In a world where hackers strike at the heart of business servers every day, the risk of having your data held hostage to ransom is extremely real, extremely costly and extremely concerning.

Should you become a victim of such a disruptive hack, your options are few and none of them are good.  Obviously, you can pay the ransom, but keep in mind that the price tag can run into the millions of dollars. You can refuse to pay, and rely on your backup system, but the time and cost to rebuild your system can approach the cost of the ransom.  Also, the hackers now have control of your data and could release it on public leak sites.

So, let’s see what cybersecurity experts have to say on this critically important topic.

In one case, where a business with hundreds of employees and clients around the world, hackers demanded $3.6 million in bitcoin in five days. The hackers invaded innocently enough when the malware attached to a server through an employees’ laptop and spread the virus to more than 100 servers.

The company chose the “contain the damage” strategy and hired a cybersecurity firm. Hours before the deadline, and after days of working 24 hours each day, they chose to not to pay, as they were confident that had their data fully backed up.

The disruption was massive and took many weeks to recover from, but was also instructive, officials said. The company now has more protection than ever.

Another cybersecurity professional says paying a ransom is often not advisable because it means the hackers have accomplished their goal and feel empowered to try again. Still, every enterprise has to make that decision itself, and usually, very quickly. As much as it may seem you don’t have the option to negotiate with a hacker, that may not be the case. Don’t just assume you have no alternative.

A lot of malware attacks are preventable, experts say. By reserving 10 percent of your networking expenses for cybersecurity costs you can not only be better prepared if you are hacked, you’ll be less likely to be targeted because you’ll have systems in place to prevent the malware.

Here are four tips from Forbes.com for keeping your IT network safe from hackers:

(1) Invest in professional level software that is appropriate for your type of business and be sure to update it regularly.

(2) Use a virtual private network (VPN) that supports the systems you work on and a privacy screen. VPNs offer protection from hackers if you or your employees are working in public spaces. A privacy screen helps protect your information from wandering eyes around you when you are working. There are paid subscriptions for these that will help you with updates and security functions.

(3) Be sure to educate your employees at all levels of the company about the dangers of opening or transferring potentially harmful files or software to the company’s network. Experts recommend updating, testing and reinforcing the policies regularly.

(4) Hire a consultant who specializes in cybersecurity. Professional cybersecurity consultants help companies develop and implement strong, safe IT infrastructures, as well as training and policies for employees.

As we have seen in the news too many times, no government or business, of any size, is 100% immune to hackers. But the steps outlined above can help increase your chances of keeping your networks and IT infrastructure safe so you can focus on running your business.