One-third of in-house counsel worldwide have reported that they have experienced a data breach, a new study has indicated.
Research from the Association of Corporate Counsel (ACC) Foundation found that breaches were over twice as likely at the largest businesses and were often due to internal factors such as an employee error.
The study, entitled the State of Cybersecurity Report, looked at cybersecurity in the corporate sector for over 1,000 in-house counsel at 887 organisations in 30 countries. This included 77 per cent who hold positions of general counsel (GC) or chief legal officer (CLO).
In this constituency, 50 per cent wished to increase their role and responsibility relating to cybersecurity whereas 57 per cent admitted that the law department’s role in cyber matters will increase in the coming year.
Less than two-thirds of GCs/CLOs reported that third parties need to notify them if a breach occurs, whereas one-third of them say they have retained outside counsel in the event that a cyber breach occurs.
One-third of GCs/CLOs also said that they have retained outside counsel to protect them from the threat of cyber attacks. It was also found that corporate lawyers in the retail industry are most likely to admit that they collaborate with law enforcement to handle cybersecurity dangers.
Veta T Richardson, ACC president and chief executive officer, said: "In-house counsel operate at the intersection of complex legal and business challenges facing companies today.
"Therefore, it is not surprising to see that GCs and CLOs are playing an increasingly active role in cybersecurity strategy, risk assessment and prevention."
Employee error is the most common reason for a breach in all regions except for the Asia Pacific, yet under half of in-house counsel reported that mandatory training happens at their companies.
"Even companies with established cybersecurity preparedness programmes continue to increase their spending in order to minimise ever-present risk," Ms Richardson said. "Unfortunately, no sector or region is immune. Our findings indicate that general counsel expect cybersecurity risk to only increase in the upcoming year."