The unauthorized transfer or removal of data from a computer system, typically by an insider or attacker who has gained access to sensitive information.
Data exfiltration by insiders can occur through various methods including email attachments, removable storage devices, cloud uploads, or network transfers. It represents one of the most costly and damaging types of insider threats, with Ponemon Institute's 2025 research showing the average cost per data theft incident at $876,000, often involving intellectual property, customer data, or confidential business information.
A set of tools and processes used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users.
The systematic categorization of data based on its sensitivity, value, and regulatory requirements to determine appropriate protection levels and handling procedures.
The unauthorized use, disclosure, or acquisition of proprietary information, trade secrets, patents, or other intellectual property belonging to an organization.