• Establish security practices and policies to protect sensitive information

  • Educate employees about cyberthreats and hold them accountable

  • Require employees to use strong passwords and to change them often

  • Employ best practices on payment cards

  • Make backup copies of important business data and information

  • Create a mobile device action plan

  • Protect all pages on your public-facing websites, not just the checkout and sign-up pages

    The survey also found:

    • 65 percent of business owners admit they have been victim of a cyberattack; computer virus attacks are the top type of attack reported at 33 percent, phishing is number two at 29 percent.

    • 86 percent of business owners believe that digital risk will continue to grow.

    • 30 percent of companies with 11-50 employees do not provide any type of formal training on cybersecurity.

    • Despite the simplicity of regularly updating software, seven percent of companies still fail to take that step.

    • Reputational risk is among the top reasons (45 percent) why business owners would consider investing in or purchasing a cybersecurity policy.

    • 35 percent of business owners who have never experienced a cyberattack are unaware of the financial cost to recover, highlighting a dangerous gap in knowledge from the implications.