Developing a Response

Identifying threats is a complicated task in itself. But once you have identified what those threats are and you’ve assessed the damage, what do you do next? A response team can encompass multiple departments. As we have been discussing, a combination of staff from HR, IT, and Marketing will usually need to be called upon for most large-scale threats.

If you are in charge of defending the company website and an attack is launched from an IP address in Russia and you only do business in the United States, you could easily block that IP address from even being able to see your website. If you see a new virus launching attacks, you could easily update your virus scanner with new attack signatures. But with social media attacks, you can’t really shut off access to your blogs, and you definitely cannot stop people from using Twitter. You have no real way to stop an attacker from disparaging your brand: users have freedom of speech, and cease and desist defenses tend to backfire. So what is your response to this type of threat? We will get into actual controls in later chapters, but for now, having identified the threats, categorized them, and accessed the damage, you have to decide which responses or countermeasures to launch.

Threat identification is the first step, as discussed previously. But who identifies these threats? The most important groups for identifying threats are IT, Marketing/Communications, and Customer Service (they are usually the first to be notified by a customer about problems with the company, its service, or its products, and are a great first response team). If the IT team has the right monitoring software and resources in place, they can see when a brand attack is being launched. With the right tools, such as a reputation management service, IT can monitor what’s being said, or they can see if company pages are being taken over by attackers if the company’s social media resources are compromised. The Marketing team can identify an attack by paying attention to social media monitoring dashboards, feeds, and alerts, and seeing what is being posted. Budget limitations are no excuse. Free and simple methods for finding content posted on the Internet are available. Google Alert (http://www.google.com/alerts) can alert you instantly, by e-mail if you’d like, when key words you’re tracking pop up. Another free resource is Addict-o-matic (www.addictomatic.com). You can track information about a company, person, or topic for free, as shown in Figure 4-2. (Alex is very popular, although there is another Alex De Carvalho who is a dancer, as you can see in the YouTube listing.)

image

Figure 4-2 Utilize Addict-o-matic for free monitoring.

And once the threat has been identified, who is responsible for analyzing and defending against the threat? Clear roles and responsibilities have to be proactively implemented. As with any technology threat, certain people or groups are responsible, depending on the type of threat. If the threat is a false story about how bad the company product is, then it might be up to Marketing, Sales, Customer Service, and/or Legal to respond, depending on the context. If an attacker compromises the corporate blog or Facebook page, IT should be involved with recovering the site, changing passwords, cleaning up any malicious software that may have been installed, protecting against further compromises of the account, and helping to identify the perpetrator should legal action be considered.

All threat response should be based on a defined policy. As with an IT security policy, the social media security policy must include an incident response component. This component contains the threat management steps that everyone who has a social media responsibility should know and can use as a guideline for resolving future threats. The main advantages of implementing an enterprise-wide threat management process include:

image Addressing regulatory compliance issues that affect operations when social media is used to communicate information or manage customer data

image Complying with regulations such as HIPAA Security Rules, RedFlag, or PCI DSS. We will touch on various legal issues throughout the book.

image Improving privacy for, security of, and information about customer information assets

image Mitigating the risk of unauthorized access to, use, or disclosure of information on social media channels

image Maintaining competitive advantage

image Implementing the right security tools to protect information assets in accordance with their value

Top Social Media Threats

Social media websites, tools, and companies change so frequently it’s hard to point to a specific technology as being the top threat. The top threats against social media can be categorized, however, along with the affected technologies, websites, and applications.

1. Libel/Slander/Defamation

Social media posts are discoverable in legal actions, in some cases even when they’re posted privately to a select group of people. Horizons Group Management, LLC, filed a libel lawsuit against a Twitter user who claimed his or her apartment contained mold. Specifically, the Twitter post stated, “Who said sleeping in a moldy apartment was bad for you? Horizon realty thinks it’s okay.” Horizons is seeking damages in the amount of $50,000 (http://www.blackweb20.com/2009/08/06/libel-and-social-media/).

2. Copyright/Trademark

It’s extremely simple to copy and share protected information and very hard to track copyrighted information and very easy to infringe on a trademark. In November 2010, GAP, Inc. launched a lawsuit against a small startup, Gapnote.com, stating that the goods and services marketed under GAP, Inc. and Gapnote.com were similar, which infringed on GAP trademarks. Because Gap has such a wide social media footprint, they filed a serious infringement lawsuit against Gapnote.com (http://www.siliconrepublic.com/business/item/18766-retail-giant-gap-inc-in/).

3. Changing Technology

Social media sites and tools are constantly changing. By the time this book comes out there will probably be a whole new set of sites we haven’t covered.

4. False Information

Since everyone and anyone can create content, you don’t know if the content in a profile is true. The fake BP Twitter account (@BPGlobalPR) initially looked like a real corporate account (until they started posting some really funny tweets!).

5. Location-based Activity

With just about every new service having a location component, stalking someone with a publicly open account, cross-referencing information, and potentially finding where competitors are meeting clients, or infringing on an employee’s privacy can be easy.

6. Corporate Espionage

As employees and employers put information online, it’s actually become much easier to conduct corporate espionage over social media than ever before. By following your rival on Twitter, you might garner confidential information employees disclose unknowingly. If your competitor’s sales staff uses foursquare, perhaps they’ll check in at a client site. If you want to break into their e-mail account, finding a Facebook and LinkedIn profile with lots of personal information such as a pet’s name, street address, and kid’s name—all of which many people use as passwords—is easy. Just start guessing their password.

7. Identity Theft and Impersonation

If a social media profile is compromised, impersonating someone is simple. The amount of information available makes re-creating an identity easy. Identity theft can happen through spoofing or phishing. A hacker can send phony posts from “friends”—posts you might believe—and once you click a link, you may be rerouted to malicious sites or remote code may be executed to compromise your computer.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset