Data Leakage Flashcards
Data leakage definition:
Data leakage is the unauthorized transfer of sensitive information from an organization or entity to the outside world.
Insider threats and external threats:
- the dangers of an insider threat are far greater than those of an external threat, reason being that someone who is inside a system is going to have much more access to that system than any external entity
Insider threats include: mainly people who work for the company or who are otherwise in close relation to the company (disgruntled employees or employees who don’t follow policy, someone who’s being paid by a third party to acquire information, etc)
Non-malicious/accidental data leakage is also marginally common
- Ermin’s example: an employee who works for a substantial organisation overhears information about a company acquisition in progress from some higher-ups - > he goes home and tells his waman - > she goes to a diner w/ some friends and tells them about her husband’s company’s acquisition -> one of the friends posts about the acquisition online -> the post gets spread around and in just a few dozen hours, the acquisition is no longer unknown to the public, the company’s market value is damaged, and maybe even the acquisition is killed as a consequence.
