Chris J Powell

Risk Management and Social Media

The world is a rapidly changing place with new technologies and new methods of communication and interconnection being developed every day.  With all of this innovation there is an inherent need to take a step back and look at the potential hazards and risks associated Social Media.  I really do think that it is important for both business and individuals to take a step back and focus on the Risk vs. Reward process of making the leap into Social Media.

In a December 2011 White Paper the SANS Institute published an interesting report on the state of Social Media from a Risk Management perspective.  Some interesting facts came about from the report that had me thinking both from the perspective of an employer…but also from a very personal and introspective look as well.

  • 63% say “that employee use of social media puts their organization’s security at risk” but only 29% “say they have the necessary security controls in place to mitigate or reduce the risk”
  • 49% of executives surveyed said that they feel that the use of social media could damage company reputation but only 1/3 have addressed those concerns

The report goes on to define the most common threats:

  • Reputation/Brand as an AssetThis is the exact reason why Social Media is a double edged sword.  Reaching a global audience with a few simple clicks…and at a cost that for the most part is FREE…that is hard to not take advantage of, but anyone with 5 minutes and an axe to grind can destroy the reputation of a Brand with a blog and well timed social posts!
  • Information Leakage – Intentional or unintentional the potential for information creeping out of a business through social channels (or other Web 2.0 Technologies like Dropbox and iCloud) is a real potential threat.
  • Data Loss – From both internal and external threats the potential for Data Loss is one that no business can afford to not be aware of.  Look no further than the repeated threats by hacker group Anonymous!
  • Piracy and Infringement – If Loss and Leakage is not enough what about pure unadulterated theft of Intellectual Property!!!
  • Corporate Espionage – The enemy is at your gates!
  • Reconnaissance – The reality of information in the wild is a danger to an organization…something as simple as a job posting on an online provider can open an organization to risk!
  • Organizational Financials -Imagine if you knew about the Facebook earnings report 3 days before anyone else…cashing in on that short sale would be amazing…unless you are one of the 1000s of staffers who took stock options instead of a raise!

The reality is, Risk Management is all about looking at all the vectors and assessing the Risk vs. Reward for each.  If you are a Defense Contractor…Corporate Espionage and Data Leakage are pretty big on your list of things to watch out for…but if you are Joe’s Diner looking to get word out about your great Steak and Cheese special…Reconnaissance and Infringement do not likely rank high on your “need to worry about Radar”.

The fact remains, organizations every day run through Risk Assessments and move ahead with projects…but if you are not at least looking at the potential risks before you dive into the Social Media Shark Tank…well that is another discussion all together.

So you may be wondering what you should be doing as an individual to measure some Risk before making that next Facebook Post that lets the world know that you will be on vacation in the Caribbean next week.  The truth about Social Media is that it is both a blessing and a curse…I know I have been living a Social Life for the past 18 months and the “always on” nature of Social Media is wonderful…but draining!  In an article from NAPILA (North American Professional Liability Insurance Agency) outlines some of the personal and professional risks and challenges of Social Media.

Weigh the risks and the rewards…if Social Media is worth the risks to you…then by all means embrace it.  Facebook is not for everyone, and Twitter…well it is still a foreign term to many but there are great rewards that can come to those who balance the Risk, and Reap the Benefits!


Chris J Powell


Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.