A common thing I experienced in my job was that small businesses don't have money or time to organize Security Incident Handling. Fortunately SANS published a whitepaper that proposes an approach, specifically for the small business.

A challenge exists when attempting to provide the Small Business (SB) owner with a workable procedure and resources for security incident handling. Considerable research has been accomplished, with a focus on the steps necessary to create and organize an Incident Handling Team in large organizations, but the resources required for such a project do not scale down to anything usable by the Small Business community. This paper reviews current best practices in the security community, and proposes a compromise that scales these steps into something workable and acceptable to the SB community. The paper also references SANS checklists to assist the SB owner step through the processes before, during, and after a security incident, along with literature, vendor, and tool resources.