Watch this video on YouTube
You've been alerted to a potential security breach within your organization. Preliminary investigations reveal suspicious activity pointing to an insider threat. What would be the most prudent first step to determine the scope of the threat?