Often the conversation about the security of technology systems is parsed in terms that suggest the biggest risk vector comes from small organizations without the IT budget to ensure good security. However recent high profile breaches from the likes of Target and Neiman Marcus has called this perspective into question. New research from security rating vendor BitSight would seem to back up the perception that larger companies in fact pose a real security risk.