The class of cyber actor with the greatest capacity to cause harm to organizations is not the so called state-sponsored hacker or cyber-terrorists. It is the “insider” – the company’s employees, ex-employees, and trusted vendors. Most IT systems are protected by defensive technologies which present a significant hurdle to unauthenticated outsiders. However, the company insiders have authentication credentials that allow them past the defensive technologies and provide them with access to the company’s intellectual property.