Kudos to Joat on this post about this article @ Darkreading. Some expert in the article is warning of insider threats (we all know they exist) and how you can detect when an employee is about to get medieval on you. Joat advice is to secure your environment, keep a watch on people but don’t be so aggressive that you drive people off. Get your crap together to protect against problems. Don’t MAKE people the problem.
Joat says it better here:
I’ve got news for you: If you run a totalitarian environment (AKA micro-managed, micro-monitored), every single one of your users will be evil and you’ll end up wondering why your organization has such a high turn-over rate.
Joat also says that you have to use your brain and quit trying to automate every process (this is mentioned because of some software the article points out called WarmTouch). Very good point. I have this issue on a regular basis with clients looking at SIEM. They want something that does the job for them, but this just does not exist. You have to have people on the job. Unless LucasArts builds a real C3PO, that is just the way it is.