As the other poster noted, this is not the only mechanism employed, which would be pretty silly. Among some of the others are, indeed, code reviews, static analysis and anomaly detection.
Another point worth noting about insider threats: overconfidence on the part of the attacker is frequently the defenders' friend. Metaphorically speaking, the crook knows about the camera over the door and will avoid showing their face to it, but didn't notice the other ones. And because they work there, they think they have a better handle on how things work than they actually do.
Another point worth noting about insider threats: overconfidence on the part of the attacker is frequently the defenders' friend. Metaphorically speaking, the crook knows about the camera over the door and will avoid showing their face to it, but didn't notice the other ones. And because they work there, they think they have a better handle on how things work than they actually do.