For an example of the insider threat in action, check out this story [foxnews.com]. I'll bet she feels stupid!
Think the insider threat isn't a big deal? You're wrong [cert.org]. In 1999, NIPC estimated that 55% of attacks were perpetrated by an insider. Some groups put the current totals as high as 85%. Whatever the case, if your organization is going to be attacked, the most malicious actions will likely come from an insider--destruction of company information, exfiltration of proprietary data, etc. Why? Because an insider knows exactly where to look for data, what data is most valuable, and what is most important to business continuity. Joe Hacker on the Internet is looking for big, juicy targets with lots of personal data (for identity theft) or bandwidth (so he can set up the biggest botnet and get the most money for renting it out).