing anti-virus protection

4. Not all cloud providers are created equal.

When you put your data in the cloud, you put your faith in your cloud provider's ability to secure your data, customer information, employees' personal information, and so much more.

That can be huge leap of faith. When vetting a potential cloud vendor, ask yourself, "Am I more confident handling my own security, or do I feel my cloud vendor is better equipped to protect my valuable data?"

It is critical to discover what your vendor is doing in terms of security. Among the things to investigate:

  • How many employees are working exclusively on security?
  • Which clients have put their trust in the provider?
  • What has been the provider's history with breaches?
  • How is my data going be stored?
  • Will my data be co-mingled with other clients' data?

There are all kinds of "Johnny-come-lately" cloud providers out there. This is one business decision that should not be made on the cheap. When it comes to security, you truly do get what you pay for.

5. The bad guys are coming up with more diabolical ways to hack every day.

Ever hear of Carbanak, Equation, GRABNEW, or Darkhotel? These aren't the names of rock bands. These are just four of the more recent cyber attacks that have been devised by cyber criminals.

By 2019, cyber crime is projected to be a $2 trillion business annually. At some point (if they haven't already), cyber criminals are coming after you. Will you have done enough to protect your data? Have you put your data in the hands of a provider that can stay a step ahead of the bad guys?