Recently, there have been some concerns for the network control systems which have been built for the major closed national communication infrastructures in the Republic of Korea. In particular, the control systems used by the small- and medium-sized enterprises (SMEs) often did not consider much on the sophisticated internal or external threats such as hacking or identity theft when they were first developed. For this reason, SMEs have been constantly exposed to internal/external security threats posed by both internal and external attackers, while they are using their own internal business networks constantly stay linked to the external networks operated by their cooperating companies or institutions for the convenience of conducting business. Hence, the security of SMEs’ business networks is still vulnerable, but it is not easy to obtain the information from security officials about what are the actual problems they are facing. In this study, a method of strengthening the SMEs’ security capability is proposed, especially focusing on a framework to be used when applying big data. For the simulations, necessary data was provided by the SMEs who have experienced security threats in the past. An empirical analysis was conducted with such data, and a framework was designed accordingly. The framework was simulated in a test bed for adjustment. The demographic characteristics of the data providers were studied to ensure a more accurate analysis of the data. The frequency and reliability analysis methods were used together with the machine learning technique to measure the reliability of the data, whereas a factor analysis was applied the validity. Partial least squares (PLS) was used for the empirical analysis as well. An application to which these methodologies were applied was implemented with Java Android and will be provided to the security managers of SMEs upon completion. It is expected that the framework proposed in this study will be a useful solution for SMEs for their future computing needs.