You might want to actually read the book before presuming that it identifies IT staff as the primary perpetrators of insider crime. The book deals with every potential insider threat from maintenance staff to the highest levels of executive management. A great deal of emphasis is actually placed on how important the IT staff is to mitigating insider threats, particularly if the threat is someone in senior management. So, it's not "management vs. employees". The book also does not say that everyone IS a threat. It says that anyone CAN BE. Big difference.