This is one of the 52 terms in The Language of Cybersecurity published by XML Press in 2018 and the contributor for this term is Dennis Leber.
What is it?
A loss of information from your systems that could harm your business or customers.
Why is it important?
Data leakage is important to cybersecurity and business professionals because of the negative impact on finances and reputation that losing critical information can have on an organization. Data ownership spans a business at every level of leadership, and protecting data is a business responsibility that must be reflected in every organization’s goals.
Why does a business professional need to know this?
Understanding data leakage means knowing what data is important, where sensitive data resides, and what could cause data to improperly leak outside your organization. It is also important to understand that a leak can be intentional or unintentional, and the impact of a leak can be rated as low or high.
Understanding data leakage enables you to work with cybersecurity specialists to develop controls to protect sensitive information and reduce this risk to your business. The potential impact of data leakage is not limited to just your systems or one specific information medium. Recent examples, such as the Equifax breach, highlight the potential for serious consequences, including legal actions, loss of jobs, and damage to business reputation.
Other examples of significant data leaks include the following:
- Personal details for more than 198 million US voters were left on a publicly accessible server by a company working for the Republican National Committee (RNC).
- Personal information, including billing addresses and details of financial transactions, for 4 million Time Warner Cable subscribers was left on an Amazon cloud server with no password.
- A spreadsheet containing private notes about more than 30,000 customers at a restaurant frequented by celebrities was accidentally attached to a broadly distributed email message.
- An Iranian hacker stole 1.5 terabytes of data from HBO, including scripts, unaired episodes of several HBO programs, and technical data about HBO’s network, including passwords.
- A Verizon vendor accidentally left information about 6 million Verizon subscribers on a cloud server for more than a week.
These examples, which are just the most notable of many that have occurred over the last few years, make it clear that data leaks can cause serious damage to an organization’s reputation and bottom line.