I work in the industry and I will tell you it is really really scary how the lack of knowledge is still the biggest problem.
99% of problems are still phishing attacks for end users or malware via a email attachment.. All that can be resolved quickly.
bottom line is you are using a antivirus /malware solution that requires a definition update... you are not protected.
For companies its still APT hitching off badly configured firewalls. Case in point is the big news data leaks .. Standard bank / ashley madison etc was done via a technique called dns ex-filtration Problem is that almost no security appliances can see what is happening on dns traffic and you are more than likely to find a rule Any < -- > any Port 53 .. The hackers now calll this the " hiway " as its a path through all of your security layers .
We distribute some really really good tech but it still doesn't guarantee you will remain " un hacked " . That is why a lot of tech use deception tactics to lure infiltrators away from your IP so that you get visibility of when they do get in.
PS: due to NDA i cant say who. But a very very large Gov institute CTO thought Cyber Security was bio metric access at doors.
