Objective: This study assessed the security vulnerability of the U.S. small companies' business-to-consumer (B2C) e-commerce network systems. Background: As the Internet technologies have been changing the way business is conducted, the U.S. small businesses are investing in such technologies and taking advantage of e-commerce to access global markets and compete with the large companies in their industries. While e-commerce activities have become popular, cyber attacks to the e-commerce sites are also on the rise. Therefore, a need exists for a security vulnerability assessment of the U.S. small companies' e-commerce sites. Method: The study used a combination of three methods--Web content analysis, information security auditing, and computer network security mapping--for data collection and analysis of a sample of 79 Inc. 500 e-commerce sites. Results: The findings indicate that most e-commerce sites were outsourced to the Internet service companies and had the sites' network information publicly available on the Internet through the Google search. However, these sites had most of their ports closed, filtered, or behind firewalls with very few open ports. Companies in financial services, real estate, marketing, security, construction, education, and transportation were significantly more secure than other companies in protecting their network information. Conclusion and Recommendations: the U.S. small business B2C e-commerce sites were secure on average. But this degree of security is not enough. Therefore, this study provided recommendations such as how to secure network information, how to hide a site's IP address, and how to secure operating systems. In addition, the further research was recommended. (Contains 5 tables.)