People never think it’ll happen to them. Sure, they see the reports – 50 million-plus bundles of user data compromised by a Facebook breach; the billing information of more than 2 million T-Mobile users hacked by a mysterious malicious entity – but companies like those are massive, monolithic entities in American commerce. They’re decidedly big fish, not like you and your small business. According to a recent JLT-Harvard Business Analytic Services survey, more than half of small business owners remain locked into this line of magical thinking, blissfully unaware of the threat cyber crime poses to the health of their organization.

We hate to burst the bubble of the happy-go-lucky majority, but the reality is that this optimistic attitude just does not square with the statistics. The incidents may not make the news, but small businesses are being targeted – and breached – by hackers at an astounding rate. In fact, the National Cyber Security Alliance reports that close to half of small businesses have experienced a cyberattack and that 60 percent of the companies that succumb to one of these attacks folds completely within six months. They state that instead of zeroing in on Fortune 500 corporations, hackers actually prefer to swoop in on the little guy, with 70 percent of cybercriminals specifically targeting small businesses.

Yet according to a Paychex survey, 68 percent of small business leaders aren’t worried about cyber security despite data from Hiscox indicating that more than seven out of ten small businesses are woefully unprepared for a breach.

Of course, it’s understandable that the average small business owner shirks their cyber security responsibilities. It’s the kind of problem that’s so complicated that it’s tempting to sweep it under the rug. As breach tactics become more sophisticated, so do the softwares and methodologies designed to keep out criminals. In a world far removed from the days when buying a product and installing it into your network was enough, it’s easy to become overwhelmed by the complexity and breakneck pace of advancing cyber security best practices. Our biases make the possibility of a hack seem remote, while our limited resources make the cost of protection appear too high to even consider.

The first step to getting savvy in 2019 is to accept that cyber-attack isn’t some unlikely crisis, but a virtual inevitability. It’s a tough pill to swallow, but leaving it to chance is like flipping a coin where a “tails” outcome results in your business shuttering for good.

Luckily, though an attempted hack is almost guaranteed, there are dozens of steps you can take to prevent it from doing any damage. Chief among these should be to find a managed service provider (MSP) with a long background in protecting against hacker threats to take the reins on your cyber security as quickly as you can. It’s important when auditing your internal security measures that you regularly get an outside opinion from a trusted source, in order to cover all your bases. Your internal IT departments assurances that “they’ve got it covered” are certainly reassuring, but to truly patch all the holes in your security barriers, you’ll need more eyes on the problem. You might imagine that such a partnership must be prohibitively expensive, but they’re typically more reasonable than you might think. Not to mention that when the very survival of your business is on the line, it just makes sense to budget accordingly.

The statistics paint a picture of small business owners as underprepared, unaware, and disturbingly vulnerable to the whims of cybercriminals hiding just out of view. Don’t be another one of the millions of small business owners forced to shell out thousands as a consequence of wishful thinking. Wake up to the dangers of 2019, arm yourself against them, and secure the future of the business you’ve worked so hard to build.