Home News Insider Breaches on the Rise in Legal Sector: Report

Insider Breaches on the Rise in Legal Sector: Report

Insider attacker leak data

A research report from Egress, a provider of human layer security solutions, revealed that 96% of security leaders opined insider data breaches as a major concern. The report named as “Insider Data Breach Survey” uncovered that 77% of employees put personal data at risk accidentally in the past 12 months and 78% think employees have put data at risk intentionally.

The survey findings are based on the responses from more than 500 security decision makers and 5,000 IT professionals surveyed across the U.K., the U.S., and Benelux regions. Respondents from legal sector admitted that their employees intentionally and accidentally broke company’s policy while sharing data. Around 57% of them said they had intentionally broken company policy while 56% said they had done it accidentally. 44% of security leaders from the legal sector say it is likely employees will put data at risk in the future.

Egress CEO Tony Pepper said, “Given the sensitivity of the information they handle, the legal industry is one of the most at-risk sectors from both accidental and intentional insider data breaches. While they acknowledge the sustained risk, bizarrely IT leaders have not adopted new strategies or technologies to mitigate the threat. They are also relying far too heavily on their staff to self-report incidents, something our analysis suggests is totally ineffective. In essence, they are adopting a risk posture in which at least 44% of employees putting data at risk is deemed acceptable.”

Misused and Phishing emails are Major Concern of Insider Breaches

Nearly 55% of legal sector employees who had accidentally leaked data stated that the incidents occurred due to phishing emails. And 31% of them said they sent information to a wrong person.  “Incidents of people accidentally sending data to incorrect recipients have existed for as long as they’ve had access to email. As a fundamental communication tool, organizations have weighed the advantages of efficiency against data security considerations, and frequently compromise on the latter,” Pepper added.