Two major goals of organizations today would be to reduce risk as much as possible. There will always be security risks, but time and money play a role in how secure a company can make their data. The second goal is assisting productivity with new and innovative technologies. The goal is to implement new devices or software without compromising security by doing so.
Organization face threats from many fronts, the most common being human error, and malicious attacks. Human error come into play when associates accidently let malware into the network from phishing emails or other malicious attacks. Also, human error can be attributed to access creep, where an individual has elevated privileges as an oversight to remove the non-needed access. Malicious attacks can be in the form of DDOS attacks or holding company data hostage for ransom from the victim company.