This 17-page free PDF gives a good overview of the steps you should take to protect yourself and your organization against the majority of threats (We agree with most of what they say, but disagree re: Weebly and Wix for web hosting. WordPress is better in many ways):
https://www.cs.rice.edu/~dwallach/howto-electronic-adversaries.pdf