Dynamic monitoring of movement of data

The invention claimed is: 1. A method for monitoring of movement of data in a computer network, the method comprising: maintaining a dictionary of data, metadata and templates associated with sensitive data; ordering the dictionary by frequency of identification of terms in the messages related to movement of data that is classified as sensitive; associating an importance level to each item in the dictionary, wherein the importance level is inversely related to the frequency of identification; removing from the dictionary templates, data and metadata with importance level below a threshold; parsing a message, the message including one of a data access command sent to a computer database and a response to a data access command, to extract at least one of a template, metadata and data of the message; examining at least one of the template, metadata and data of the to identify messages related to movement of data that is classified as sensitive message by matching the templates, data and metadata in the message to the templates, data and metadata in the dictionary; and generating a flow graph indicative of new locations of the sensitive data. 2. The method of claim 1 , comprising: applying policy rules to the new locations of the sensitive data to monitor access to the new location. 3. The method of claim 1 , comprising: using the flow graph to detect a data leak through multiple movements of the data. 4. The method of claim 1 , wherein examining the metadata comprises identifying a source and a target for the movement of the data, wherein the target is the new location of the sensitive data. 5. The method of claim 1 , wherein examining the data and metadata comprises: checking if the message includes known types or categories of sensitive data. 6. The method of claim 1 , wherein examining the template, data and metadata comprises performing one or more of: wildcard search, regular expression search, dictionary search, rule match search, fuzzy search, and natural language processing. 7. The method of claim 1 , wherein examining the data access command comprises identifying in the data access command a template that is associated with movement of data, and identifying in the data access command data or metadata that is associated with sensitive data. 8. A system for monitoring of movement of data in a computer network, the system comprising: a memory; and a processor configured to: maintain a dictionary of data, metadata and templates associated with sensitive data; order the dictionary by frequency of identification of terms in the messages related to movement of data that is classified as sensitive; associate an importance level to each item in the dictionary, wherein the importance level is inversely related to the frequency of identification; and remove from the dictionary templates, data and metadata with importance level below a threshold; parse a message, the message including one of a data access command sent to a computer database and a response to a data access command, to extract at least one of a template, metadata and data of the data access command; examine at least one of the template, metadata and data of the message to identify messages related to movement of data that is classified as sensitive by matching the templates, data and metadata in the message to the templates, data and metadata in the dictionary; and generate a flow graph indicative of new locations of the sensitive data. 9. The system of claim 8 , wherein the processor is configured to: apply policy rules to the new locations of the sensitive data to monitor access to the new location. 10. The system of claim 8 , wherein the processor is configured to: use the flow graph to detect a data leak through multiple movements of the data. 11. The system of claim 8 , wherein the processor is configured to examine the metadata by identifying a source and a target for the movement of the data, wherein the target is the new location of the sensitive data. 12. The system of claim 8 , wherein the processor is configured to examine the data and metadata by checking if the message includes known types or categories of sensitive data. 13. The system of claim 12 , wherein the processor is configured to examine the template, data and metadata by performing one or more of: wildcard search, regular expression search, dictionary search, rule match search, fuzzy search, and natural language processing. 14. The system of claim 8 , wherein the processor is configured to examine the data access command by identifying in the data access command a template that is associated with movement of data, and identifying in the data access command data or metadata that is associated with sensitive data. 15. A method for monitoring movement of data in a computer database, the method comprising: maintaining a dictionary of data, metadata and templates associated with sensitive data; ordering the dictionary by frequency of identification of terms in the messages related to movement of data that is classified as sensitive; associating an importance level to each item in the dictionary, wherein the importance level is inversely related to the frequency of identification; removing from the dictionary templates, data and metadata with importance level below a threshold; parsing data access commands sent to the computer database and responses to a data access commands, to extract a template, metadata and data of the data access commands; examining the template, metadata and data to identify data access commands and responses related to movement of sensitive data by matching the templates, data and metadata in the data access commands to the templates, data and metadata in the dictionary; and applying policy rules to the new locations of the sensitive data to monitor access to the new location. 16. The method of claim 15 , comprising: generating a flow graph indicative of new locations of the sensitive data.