What happens with smaller businesses is that they give in to the misconception that their site is secure because the system administrator deployed standard security products – firewalls, intrusion detection systems, or stronger authentication devices such as time-based tokens or biometric smart cards. But those things can be exploited.
– Kevin Mitnick