Ransomware has become a big issue, in part because many organizations have a flat network. Once ransomware is loose in a network, the organization cannot stop it from encrypting shares unless they add extra access controls. Currently, many organizations don't put those controls in place, since they believe that by virtue of the network being “internal,” they are safe. But this is a misguided assumption. It's up to individual organizations to change it.
The longer an organization is allowed to expand while relying on their perimeter, the further ingrained it becomes into their architecture and culture. Security organizations such as Synopsys enable you to test not only the services the world interacts with daily but also the back-end systems that lie beyond the firewall. Internal network testing gives you a valuable understanding of the threats you face from the inside, and how well you could mitigate them if your perimeter fails.
The holistic approach of a red team goes even further to show a tangible goal achieved using approaches that exist in real-world attack scenarios. More knowledge for the organization enables better business decisions. And better business decisions lead to successful growth and development of a mature secure development life cycle.