This document discusses the need for intrusion detection systems (IDS) and different types of IDS. It notes that insider threats account for a significant percentage of data breaches. IDS can help mitigate risks from unauthorized access by monitoring for attacks, detecting system misconfigurations, and identifying abnormal user activity. The document outlines two main IDS techniques - anomaly detection and signature-based detection - and describes host-based and network-based IDS. It also discusses challenges in implementing IDS such as false positives, false negatives, and ensuring appropriate follow up on alerts.