The fifth column
When Franco was conquering Spain in their civil war, he was reported as having four columns of troops outside Madrid and a "fifth column" of supporters inside.
Most large organisations have many staff who are happy to collect their monthly pay, yet spend a significant amount of effort actively or passively working against their employers interests. Whether those people are actively sabotaging or betraying the company or government department they work for or are just goofing around, doing nothing useful is debatable.
However, it should be recognised that there is a broad spectrum of hostility that does not begin or end with selling the company's IP, phone directory, confidential material or client data. While that can never be stopped entirely, there are basic fixes that are easy, yet rarely implemented.
One would be forced to conclude that even simple things like removing USB connections to PCs and scrutinising outgoing email are not common simply because organisations do not care about security. Preferring to think any breaches are down to lone-wolf employees who are outliers. That mind-set is far more acceptable (to both employers and employees) than recognising that 5% of your staff are crooks!