Every year, Mary Meeker, a partner at venture capital firm KPCB, publishes a comprehensive guide on internet trends. This year’s guide was just released, and SAI Global’s Sean Freidlin offers highlights for the compliance and ethics practitioner. The findings can be hugely informative when it comes to ethics and compliance training and strategies in terms of mitigating data privacy and cybersecurity risk…
For over a decade, Mary Meeker, a partner at the Silicon Valley venture capital firm Kleiner Perkins Caufield & Byers (KPCB), has released a comprehensive presentation on the past, present and future of the internet. Her “Internet Trends” report is one of my favorite pieces of annual research, and the 2017 edition has just been released!
I believe that whether or not you work in the tech industry, the data she shares can be valuable and insightful. It was interesting to me when I worked for a tech startup, and it’s equally interesting to me now that I am a member of the ethics and compliance community.
In fact, I reviewed all 355 slides from her report (I told you it was comprehensive) and found five that I believe should be particularly interesting to Chief Compliance Officers and other E&C professionals.
Without further ado, here are the five slides from Mary Meeker’s Internet Trends report that should be seen by everyone in ethics and compliance (and why you should care)!
1. Internet Usage on Mobile Continues to Grow
The data: Since 2014, adults have spent more time consuming digital media online, per day, on their mobile devices than their desktops and laptops. In 2016, over 55 percent of the digital media consumed by adults every day was on mobile.
What’s interesting to me: For starters, the increase in time spent on mobile is more significant between 2015 and 2016 than 2014 and 2015, which suggests that mobile consumption of digital media will continue to accelerate in 2017 and beyond. In other words, people using their phone to consume media isn’t a “fad,” but the new normal. You’re probably reading this on your phone right now! But it’s also interesting that the time spent on desktops and laptops, as well as other connected devices, is constant over the past three years. That means that mobile isn’t necessarily stealing time away from other screens, but that screens, in general, are stealing more time away from everything else.
How it relates to E&C: There is an “obvious” answer to this, and also a contrarian answer to this. If you aren’t offering your employees some form of E&C training on mobile, then you aren’t delivering that training to them where they are spending their time and attention. Even if completely mobile training isn’t an option for you or fits into your budget, you can still use mobile-centric communication tools and other short-form content that supports your training.
My colleagues at SAI Global recently worked with Towards Maturity to conduct research with the E&C community and produce a report that discovered something very interesting related to this topic. While 91 percent of employees who receive E&C training own a smartphone or tablet, only 7 percent of organizations we surveyed (global sample size: 255) make compliance content available offline on mobile devices, only 25 percent use mobile tablets for online content/courses as part of their training and only 7 percent use smartphones for online training content/courses.
The contrarian answer is that if everyone is spending more time on phones and they’re still spending the same amount of time on computers, well, they may be a little tired of looking at screens all day. You may not have the time or resources to host physical, in-person workshops during a meeting, but it may be worth considering how you can engage employees in ethics and compliance conversations and scenarios without using technology. It’s less measurable, but it may prove to be a welcome break from technology.
2. Debunking a Common Millennial Myth
The data: In Q4 2016, when you combine the total time spent consuming media (analog and digital), adults between 35 and 64 years old actually spend more of their time consuming media, in general, than adults between 18 and 34 years old.
While 18 to 24 year-olds spend roughly 8.6 hours per day consuming media, and 25 to 34-year-olds spend 9.8 hours, 35 to 49-year-olds are spending 12.4 hours and 50 to 64-year-olds are spending 13.5 hours.
What’s interesting to me: If you look at these numbers as percentages, unless you are over 65 years old, there isn’t a huge difference between the different age groups and their behaviors.
If you are between 18 and 24, according to this data, 49 percent of the media you consume is digital. If you are between 25 and 34 (I fall into this range), 45 percent of the media you consume is digital. If you are between 35 and 49, it’s 42 percent, and if you are between 50 and 64, it’s 33 percent. While 49 percent vs. 33 percent may be a large gap, 49 percent vs. 42 percent isn’t that far off.
What that basically means is that when it comes to the mobile and media behavior of the interns, entry-level hires and millennials in your organization versus the SVP and C-level employees in your organization, there isn’t much of a difference. If anything, the difference isn’t how much time is being spent on mobile, but where that time is being spent on mobile.
How it relates to E&C: The U.S. Census Bureau reports that 50 percent of the American workforce will be millennials by 2020, and as a result, the topic of training and engaging these current and future employees is on the mind of every E&C professional. What this report proves, and what has been said many times before, is that everyone uses and appreciates the sleek, modern technology that we’re fortunate enough to have access to, not just millennials.
An iPhone doesn’t care how old you are – it is designed specifically to be usable by everyone and customizable so that each person has their own personalized experience when they use it. Ethics and compliance programs shouldn’t incorporate mobile devices into their training, education and communication because millennials are attached to their phones; they should because everyone is attached to their phone.
3. Cloud Computing Creates Compliance Concerns
Say that five times fast!
The data: According to KPCB’s 2017 report, businesses are adopting cloud technology at a rapid rate and as a result, creating new opportunities that they wouldn’t have otherwise. IT infrastructure spending in public and private cloud technology was 23 percent of their budget in 2013, and in 2016, it was 37 percent.
The two highest-ranking concerns that IT professionals expressed about cloud technology in 2015 were data security and compliance/governance.
What’s interesting to me: While the ability to change vendors saw the largest percentage jump between 2012 and 2015, I don’t think that concern is unique to cloud technology as much as it’s life in general. With so many options available, a spike in B2C technology that operates on a month-to-month contract basis (Netflix, for example), and the speed of technology accelerating at a seemingly impossible pace, it’s not surprising that IT would be concerned about the ability to change cloud vendors.
How it relates to E&C: The second largest percentage jump in concern was around compliance and governance. To me, this basically means that the rate at which regulations to govern cloud computing are drafted, approved and enforced cannot keep up with the rate at which the technology itself will evolve. Attend any E&C conference in 2017 and you’re bound to hear a discussion about the internet of things, artificial intelligence, and how these technologies and advancements that are slowly creeping into our lives will influence the ethics and compliance space from a number of different angles. For E&C professionals, the challenge here is also an opportunity. In the years to come, they will need to learn how to adapt their programs and general risk approach in a way that doesn’t prevent other areas of their business from experimenting with cutting-edge technology and improving processes. At the same time, these advancements in other areas of the business will require they spend more time collaborating with the CTO, CMO or CEO to learn more about them and ultimately how they can be incorporated into their own projects.
4. Risks Associated with Data Privacy and Protection, Digital Media and Cybersecurity Are Accelerating
The data: The amount of spam email being sent and received is growing at a slow, steady rate, but the amount of spam email being sent with malicious intent is accelerating at a dangerous rate.
What’s interesting to me: This one is quite personal for me, as I was actually a target for a phishing attack a few months ago. It’s surprising to see such a significant spike in malicious spam in 2016, because email isn’t exactly new, and neither is spam. If anything, I would have expected this number to decrease, not increase, as I’d expect the technology that identifies and filters spam to be significantly more advanced now than in the past and the sheer quantity of spam over the years to have trained us, as humans on the internet, to be more aware of it when we see it.
How it relates to E&C: This chart should be alarming to Chief Compliance Officers and E&C professionals for a few different reasons. First off, every company operates using email on a daily basis, so the sheer volume of email being sent and received, and therefore the opportunity for spam to fall through the cracks, is a concern. Next, you have to assume that the spike in malicious spam versus simply annoying spam is because, at some level, it is working. This can be because of IT vulnerabilities within an organization or simply human vulnerabilities that capitalize on behavior and psychology at an individual level. In the research we conducted with Towards Maturity, we asked about the top training and risk areas for organizations. Across EMEA, America and APAC, the concern and activity around data protection/privacy ranked in the top 3 across the board, if not #1, among 10 options given, with cyber/information security not far behind it. To put it simply, the technology we love to use and spend most of our time on doesn’t just create new opportunities for us, but also new opportunities for those who want to harm us.
5. Risks Associated with Data Privacy and Protection, Digital Media and Cybersecurity are Accelerating at Scale
The data: Year on year, there continue to be more large-scale breaches with 10,000,000+ identities (and their personal data) being exposed.
What’s interesting to me: Whether the failures that led to these breaches are momentary human errors in judgment or outdated or insufficient IT infrastructure and investment, it’s simply amazing that these breaches are growing and not slowing. Fool me once…
How it relates to E&C: These large-scale cybersecurity hacks and failures to protect data privacy can cause irreparable reputational damage to organizations and severely impact the trust they once had with their customers. Aside from the reputational damage, the sheer financial implications of the data being stolen and the time and effort required to fix these vulnerabilities can damage the bottom line of an organization and ruin their fiscal year. For ethics and compliance professionals, this data can be extremely helpful when it comes to fighting for resources internally to support their program. The cost of a breach is far more expensive than the cost to train employees on how to prevent that breach from happening or what warning signs they should be aware of that can lead to a cyberattack of this nature.
So, what do you think? Are any of these slides surprising to you? Are there any slides in the full presentation by KPCB and Mary Meeker that you think could be interesting to an E&C professional or someone else in your organization? If you found this interesting or educational, share it to help it reach a larger audience.
To learn more about how SAI Global can help your ethics, compliance and risk teams prepare for these trends, visit www.saiglobal.com.