For a business, the biggest problem when it comes to security holes is the amount of money that it can cost you. While normal people have to worry about the loss of privacy and the violation that they feel, businesses care more about the bottom dollar. And that is what they should be concerned about. They are in business to both make money and provide quality service to their customers. If they are not able to do that because of some security hole then that business is looked at with a negative tint.
But when most businesses bring a professional to test out the security of their system, they are more times than not looking for a technical solution. They have looked up the latest holes and zero days and they are testing for that. And that is reasonable. That is what you are supposed to be testing for. But when your test only deals with the technical holes then that means that there is a possibility that you are going to miss a wide open security hole. One that is the cause of most security holes in business.
When you only test the technical you miss the social component of hacking. Not only do you have to be able to make sure that the workers are not letting security bugs in, you also need to be aware of cyberslacking. Social networks are seemingly everywhere nowadays and you need to beware of workers either clicking the wrong links or they are telling secrets of the business online without meaning to. The social networking part of the internet can possibly cost both businesses, big and small, millions.
This is why you must train the people who work for you how they can and cannot use social media on company time. Some companies just ban the sites altogether. Others will let their employees on the sites while at work but only if they follow a strict set of rules. You also want to make sure that even when they are at home that they are careful in what they talk about.
If you think that all security holes are purely technical then you would be wrong. Simple social networking services can be just as bad.