This is the second of two blog entries that explore questions we were asked during a recent meeting with leaders from the U.S. financial services sector. In this entry, we focus on what role malicious insiders typically hold in an organization: a non-technical position, a technical position, or both. "Non-technical" includes positions such as management, sales, and auditors. "Technical" includes positions such as system or database administrators, programmers, and helpdesk employees. "Both" includes overlapping jobs such as IT managers.