Yes, but you at least have the money and resources available to have better security. If you choose to squander those resources and not dedicate a large enough budget to your security department, that's your fault.

Small companies typically can't afford competent and professional security analysts, engineers, penetration testers, and auditors.