Oil pipelines, banks, internet networks, hospitals, manufacturing plants, water-treatment systems. We don’t have to imagine the damage hackers could wreak by paralyzing just one of these gears in the larger U.S. economic engine — we’re seeing it play out this week at the gas pump.

Often all it takes is an oblivious worker clicking a tainted e-mail link, or an IT department getting momentarily lazy about computer-system hygiene. While we don’t know exactly what led to the Colonial Pipeline ransomware attack, it’s a reminder that every digitally connected company has vulnerabilities and that critical U.S. infrastructure makes for the juiciest target.

For a business that transmits fuel throughout the U.S. Gulf Coast and East Coast, it’s easy to see how cybersecurity might slip down the list of concerns. Managers have to regularly worry about repairs to prevent oil leaks, on-the-job accidents, natural disasters, as well as pandemics — all risks listed in the annual filings of publicly traded pipeline operators. But devoting resources to cybersecurity now can save you a lot later.