Many novice Office 365 shops do not know where O365-specific security vulnerabilities lie, or that they even exist. These threats do not cause pain until they rise up and bite – then the agony is fierce. More experienced organizations know threats exists, but not exactly where they are or how to address them. The results can be disaster. A survey of 27 million users across 600 enterprises found that 71.4% of Office 365 business users suffer at least one compromised account each month. Virtually all organizations have some basic forms of security protection, such as anti-virus and firewalls – but nothing for Office 365-specific security issues. The basic tools they have make them feel safe. Meanwhile, larger shops likely have defense-in-depth for general security and compliance and regulatory controls and solutions – but again, nothing for Office-365 specific security and compliance concerns.