While employees are the key to identifying cybersecurity vulnerabilities quickly, many companies have failed to create a welcoming environment for whistleblowers. During COVID-19, how can you safely blow the whistle?
Cybersecurity is a fact of business life, but employers are not always pleased when a cybersecurity professional reports a serious and expensive cyber deficiency. Often, instead of addressing the problem, they shoot the messenger and retaliate against the whistleblower.
Ignoring cybersecurity whistleblowers or, even worse, subjecting them to retaliation will not fix data security problems. Instead, it will only result in increasing an organization's legal exposure and driving cybersecurity whistleblowers to report externally.