“Data leak” is one of the hot catch-phrases today. And it is no wonder.
Every day, almost literally, there are news stories published about companies losing personally identifiable information (PII) and other types of sensitive information. The data can leak out of a company in about as many ways as you can store or transmit information.
* Through email messages
* Intercepting wireless transmissions
* Improper disposal of printed paper
* Improper disposal of electronic storage devices
* Improper disposal and/or reuse of computing devices
* Metadata within electronic documents
* Poor access control configurations
* Lack of awareness and knowledge by users
* Malicious insiders with trusted access
* And the list goes on and on
These data leaks not only can result in costly security incidents, they can expose PII to identity theft and fraud, and can put the spotlight on an organization’s noncompliance with a wide range of laws and regulations.
I have been discussing these and related issues at my own blog site for 1 1/2 years, and will continue to do so. However, I also now look forward to engaging in information security, privacy and compliance discussions, debates and dialogues here on the Cutter blog. Thank you for inviting me to participate!