Don't think that, just because your organization's network hasn't been hit by a major attack yet, it's invulnerable. Attackers are broadening their scopes, going after company networks ranging from one-person small businesses to giant corporations. Every network has vulnerabilities that can be exploited; it's just a matter of finding them. And it's much better if you find them (and plug them) before the attackers do.
How do you go about doing that? You need a comprehensive vulnerability assessment. To find out more about how vulnerability assessments work and how they can protect you from zero day attacks, see this article: