It's early on in your startup, but attacks are increasing and we're easy targets. What are you having a hard time figuring out / getting done when it comes to defending yourself? Are you worried? What have you done?
This is an issue driven by the economics of behavior. The question you can start with is; Why would anyone want to attack you? Is there a benefit from doing so? If so, what is the value and scale of that benefit for the attacker?
This should be something initially discussed and planned for before one line of code is ever written anyway. For the most part, if you have a good baseline security environment and your product isn't providing value or motivation for attackers, chances are their won't be too much to worry about.
Is there something more specific you are wanting to know?
This is where going with established platforms can be of help. Third party solutions can be included with least cost for an MVP. Trend Micro also has a product that protects data within your app backend.
This is something that worries my family more than me. With gazillion digital accounts to ensure digital presence, you actually can't test at one glance whether a new follower is legitimate, a troll, a potential hacker or a competitor trying to steal your openware ideas. Or some former employee with a ridiculous innane desire to stall your work from progressing. Use protected accounts check your digital analytics & yes hand over the account only once you know the employee or the head is worth that kind of trust.
Then there's financial threat. One way to keep yourself safe is have an account that's purely for in-flows & another for outflows, especially of carrying out global transactions. Keep your bank completely cued in on this arrangement.
Now for the tech aspects, well an intelligence system in your knowledge base would have to have reliable malware, spyware alike & above all frequent audits of your intra cyberspace