While surviving as a small or medium-sized business is challenging enough, the realization that the company could fail if it suffers a cyber attack adds another measure of stress. Knowing where to start and obtaining and allocating the right resources are key to ensuring adequate cybersecurity. Panelists at the recent Georgetown Cybersecurity Law Institute discussed ways that small and medium-sized businesses can take meaningful cybersecurity steps given their limited budgets and, in some cases, expertise. See “Using a Risk Assessment as a Critical Component of a Robust Cybersecurity Program (Part One of Two)” (Nov. 16, 2016); Part Two (Nov. 30, 2016).