Computer data spends most of its life "at rest." Whether it is stored on your desktop hard drive or somewhere in the cloud, "data at rest" is any data that is not, at a particular moment, being transmitted or acted upon.
Encryption is often regarded as a main line of protection for sensitive data. But historically encryption has been associated with messages – that is to say, "data in motion," being transmitted, and encrypted to protect it from eavesdroppers during the transmission process.
Computer technology reinforces this association of encryption with "data in motion." Encryption keys can be created on the fly, and destroyed when the message-sending process is completed. But "data at rest" is inherently persistent, and any encryption keys used to protect it must also be persistent. The key must be stored along with the data it protects, and is therefore itself vulnerable to theft. (If a key is encrypted, some other non-encrypted key is needed to make use of it.)