feasibility of blue teams detecting insider threat data exfiltration


The number of ways to exfiltrate data from an organization from an insider threat perspective is only limited by the imagination. Can detection teams reliably be alerted of the more unorthodox, alternate vectors ?