Hackers are increasingly targeting small businesses, which often lack robust security defenses. One in five small businesses falls victim to a cybercrime each year, and 60% of those businesses go out of business within six months of an attack. Attacks on small businesses with fewer than 250 employees jumped from 18% to 31% of all targeted attacks in one year. Small businesses are vulnerable because they typically lack security monitoring, logs, audits, and penetration testing. The document proposes four steps to protect small businesses: conducting security assessments, fixing vulnerabilities, implementing firewalls and analytics for ongoing monitoring, and providing education on safe internet practices. The goal is to partner with businesses to strengthen their security and protect their networks and information.