This document discusses insider threats and how to protect against them. It identifies four types of insider threats: the conscious (disgruntled employees, opportunists, idealists, fundamentalists), the mindless (want to help but make mistakes), and the compromised (infected by malware). It advocates implementing user and access management, infrastructure protection, information protection, and management to address these threats. The document is presented by NetIQ as an argument for their identity and access management solutions to help organizations enforce access controls, monitor user activity, and minimize user privileges in order to better protect against insider threats.