Unfortunately, NGOs don't seem to be very good at picking up on warning signals prior to an inside job. For that matter neither do corporations, as criminal activities by insiders are far more common than those committed by people outside a company. It probably comes down to a bit of denial, thinking someone's not going to bite the hand that feeds him or her. But in many cases, that's just what happens.
Obviously, properly vetting staff members is a useful preventative measure. After that though, managers need to have a high degree of sensitivity to their employees and be mindful of behaviors that could suggest a staff member might act against the organization. Unfortunately, this isn't widely taught within the humanitarian community. (A good starting point for self-study is Gavin de Becker's book "The Gift of Fear," which offers some basic behavioral insights to potentially violent internal threats.) Another detriment to preventing these types of incidents has been a lack of willingness for organizations to share information about precursors that lead up to an incident. While I appreciate the potential negative PR and legal exposure implications of disclosure, not understanding the events that led to an incident and not applying lessons-learned, almost certainly guarantees the incident will occur again - to your own organization or another.
Inside jobs are tough. But the first step in dealing with them is to acknowledge they occur. With that and the local context in mind, you can start crafting ways to mitigate the risk; whether it's abduction, theft, or workplace violence.