RSA revealed that the majority of breaches are actually caused unintentionally by employees.

http://news.bbc.co.uk/2/hi/technology/8215467.stm

This is an interesting article revealing some research by RSA on insider attacks.  Although malicious insider attacks are high, 19%, the majority of insider attacks are believed to be unintentional, 52%.

"The figures are hard to quantify, but the average annual financial loss to insider risk adds up to $800,000 (£480,000) overall per organisation in the US and between $300,000-$550,000 (£180,000-£330,000) in the UK, France and Germany."

"A recent report by the Ponemon Institute found that the average cost of a data breach in 2008 was $202 (£122) per customer record.The information security firm also determined that the expense continued to rise by 38% between 2004 and 2008."

"It advises limiting systems access to a few trusted employees, using a password protection system for logging in, equipping computers with firewalls and virus protection and educating employees."