A new analysis of data breaches in the United Kingdom's legal sector shows that organizations need to be looking inward more and look for ways to elevate the security awareness of employees.
There’s so much focus on external cybercriminal activity, we often forget about the actions of internal employees that often facilitate a data breach.
Document management vendor NetDocument’s analysis of data from the Information Commissioner’s Office (ICO) shows more focus should be placed on those that work within the company’s proverbial walls. According to the analysis, 60% of data breaches in the U.K. legal sector were caused by insiders, and the other 40% taken up by malicious external actors.
The most common causes of data breaches were:
- Human error (in 39% of breaches)
- Sharing data with the wrong person (37%)
- Engaging with phishing and ransomware attacks (37%)
- Losing data/devices (12%)
Keep in mind that this analysis was only focused on the legal sector. It begs the question “what about all the other sectors in the U.K.?”
The only way to get users to pay more attention to incorporating good cyber hygiene and vigilance in their everyday work is to begin to build a security culture within the organization – something that relies heavily on new-school security awareness training to continually educate the user on both cybersecurity’s importance and their role within it.
KnowBe4 enables your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
