Not every company can afford a security executive. Even if you're from a large company with a chief security officer and full security staff, you know this from working with companies who don't have that luxury. And if you're from a smaller company, then you know that you face the same threats the big guys facemalicious code, piracy, counterfeiting, identity theft.But when a small or midsize business faces a real and serious threat, without a full complement of security staffers, an executive leader and a considerable security budget to fend it off, what is that company to do? Pierre Corneille, a 17th century French playwright once said, "Flee an enemy who knows your weakness," and some companies will, understandably, do just that.But a few brave people at a few small businesses have a different reaction. They decide to fight back, to play the role of CSO themselves, with help from law enforcement and others, in an attempt to stop the steady flow of attacks on their businesses. They make loose calculations in their heads that a little more pain and cost now could lead to a lot less later on, if they can just break the cycle.Here we present three of those stories, each focusing on a different threat and a different reaction to the threat:Peter Capolino, president of Mitchell & Ness Nostalgia, which makes popular\u2014and popularly counterfeited\u2014pro-team jerseys, had enough with fakes being sold on eBay, so he turned his administrative assistant into an anticounterfeiting crusader.The network administrator at a healthcare company that suffered a three-day network outage due to a denial-of-service (DoS) attack didn't have the resources to fight back. But then during a sales pitch by a security vendor, he got an idea.Finally, at US Digital Media, Alane Pignotti wanted to stop the diversion of her blank CDs and DVDs to pirates. So she set up a sting operation.All three stories provide valuable insight into how small and midsize businesses can fend off security threats, what kind of mind-set it takes and what those businesses can hope for as a return on their investment in Doing the Right Thing. We'd love to say that the ROI is obvious, that all three of these stories have fairy tale endings with the good guys coming out on top and the bad guys vanquished, but security (or life) doesn't work like that. So is the decision to fight back noble or quixotic? Smart business or a huge risk? Worth it or not worth it?Ask these three and they'll tell you: All of the above. Here are their stories...The Battle of the eBay CounterfeitersA look at how a small Mom-and-Pop operation took the offensive against criminals who were stealing their media products.Counterassault: Ending a Denial-of-Service Nightmare After daring a security vendor to prove his product worked, one network engineer ends up with a global solution for a denial-of-service attack. Tackling Piracy, ID Theft and Fraud\u2014All at OnceMitchell & Ness deals with Asian counterfeiters, then stops thousands of fake eBay sales dead in their tracks.