Oblivious behaviors
We'll start by discussing the kind of behavior you might find from an oblivious, non-malicious insider threat. Oblivious employees aren't motivated by any desire to cause harm, or even by laziness or resistance to protocol; they simply don't understand that the actions they're taking, or forgetting to take, cause holes in their organization's security.
Unattended computers are a hazard
One classic form of oblivious behavior is leaving computers unattended when outside the organization – I've seen this many times at conferences, even security conferences. People go and check in their laptops along with their coats! They hand the laptop over for a checkout ticket, getting a false sense of security and trust because they've got the checkout ticket in their possession. That makes them feel like the laptop's safe; when really, it's been taken by an individual you don't know, to a place you can&apos...