Data Leakage

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

3 Scopus citations

Abstract

Data leakage is defined as the accidental or unintentional distribution of private or sensitive data to an unauthorized entity. Sensitive data in companies and organizations include intellectual property (IP), financial information, patient information, personal credit-card data, and other information depending on the business and the industry. Data leakage poses a serious issue for companies as the number of incidents and the cost to those experiencing them continue to increase. Data leakage is enhanced by the fact that transmitted data (both inbound and outbound), including emails, instant messaging, website forms, and file transfers among others, are largely unregulated and unmonitored on their way to their destinations. Furthermore, in many cases, sensitive data are shared among various stakeholders such as employees working from outside the organization’s premises (e.g., on laptops), business partners, and customers. This increases the risk that confidential information will fall into unauthorized hands. Whether caused by malicious intent or an inadvertent mistake by an insider or outsider, exposure of sensitive information can seriously hurt an organization. The potential damage and adverse consequences of a data leakage incident can be classified into two categories: direct and indirect losses. Direct losses refer to tangible damage that is easy to measure or to estimate quantitatively. Indirect losses, on the other hand, are much harder to quantify and have a much broader impact in terms of cost, place, and time [Bunker, 2009]. Direct losses include violations of regulations (such as those protecting customer privacy) resulting in fines, settlements or customer compensation fees; litigation involving lawsuits; loss of future sales; costs of investigation and remedial or restoration fees. Indirect losses include reduced share price as a result of negative publicity; damage to a company's goodwill and reputation; customer abandonment; and exposure of intellectual property (business plans, code, financial reports, and meeting agendas) to competitors.

Original languageEnglish
Title of host publication A Survey of Data Leakage Detection and Prevention Solutions
PublisherSpringer, Boston, MA
Pages5-10
Number of pages6
ISBN (Electronic)978-1-4614-2053-8
ISBN (Print)978-1-4614-2052-1
DOIs
StatePublished - 14 Feb 2012

Publication series

NameSpringerBriefs in Computer Science
Number9781461420521
ISSN (Print)2191-5768
ISSN (Electronic)2191-5776

ASJC Scopus subject areas

  • General Computer Science

Fingerprint

Dive into the research topics of 'Data Leakage'. Together they form a unique fingerprint.

Cite this