Insider threat programs address malicious insiders (theft, sabotage, espionage), negligent insiders (policy violations, errors), and compromised insiders (accounts controlled by external attackers). Programs combine behavioral analytics, access monitoring, HR collaboration, and investigation protocols while respecting privacy and legal boundaries. User and Entity Behavior Analytics (UEBA) detect anomalous activities like unusual data access or off-hours logins. A technology company's program identified an engineer who downloaded source code to personal devices three days before resignation, enabling legal action to prevent IP transfer to a competitor.