Determining what vulnerabilities currently exist in your network, what threats potentially affect your organization, and the probability of a breach based on those findings can be a difficult undertaking.