By Isaac Kohen, Published in Forbes

Amid the exuberance of the startup process, it’s easy to forget about the importance of cybersecurity. According to a 2015 report from the U.S. Securities and Exchange Commission, only 29% of companies with less than 50 employees understand the steps needed to improve their cybersecurity efforts, a number much lower than more established companies. However, some things cannot be deferred until later if your business is to survive.

Here are four cybersecurity priorities that every startup needs to embrace from day one, based on what I have practiced from the first day my own company opened for business in 2014.

1. Build a culture of cybersecurity.

When it comes to protecting sensitive data and intellectual property (IP), it’s often the people in the office who are the most significant risk. Negligence and indifference leave companies with compromised security, and, as a recent ShredIt analysis concluded, “On the path to total information security, the biggest obstacle U.S. companies face is their own staff.”

In other words, cybersecurity isn’t just an infrastructure issue. It’s a cultural one.

To be fair, most organizations lack a cultural ethos that prioritizes cybersecurity, but a startup is in a unique position to fix this mess before it impacts their company. When cybersecurity is a priority for the company’s founders and initial team, those norms more easily extend to new team members as the company grows.

In contrast, a lackadaisical approach to protecting data and IP can become normative, potentially infecting a company’s culture until it’s too late.

>>Continue reading in Forbes