New research is changing – or at least, should be changing – how enterprises think about whistleblowing. What are some lessons enterprises need to take to heart regarding the value of hotline reporting?
Cybersecurity is a fact of business life, but employers are not always pleased when a cybersecurity professional reports a serious and expensive cyber deficiency. Often, instead of addressing the problem, they shoot the messenger and retaliate against the whistleblower.
Ignoring cybersecurity whistleblowers or, even worse, subjecting them to retaliation will not fix data security problems. Instead, it will only result in increasing an organization's legal exposure and driving cybersecurity whistleblowers to report externally.
In 2015, companies took an average of 46 calendar days to close whistleblower cases, up from 39 in 2014 and 32 in 2011, according to NAVEX Global’s 2016 Ethics & Compliance Hotline Benchmark Report.
U.S. securities regulators have awarded a record $14 million to a whistleblower who helped enforcement lawyers with an investigation to recover "substantial" investor funds.
A proposal making it easier for whistle-blowers to file complaints recently passed a significant hurdle when the Office of Information and Regulatory Affairs approved an online retaliation complaint form.
