2022 E&C Hotline Benchmark Report Insights: Gorillas in Our Midst

July 21, 2022
This article was taken from ComplianceLine’s 2022 Ethics and Compliance Hotline Benchmark Report. Get more information here!

Selective Attention

Selective attention refers to the human inability to focus on more than one thing at a given time. When a certain stimulus consumes an individual’s attention, it often becomes nearly impossible to see anything else.

In a famous psychological study, subjects were asked to count the number of times a group of people in a video passed a basketball, then were asked what they had seen. Strangely, an extremely low percentage (as low as 8% in some tests performed) noticed the woman dressed in a gorilla suit walking through the scene. In the course of our review of the past four years of Environment, Health & Safety (EHS) concerns, an interesting pattern emerged between EHS and Privacy reports after the pandemic began. 

Take a look.

Heeding Headlines

In mid-2019, several large-scale data breaches were in the headlines (American Medical Collection Association, Capital One, Equifax settlement), and we saw a corresponding rise in Privacy/Infosec reports starting around this time, a category that had remained relatively stable over the previous years analyzed. However, this rise was halted as COVID-19 consumed the headlines and shifted focus and concern toward the pandemic and its unknown associated risks.

As protocols started to take effect and employees began to live on Zoom in a WFH environment in Q2 2020, we saw two new huge data breaches — 267 million Facebook profiles popping up on the Dark Web and cyber attackers breaching Zoom for more than 500,000 users’ credentials6 — thrust data privacy back into the collective consciousness.

Utilizing Gorillas

The point is, for almost every major secular increase/decrease in EHS reporting rates, there was an opposite decrease/increase in Privacy/Information Security concern virtually in the same month. No other issue categories mirror the EHS reporting trend so closely or consistently.

When people focus on one thing they can easily overlook something else. Incidents reported through your intake channels tend to correlate with the headlines. You probably noticed an influx of sexual harassment reports during the #MeToo movement in late 2017, for example, and the monthly composition of your reports over the last year likely mirrored that which was top of mind for your workforce. 

This cognitive bias ingrained in all of us presents an opportunity for Ethics & Compliance teams to gain significant traction on important initiatives, but it requires employment of the “Headline Effect.” Remember what it was like during the height of the pandemic, when COVID-19 was in every headline — it was all anyone was talking about.

Carpet-bombing workplace retaliation, for example, with an omni-channel campaign attacking it from all angles can not only keep it top of mind for your workforce, but also cause people to focus on it — seeing it anywhere it exists and weeding it out. The E&C team of the future is one that understands human psychology and behavioral science and uses them to its advantage to drive an authentically ethical workplace culture forward in sustainable ways.

Want more actionable insights, data, and stats on the future of compliance programs? Get the ComplianceLine 2022 Ethics and Compliance Benchmark Report here.

[1] Simons, D. J., & Chabris, C. F. (1999). Gorillas in our midst: sustained inattentional blindness for dynamic events. Perception, 28(9), 1059–1074. Retrieved from https://doi.org/10.1068/p281059

[2] Osborne, Charlie. (2019, June 19). Data breach forces medical debt collector AMCA to file for bankruptcy protection. ZDNet. Retrieved from zdnet.com/article/medical-debt-collector-amca- files-for-bankruptcy-protection-after-data-breach/

[3] Alfred, N. & Serrels, M. (2019, July 29). Capital One data breach involves 100 million credit card applications. Cnet. Retrieved from cnet.com/news/privacy/capital-one-data-breach-involves-100-million-credit-card-applications

[4] Alfred, N. & Keane, S. (2019, July 22). Equifax to pay at least $575 million as part of FTC settlement. Cnet. Retrieved from cnet.com/news/privacy/equifax-to-pay-at-least-575m-as-part-of-ftc-settlement

[5] 5Abrams, Lawrence. (2020, April 20). 267 million Facebook profiles sold for $600 on the dark web. Bleeping Computer. Retrieved from bleepingcomputer.com/news/security/267-million-facebook- profiles-sold-for-600-on-the-dark-web

[6] 6EZShield Team. (2020, April 15). 500K Zoom Accounts Discovered for Sale on the Dark Web. Sontiq, Fighting Identity Crimes. Retrieved from https://www.fightingidentitycrimes.com/500-000-zoom-accounts-discovered-on-dark-web