When you detect an insider threat, what steps should your IT team take to protect the business? (E.g. an employee downloading confidential data via email or uploading it to their personal cloud storage). Do you report the incident to HR with the evidence? Do you call the police to report the incident?