Speaking up, Speaking Out: Why security concerns don’t always get reported

By Meredith Moore, Founder and CEO Greylake Training Solutions

As security professionals, we rely on the workforce at our companies and organisations to report incidents that have the potential to put us at risk. Our hope is that our colleagues will be proactive and preventative, ensuring potential threats will be brought to the attention of security so they can be nipped in the bud before anyone is put in harm’s way.

To facilitate this, we provide access to 24-hour helplines, give out our personal numbers, and promote technologies, protocols, and procedures to assist our colleagues in reporting an emergency. Reminding staff of what to do in a crisis is a huge part of security professionals’ daily operations.  If every staff member who encountered a situation that threatened their safety reported it to security before it materialised into a critical incident, our jobs would be a lot easier.

So why don’t our colleagues always speak up about the incidents they encounter? The hostile, disruptive colleague that makes threats, the toxic tension created by a boss who is notorious for harassment and abuse or, the suspicious person entering the workplace without proper identification. These are all examples of situations that many people deal with at workplaces all over the world.  People could bring these types of situations to the attention of security or human resources professionals to mitigate any further risk. But more often than not, people don’t say anything. Why is this?

The reasons stem from many nuances based on each unique situation. However, it boils down to some basic psychological factors. The first; being a ‘whistleblower’ is difficult. People who speak out against wrongdoing are putting their own reputation on the line. They might be worried about intervening because they fear retaliation, being socially ostracised, or unfairly judged for going against group conformity. They might sit back and see others doing nothing and wish to maintain the status quo. We are all taught to ‘mind our own business’ and that’s what prevents people from speaking up. Nobody wants to go against the grain.

‘Whistleblowers are relatively rare, however. In a recent experimental study by psychologist Piero Bocchiaro, fewer than 1 in 10 people reported an authority figure who was doing something unethical, and in other studies — such as the famous Milgram experiment in which unwitting experimental subjects were instructed to give others electric shocks — most people are reluctant to defy those in charge.

A whistleblower’s belief in the rightness of his or her action must be strong enough to overcome the hazards of speaking out. In a recent Boston College study, researchers asked people questions to gauge their moral priorities. People who valued fairness above loyalty were more likely to say they would blow the whistle on someone who committed a crime. ‘A lot of it comes down to their ability to hold on to a set of principles in the face of countervailing social information,’ said Zeno Franco, a psychologist at the Medical College of Wisconsin. ‘That’s a very tough call. Most of us don’t want to be in the out-group.’

Whistleblowers are typically also comfortable with a certain degree of nonconformity. Sometimes that’s because they feel secure in their professional roles. Ohio State University studies have found that whistleblowers are more likely to be male, have high status, and have a long work history — which makes the sacrifices of less powerful whistleblowers even more notable by comparison. Situational factors matter, too. People tend to blow the whistle more when their organisation is known for addressing problems effectively.’

Elizabeth Svoboda, What makes whistles-blowers speak out while others stay silent about wrongdoing, The Washington Post, 2017

This research gives us some insights on how to empower our colleagues to report wrongdoing and potential threats to our safety. Firstly, our focus should be on prevention by building a strong rapport with colleagues, raising awareness, and, most importantly, creating a culture in which reporting concerns is valued.  Engaging leadership to get involved boosts trust and transparency, a key component of this culture. To be better informed about potential threats before they arise, security and human resources need to form stronger partnerships and be a united front in information- sharing. Security teams should be seen as approachable, fair and empathetic.  Doing this takes time and effort, but promotes confidence that reporting incidents and concerns will result in a positive outcome, ultimately resulting in a happier and safer workforce.

Until next time.

Related: