This is an excellent series of articles by Kai the Security Guy about insider threat, to help understand the issue, and answer some tricky questions, such as “why do companies ignore it?”, “how big is the risk?”, “why do they do it?” and “what are they after?”.
“Dripping Data: Understanding and Reducing Insider Threat“
(part I, part II, part III, part IV, part V), part VI)
Apparently more parts are yet to be published. I’ll add the appropriate links as Kai posts them.
