Adverse publicity and damage to customer trust resulting from the loss of confidential information is focusing the attention of senior executives on the dangers associated with information leakage, claims a new report from the Information Security Forum (ISF).
But the report that has been released into the public domain today also highlights that while the term ‘information leakage’ may be new, it is a problem that organisations have had to deal with for many years.
“While there are some new factors and challenges, it is really just a new name for an old problem,” says report author Andy Jones, senior research consultant at the ISF.
“For large organisations a certain level of information leakage may be inevitable through unintentional actions, rather than malicious intent. What’s important is to focus resources on identifying and protecting high value data and increasing awareness of the risks.”
Information leakage, or ‘a breach in the confidentiality of information’ can take place at any vulnerable point in a company’s security system where data is being processed, transmitted, copied or stored.
Human error accounts for most information breaches such as the loss of a laptop, sending a confidential email to the wrong address, or not providing sufficient protection to information in transit.
New high-profile vulnerabilities have also been introduced through the increase in high capacity storage devices such as USB keys or MP3 players and the growing popularity of social networking sites such as Facebook and MySpace.
But the report that has been released into the public domain today also highlights that while the term ‘information leakage’ may be new, it is a problem that organisations have had to deal with for many years.
“While there are some new factors and challenges, it is really just a new name for an old problem,” says report author Andy Jones, senior research consultant at the ISF.
“For large organisations a certain level of information leakage may be inevitable through unintentional actions, rather than malicious intent. What’s important is to focus resources on identifying and protecting high value data and increasing awareness of the risks.”
Information leakage, or ‘a breach in the confidentiality of information’ can take place at any vulnerable point in a company’s security system where data is being processed, transmitted, copied or stored.
New high-profile vulnerabilities have also been introduced through the increase in high capacity storage devices such as USB keys or MP3 players and the growing popularity of social networking sites such as Facebook and MySpace.
Have you read these related articles?
Newsletter:
