The systematic categorization of data based on its sensitivity, value, and regulatory requirements to determine appropriate protection levels and handling procedures.
Data classification is fundamental to insider risk management as it identifies what data needs protection, enables appropriate access controls, and supports monitoring for unauthorized access or exfiltration. Clear classification helps prioritize security efforts and compliance requirements.