The biggest threat (at least in my opinion) to an enterprise's cybersecurity health is the people that work there. That's not a knock on anybody, it's just an unfortunate truth. People often have a lot to worry about and unfortunately, cybersecurity often falls to the wayside.
Not every cyber-attack is a large scale data breach or ransomware attack. Even the average computer user is liable to encounter some sort of cyber-kerfluffle during their lifetime.