Over 77% over businesses suffered a cybersecurity attack last year, according to the IT Security Economics Report[1] from Kaspersky Lab.

That percentage is consistent with lots of other security research, and the number of companies admitting that they have been attacked has continued to move upward each year over the past several years.

Every company, no matter how big or small, is now a target. The question is what can you do to best protect yourself with the resources you have?

The answer is two things.

1. Take a risk management approach

The organizations with the best track record in cybersecurity have long figured out that they can't secure everything or have a perfect security posture. Instead, they approach cybersecurity like an insurance company, by taking a risk management strategy.

They audit their organization to understand where their most valuable data lives and then prioritize their resources to protect it--whether that data is at rest, in transit, or anywhere that it flows.

SEE: Cyberweapons are now in play: From US sabotage of a North Korean missile test to hacked emergency sirens in Dallas (TechRepublic) | Download PDF[2][3]

2. Write good security policies

Once you have a deep understanding of where your most valuable data lives and how attackers could potentially do the most damage to your company, then you need a set of good policies to protect it.

These policies need to be updated annually and you need to communicate them in a way that your employees clearly understand why they should care and what they can do to be part of the solution. And if you need help drafting your cybersecurity policies,

Read more from our friends at ZDNet