Establish security practices and policies to protect sensitive information

Educate employees about cyberthreats and hold them accountable

Require employees to use strong passwords and to change them often

Employ best practices on payment cards

Make backup copies of important business data and information

Create a mobile device action plan

Protect all pages on your public-facing websites, not just the checkout and sign-up pages

The survey also found:

• 65 percent of business owners admit they have been victim of a cyberattack; computer virus attacks are the top type of attack reported at 33 percent, phishing is number two at 29 percent.

• 86 percent of business owners believe that digital risk will continue to grow.

• 30 percent of companies with 11-50 employees do not provide any type of formal training on cybersecurity.

• Despite the simplicity of regularly updating software, seven percent of companies still fail to take that step.

• Reputational risk is among the top reasons (45 percent) why business owners would consider investing in or purchasing a cybersecurity policy.

• 35 percent of business owners who have never experienced a cyberattack are unaware of the financial cost to recover, highlighting a dangerous gap in knowledge from the implications.