I've been trying to think of a business that does not have exposure to cyber risk. I can't think of one. At minimum, everybody stores confidential data on a computer, which means they have a valuable commodity subject to data breach.
Let's take a higher-level view of this risk by using a fault-tree analysis. Here's what that would look like:
The left side focuses on compromised data. Here's the general process criminal use to get your information:
The right side discusses network breaches. Here are some of the ways hackers will use to infiltrate networks: