Thank you for your question.
That ties in with my opening statement. A few tools are available, but what works best is going back to the basics—in other words, taking a holistic approach to security.
First, that means a well-established internal security regime for staff. It is important to understand exactly where the information that needs protecting resides, to know the individuals the organization works with and to constantly update the security regime. An individual's personal situation can easily change after they've been interviewed, so an organization should have those kinds of conversations with staff members on a regular basis. For individuals, a clear training and education program should be in place, one that includes refreshers, and the underlying processes should be clear.
IT teams have access to data loss prevention tools that can help to detect fraud. By the time fraudulent activity is detected, however, it's often too late. It is therefore important that organizations invest as early as possible in measures that build trust and confidence and that they work with reliable people.