No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Hidden Threat? They Know There’s a Problem, But Companies Are Still Failing to Intercept Real-World Dangers

Report: Many employers downplay threats for appearances

by Staff and Wire Reports
August 17, 2022
in Compliance, Risk
Hidden Threat? They Know There’s a Problem, But Companies Are Still Failing to Intercept Real-World Dangers

From climate change to the Covid-19 pandemic to hateful political rhetoric — modern society poses risks not only to the people who live in it but the businesses and organizations those people work for, manage and own. And while both physical and digital threats and business risks are rising, a new report from Ontic finds that many U.S. businesses are poised to let them pass right by unchecked.

U.S. corporations are facing an increased volume of threats driven by persistent political, social and economic issues, including Supreme Court decisions, gun violence, diversity, equity and inclusion, the war in Ukraine, return-to-office (RTO) orders and the ongoing Covid-19 pandemic. Concerned about the rise in threat data as well as keeping employees, their CEO and senior executives safe as they return to offices and work remotely, physical security, cybersecurity and IT, human resources and legal and compliance leaders feel increased pressure to identify threats to save their company money and reduce liabilities. 

But about one in four executives anticipate their firms will overlook at least half of these threats, while nearly one-third estimate they’ll miss at least a quarter of threats before they can cause damage, according to new study by the Ontic Center for Protective Intelligence titled, “2022 Mid-Year Outlook State of Protective Intelligence Report.” 

Based on perspectives from C-suite leaders at large U.S. companies, Ontic’s report included leaders in four functions responsible for protecting businesses — physical security, cybersecurity/IT, human resources and legal/compliance. A total of 400 respondents participated in the survey, which was conducted in June and July 2022, including chief compliance officers, chief security officers, chief HR officers, chief infosec officers and those in similar roles.

Few of the leaders Ontic surveyed said they believed their organizations would fail to respond to the majority of threats they’ll face through 2022, but the research also revealed that many companies appear to pay little more than lip service to physical safety, including extreme weather, hostile and violent behavior or threats, actions that compromise adherence to laws and regulations and events that impair IT security.

The majority of respondents (64%) said employees at their companies don’t report erratic or violent behavior or other warning signs in a timely manner, while a similar percentage (63%) say companies downplay risk to make their environments appear safe.

“Our study reaffirms that threats to businesses are many and varied, ranging from hostile written, verbal or physical actions against others, radical rhetoric or hate speech on social media and actions that compromise IT security or compliance with laws, to extreme weather events that can make working conditions unsafe,” said Fred Burton, executive director of Ontic’s Center for Protective Intelligence. “As such, cross-company threat data-sharing continues to be critical and even minor lapses in communications can result in serious security concerns.”

Here are a few more key findings from Ontic’s report:

  • 98% said threat assessment or threat management training to recognize workplace behaviors that could turn violent or cause damage is important for their team to successfully execute their job, including 71% who say it is very important.
  • 66% said in 2022 their company received or investigated one or more threats weekly, including one-quarter that are on track to receive or investigate up to 260 threats annually.
  • Across all four functions, a majority of leaders said employees being furloughed or fired resulted in violence or harm because their departments weren’t notified. This effect was strongest in human resources, where 75% of respondents said failure to notify them led to harm or violence, compared to 72% of legal and compliance, 66% of physical security and 60% of cybersecurity/IT.
  • 54% do not have a mechanism in place that allows employees to anonymously report issues, and 43% rely on employees to take the “if you see something, say something” approach to security, whether they are working from home or in the office.
  • Among 110 publicly traded company executives surveyed, 78% said their company’s investment in security operations (e.g. funding, planning and policy development) is based directly on risk factors disclosed in its public SEC filings, including the 10-K risk factors; 77% agreed these barely skim the surface in terms of the scope and volume of security threats they investigate and receive.

“To function in this new turbulent normal, to grow and thrive, organizations must cultivate a culture of security. Information, action, communication, training and habit can mitigate business and mission-critical threats and liabilities, preserve business integrity and ensure critical resilience,” said Lukas Quanstrom, CEO of Ontic.

Quanstrom continued: “Communication silos still exist and different departments are inefficiently assessing the same threat. But it is heartening that U.S. companies continue to actively consolidate their multiple threat intelligence, monitoring and alerting solutions. Our research says it can’t happen fast enough: a majority said three-quarters of threats that disrupted business continuity resulting in harm or death at their company in 2022 could have been avoided if physical security, human resources, cybersecurity and IT, legal and compliance shared and viewed the same intelligence in a single software platform.”

Tips for legal & compliance teams

What are the best tactics legal and compliance teams can use to address physical threats? Ontic recommends a few moves:

  • Solidify a response plan. Having an effective response plan in place can be instrumental in mitigating the impact of an incident. Once you formulate your response plan, make sure your team runs it through a tabletop exercise to ensure its effectiveness and identify gaps.
  • Train employees on the response plan. Run through different scenarios with the team members responsible for addressing the threat to help identify additional gaps in the plan, and then update accordingly.
  • Collaborate with your security team. Threats across cybersecurity, human resources, legal and physical security often stay in silos. Establish policies for cross-departmental collaboration before you need to build a policy during an incident.
  • Review your policy with your insurance provider. Your insurance provider should play a role in helping you put your response plan in place (and don’t forget to add “notify carrier” in your response plan). While this may seem a given, it is a critical step that is often overlooked.
  • Adopt a technology-driven approach. With the right system in place, both legal and security teams are able to access physical threats in real-time, allowing them to stay one step ahead of potential risks and to better protect their employees, assets and infrastructure.
  • Maintain a reliable and robust audit trail. If your safety and compliance protocols ever come into question by clients, employees, authorities or shareholders, an accurate and thorough audit trail will allow you to demonstrate that the appropriate measures were taken by your organization to uphold its duty of care.

Tags: COVID-19
Previous Post

Reimagining Compliance in Banks and FIs: The Role of Regtech

Next Post

Did Covid Lead to a Lower HIPAA Fine?

Staff and Wire Reports

Staff and Wire Reports

Related Posts

uvalde crosses

Will 2023 Bring More ‘Permacrisis’ Culture?

by Lisa Schor Babin
January 4, 2023

While 2022 had no shortage of chaotic events, ethics columnist Lisa Schor Babin shares her hopes for 2023 — and...

Eventus Awards

Eventus Named Best Market Surveillance Provider, Adding to Recent List of Honors

by Corporate Compliance Insights
August 4, 2022

Trade surveillance and market risk solution platform Eventus won its fourth major award in the past month, as its Validus...

worker anxiety

Fighting the Employee Anxiety Pandemic Requires More Than Quick Fixes

by Lisa Schor Babin
August 3, 2022

Long before anybody had heard of Covid-19, a workplace crisis was brewing: People were becoming overworked and overstressed. The pandemic...

flower growing between stones resilience concept

Turning Crisis into a Catalyst: What the Pandemic is Teaching Companies and Compliance Teams About Innovation, Agility and Resilience

by Jim DeLoach
May 3, 2022

A strict focus on compliance can stifle creativity and innovation. But a work environment that encourages those traits is key...

Next Post
people waiting in covid line

Did Covid Lead to a Lower HIPAA Fine?

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT