Interesting article on social engineering attacks here: http://www.gocsi.com/soceng.htm and a 1998 article which puts the threat to information into a wider context than just intrusions (places external attacks at 5 to 8 % of the total dangers to information, dishonest employees at 13%, disgruntled ones at 10%): http://www.gocsi.com/ip.htm Colin