One of the security layers to keep in mind are monitoring and keeping audits inside your networks.
My most major concern are the users inside a network and not some hacker outside the network. The odds are much lower if someone outside of a network hacks in to your data. The real danger are the insider threats, and yes, I mean the users themself sitting behind the machine.
One of the things we can do, is a "scare tactic" that we gotta let them know were monitoring and keeping an eye on you whatever they do on a network. Hopefully that will send a clear message.