Where are organisations' most valuable systems generally to be found? Usually, not on the internet, but in internal networks. These internal networks must be carefully protected from intruders. External as well as internal threats must be considered.
Not everyone with access to an internal network can be trusted, and it is generally very easy for a malicious individual to gain access to an internal network. From there, it is frequently even easier to reach valuable systems within the network.
Are you aware of the status of the systems on your internal network? What kind of valuable data does it contain, and is that data well protected?