The focus of this article is to identify ways that information in the enterprise can be inappropriately removed and a framework for how to mitigate these risks and protect your organization from the potential litigation, fines, and sheer embarrassment that can follow from such an event. This is a shift from the traditional approach of protecting the infrastructure on which the data resides to the security of the information itself. Hackers today go out of their way to keep their existence a secret from their victims in order to farm the maximum amount of information before having to go to the expense of searching for and infiltrating another victim.”]
Source: https://www.csoonline.com/article/2124055/it-s-the-information–stupid.html