This is an interesting article revealing some research by RSA on insider attacks. Although malicious insider attacks are high, 19%, the majority of insider attacks are believed to be unintentional, 52%.
"The figures are hard to quantify, but the average annual financial loss to insider risk adds up to $800,000 (£480,000) overall per organisation in the US and between $300,000-$550,000 (£180,000-£330,000) in the UK, France and Germany."
"A recent report by the Ponemon Institute found that the average cost of a data breach in 2008 was $202 (£122) per customer record.The information security firm also determined that the expense continued to rise by 38% between 2004 and 2008."
"It advises limiting systems access to a few trusted employees, using a password protection system for logging in, equipping computers with firewalls and virus protection and educating employees."