Insider threats responsible for two thirds of data breaches at UK legal firms

Humans are often considered the weakest link for any organization when it comes to cybersecurity. More often than not, companies suffered from ransomware or cyber incidents simply because an employee clicked on the wrong link, used a weak password, or was not vigilant when using their work devices.

Some of the biggest cyber incidents in the world have been caused because of the weakness of employees. Since then, companies have and continue to invest heavily in ensuring their employees are well educated on their online activities, including the types of passwords they use, and maintain their device’s security.

While this does educate employees, there is still another problem with them. Insider threats in organizations are now becoming a big concern for some businesses around the world. Compared to compromised employees, insider threats are actually caused by employees who want their company to be compromised.

In fact, according to NetDocuments, a leading secure cloud-based content services platform for law firms, corporate legal teams, and compliance departments, data breaches caused by insiders remains a threat to the UK legal sector.

Based on analysis of the latest data from the Information Commissioner’s Office (ICO) from Q3 2021, 68% of identified data breaches in the UK legal sector (i.e., those where the origin could be identified) were caused by insiders, as opposed to only 32% caused by outside threats, such as external malicious actors.

For most organizations, the Great Resignation has already created the “Great Exfiltration” whereby employees are leaving their jobs and taking their company’s data with them. These findings now highlight the need for law firms to prioritize addressing threats from within and invest in the latest data security and governance controls.

“Given the sensitivity and vast amount of data that law firms manage, the legal sector is one of the most at-risk industries from both accidental and intentional insider data breaches,” commented Andy Baldin, VP of International Business at NetDocuments.

Baldin pointed out that the shift to remote working and the advent of the ‘Great Exfiltration’ has only exacerbated the issue. He added that it’s clear that law firms need to be extra vigilant and take proactive steps to gain control over how files are accessed, and what users can do with them, while at the same ensuring their staff remains productive.”

The analysis of the ICO data highlights the common causes of data breaches in the legal sector:

• 52% of data breaches in the legal sector occurred from sharing data with the wrong person (via email, post, or verbally)
• 25% of data breaches in the legal sector occurred from phishing attacks
• 10% of data breaches occurred from losing data (loss/theft of a device containing personal data, or of paperwork or data left in an insecure location)
• 54% occurred from human error (verbal disclosure; failure to redact or use bcc; alteration of data; hardware misconfiguration; documents emailed or posted to the wrong recipient)

As Baldin highlighted, whether malicious or through careless actions, data breaches can cause huge financial and reputational damage.

As such, law firms should look to prioritize data loss prevention as part of their overall cybersecurity strategies. This will ensure that they have an extra line of defense when it comes to preventing exfiltration and the unauthorized or inappropriate use of data.

Whether it is intentional or not, the reality is, that insider threats will continue to be a major business concern. Therefore, it is also important to note that this practice should not only be confined to law firms. In fact, every business that deals with sensitive data should consider prioritizing its data loss prevention strategies.