All organizations, even the most transparent, have confidential or sensitive information. At the very least, the personal information of members of the organization should be protected from public disclosure. In addition, most organizations have confidential information related, for example, to products, clients, strategic plans, owners, suppliers, or donors that has intrinsic value and should therefore be protected from disclosure to competitors or other outsiders. Other information, such as organizational infrastructure designs, security measures, or insider personal information may have less intrinsic value but can be leveraged by a malicious outsider to gain access to organizational secrets or other assets.
Espionage, in various forms, long predates the Internet and social networks, but public electronic forums pose a significant challenge to organizations trying to protect confidential information. Outsiders who wanted to obtain confidential information about an organization once had to rely on tactics like physically entering buildings, eavesdropping on conversations, or searching trash cans for confidential documents. Now anyone in the world may gather information about an organization by searching web sites, social networks, or other public electronic forums. Disgruntled or malicious insiders may use public forums to leak confidential information or post complaints about problems or vulnerabilities within the organization. Even the most loyal and enthusiastic organizational insiders may ignorantly disclose confidential information, for example, by discussing a project they are involved in on an electronic discussion board.
Accordingly, the instant disclosure identifies and addresses a need for additional and improved systems and methods for detecting information leakage by an organizational insider.