Every network is a potential target for hackers or unscrupulous employees who download and share files they are not supposed to. The risk varies greatly and depends on what type of information is in a system or what it is used for. A public network at a library might not be routinely hacked largely because it is the random public doing research and watching cat videos. A business network has more valuable files, and so a business should consider hiring professionals for a cyber security audit.
How often should a system be tested and scrubbed? It should definitely be tested when it is first set up because this is when a large number of computers are newly connected with each other and there is likely to be a lot of open ports that a hacker might sneak into. It helps if the computers are of the same brand because then the known open and closed ports are uniform, but everything should be tested.
Operating systems such as Windows often have a lot of loose ends unsecured simply because the system leaves things open by default. Windows can become substantially more secure if altered by a technician and then security software is installed. More academic operating systems such as Linux are more likely to have ports closed by default, and having someone who understands these differences is extremely important, especially in a network where different operating systems are used.
A gray hat or white hat hacker is someone who is highly familiar with common hacking tools and knows how to use them in order to infiltrate a computer network. It might seem remarkable that the same tools used by amateurs is the same that might be used by professional security personnel, but these tools are of high quality and are free to download. It is possible to defend against these tools simply by allowing someone on your payroll to scan ports for openings and weaknesses, which is a process separate from inserting hostile software.
The solution is to repeatedly test a network for vulnerabilities and then to plug them. The more that a network is tested this way, the harder it becomes for a random hacker on the web to find an opening. To this end, it pays to have a cyber security audit done routinely, especially after making significant software or hardware changes to the network. Your private data should remain secure because it is the future of your company.