The movement toward professionalization within the IT security field can be seen among IT security officers, IT security auditors, IT contractors, and system/network administrators, and is evolving. Some agencies and organizations focus on IT security professionals with certifications as part of their recruitment efforts. Internal compromises are much more difficult to protect against. Employees already have access to a multitude of systems and networks. The IT staff in most cases pretty much has the keys to the entire kingdom. There are a number of data loss prevention (DLP) tools out there that can help stem the flow of information out of the building. DLP is a tool, not a panacea, as it requires configuration and tuning to meet business requirements. The first general category is referred to as Leakage. We see this when customer databases are hacked, usually falling into the news category of Identity Theft.
