ESG polled 400 IT and cybersecurity professionals working at SMB firms. Two-thirds of SMBs have experienced at least one security incident over the past two years. Security was thought of as an IT afterthought at many SMBs. Its high time to abandon this laissez-faire attitude. This means creating a cybersecurity strategy that aligns with the business mission, formalizing processes, investing in skills development, and getting executive management onboard. The challenges are understandable.”]