Or flip it around. Your marketing is using Mailgun, and they just ran an expensive marketing campaign, but none of the emails are going out.

Or the marketing person says Mailgun sucks so they just send mass marketing emails from their work email and now your domain is on a blacklist.

An employee gets phished and their email sends out spam to all your vendors. Your main supplier blocks your domain until their IT can talk to your IT to confirm your IT has fixed the issue. ”we reset their password” isn’t going to cut it.

Your cybersecurity insurance renewal requires 2FA and geoblocking login attempts. Your office manager thinks they maybe figured it out, but now no one in your organization can login.

At the very least you need someone on retainer you can call. The cheapest option, if you can find one, is finding an IT consulting company that works on a time & materials basis. That way you aren’t paying continually but you’re not dead in the water when something breaks.