Don’t Egress! It’s Another Survey Result on Data Breaches!: Cybersecurity Trends

See what I did there?  😉  Here’s a report that finds that 96% of IT leaders within the legal sector say that client and company data is at risk via email and 90% of organizations have suffered data breaches via email in the last 12 months.

The Egress Data Loss Prevention Report 2021 is the result of a study, independently conducted by Arlington Research on behalf of Egress, interviewed 500 IT leaders and 3,000 remote-working employees in the UK and US across vertical sectors including financial services, healthcare and legal.  Human error was at the root of nearly one-quarter of incidents via email, with 24% caused by an employee sharing data in error – for example, sending an email containing sensitive data to the wrong recipient or attaching the wrong file.  Sadly, that happens all too often, as many of us have seen.

Other key insights include:

  • Client awareness of data loss is growing – and 62% of legal IT leaders report that they’ve seen an increase in clients asking whether they have email data loss prevention tools in place;
  • 77% of legal IT leaders reported that they have deployed static email DLP solutions. However, 37% believe that they create user friction;
  • 90% of legal employees are sending more emails due to remote working, heightening the risk of an email data breach;
  • 62% of legal IT leaders have reported an increase in email data leaks since implementing remote working as a result of the pandemic; and
  • 93% of legal employees feel worse due to the pandemic, leading to increased likelihood of mistakes and security incidents.

When it comes to remote working, employees have also become even more reliant on email, particularly for sharing sensitive data. Since the beginning of the pandemic, 90% of employees at legal organizations reported sending more emails and 88% say they use email to communicate confidential information, increasing the surface area for risk when it comes to an outbound email data breach.

The research also found that 57% of employees are working in environments where distractions and interruptions are commonplace, such as a shared home offices and communal spaces. In addition to concerns around confidentiality, the distractions faced by employees in these settings leads to an environment of heightened risk of accidental data loss.

And, as I discussed a couple of days ago, the risk is compounded by stress and tiredness – and the research revealed that 93% of employees reported that they feel worse because of the pandemic. The blurring of work and home life has led to many employees working longer hours, in distracting environments, with both factors exacerbating the risk of an employee-activated security incident.  Sounds like some of us need to “egress” more often!

Highlights of the report are covered on Legal IT Professionals here.  It doesn’t surprise me that remote working has led to an increased risk of data breaches via email – the challenges and distractions of working at home are a real concern.  It makes it more important than ever to think before you hit send.  Double-check the recipients in your email (especially when using AutoFill as you can inadvertently select an incorrect recipient if you’re not careful).  And double-check your attachments as well – attaching the wrong file to an email is another common mistake.


So, what do you think?  Do you “know a friend” who has inadvertently disclosed information via email?  Sure, you do.  Please share any comments you might have or if you’d like to know more about a particular topic.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

Leave a Reply