The critical risk, second only to the unknown entry into your cyber system, is the length of time it takes you to realise the breach has occurred.
Everything that you can do to reduce the risk of breach, and everything you can do to increase the chance of you discovering the breach, go to your business' survivability and profitability. Without the systems in place - which are rarely provided by your standard IT provider - you are operating in the dark and the IP of you and your staff is up for grabs.
What we really want to give you is the edge against your competitors. You will get that by knowing your risk, and managing it defensively.