In 2016, most attacks against financial services firms were unknowingly facilitated by “inadvertent actors,” reports IBM. That is, by insiders without malicious intent, such as employees or contractors, who simply clicked a bad link or downloaded the wrong attachment. Many financial organizations have locked down their IT infrastructure to reduce the attack surface for web-borne threats - at the risk of impeding productivity. But a simple page view request can still lead to major system exploits, data egress and significant financial damages.