The prevailing wisdom considers insiders to be either compliant or non-compliant due to malice. I will present an ontology of insider threats we call VISTA, with seven different kinds of insider threats. I will explain how we developed the ontology and also explain how organizations can mitigate each threat.