Security concerns are in some ways peripheral to normal business working, but serve to highlight just how important it is that your business users feel confident when using your IT systems. Security will probably always be high on the IT agenda simply because cyber criminals know that a successful attack is very profitable. This means they will always strive to find new ways to circumvent your IT security, and you will consequently need to be continually vigilant.
It is no point having a network with a secure perimeter if the laptops of your business users are not security protected; the most secure email system in the world will not help if your business users send emails with confidential information because they are not security aware. Security has to be holistic, and you have to think about defending all aspects of your infrastructure - the servers and desktops, the network itself, wireless networks, computers that access your system remotely - all need to be equally secure.
You cannot eliminate security risks, but you can manage and mitigate the risk. The key to a successful security strategy is usually described as "Defence in Depth". The idea behind this is simple - you don't rely on a single protection for security, so that if one part of your security system is breached, the attackers only get as far as the next layer of security.