Exactly. I think you'd be hard pressed to find many companies that employ systems sophisticated enough to catch internal sabotage without immense amounts of false positives.
"What the hell do you think you're doing??" "I just wanted to play DOTA"
Correct. I accidentally triggered an internal "hacking-prevention" system at the investment bank where I work by simply installing Anaconda. Having a cyber security agent coming to my desk and demanding I log off my machine immediately was really scary, especially considering it was my first week there.