Large-scale security breaches -- like the recent attack on retailer Target -- get more attention, but most cybercrimes target smaller companies, says California Attorney General Kamala Harris. On Thursday, Harris released recommendations to help small- to medium-sized businesses protect themselves from malware, data breaches and other cyber-risks.

“Unfortunately cybercrime, data breaches, theft of proprietary information, hacking and malware incidents are now routine,” she said, in a prepared statement announcing the release of Cybersecurity in the Golden State. The guide is a collaborative effort between the California Attorney General's Office, the California Chamber of Commerce and Lookout, a mobile security company.

The state Attorney General’s Office is investigating the massive Target secruity breach which, according to reports, exposed the personal data of 7 million Californians. But Harris says that 50 percent of all targeted attacks are aimed at businesses with fewer than 2,500 employees, and 31 percent are against organizations with fewer than 250 employees.

The good news is that most cybercrooks are looking for easy targets, so basic security practices can go a long way toward protecting organizations.

“Relatively small investments in cybersecurity preparedness can yield significant risk reductions,” Harris says in the guide. But since there are no guaranteed protections against attacks, the publication also covers what to do following a successful attack.