Small businesses are very vulnerable to cyberattacks — and failure to defend against an attack could cost everything and shut down the business, temporarily or permanently.

According to a Verizon report, more than 40 percent of all cyberattacks are against small businesses. They do not have the resources to hire professional security experts and implement the cybersecurity infrastructure of larger businesses. Data breaches can occur by compromised email logins, links that trick the recipient, or embedded software vulnerabilities, which are all very costly to businesses. IBM estimates that the average cost of a data breach ranges from $108,000 to $4 million, including lost business, lost revenue from system downtime, and the high cost of reputational harm. Initial costs are incurred immediately when investigating and responding to data breaches. Companies in certain industries that fail to secure customer data can face fines, penalties, and lawsuits.

Where should you start as a business owner to address cybersecurity matters, particularly when it’s difficult to find the time to research and establish a system or process that works for your business? Consider looking at the cybersecurity best practice guides available from the U.S. Small Business Administration, the Federal Trade Commission, and the Cybersecurity & Infrastructure Security Agency. These are excellent resources that can provide you with solid information to evaluate your current processes and establish stronger policies to protect your business from cyberattacks.