The question of banning social media or not is no longer on the table – the social media train has left the station. Organizations that get on board are realizing significant benefits in the new ways it offers to interact with, understand and serve the public. But social media also provides new ways for cyber criminals to perpetrate existing types of crime and opens up a new domain for criminal activity.
As security professionals, it’s our job to enable business while protecting it; embracing social media is an imperative, but we also need to mitigate the exploitation of what our organizations reveal online.
To gain the benefits that social media affords while minimizing the risks, the first step is to understand the types of social media risks. Employees, suppliers and partners can create risks such as exposure to sensitive information, oversharing, loss of brand control, non-compliance and vulnerabilities in social engineering. But even greater damage can come from third parties with malicious intent. Bad actors are using social media to launch malicious campaigns, coordinate attacks and conduct reconnaissance as well as employing it as a release mechanism for stolen content and defacement.
Opening your eyes to the risks that are specific to your organization requires asking very pointed questions that are often difficult to answer.
• What confidential, sensitive or proprietary data is leaking through my boundary? As organizations adopt social media and mobile devices, the boundaries around them are blurring because of the free flow of data these technologies encourage. Much data leaked this way — either accidentally or deliberately — is highly confidential, sensitive or proprietary and therefore valuable to third parties intent on espionage and competitive intelligence. The BYOD trend exacerbates the risk as the level of protection on these devices is often inadequate.
• Who is planning a targeted cyber attack against my organization – and how and when will they do it? Organizations are facing a rise in targeted cyber attacks committed by activists, criminals and nation states that use social media to conduct intensive research on targets and coordinate attacks. Countering these threats requires greater insights into adversaries, their motives and tactics.
• What potentially brand-damaging information is being published online? The use of social media in supporting corporate work and engaging with the supply chain means the risk of brand-damaging material leaking onto the Internet has never been higher. Third parties may also target and spread malicious online rumors about an organization or even impersonate it, posting content that can cause serious reputational damage.
• How is the security of my organization and my key employees being compromised by online material? The widespread take-up of social media means individuals now cast an even greater digital shadow across the Internet. A digital shadow is a subset of a digital footprint that consists of exposed personal, technical or organizational information that is often highly confidential, sensitive or proprietary.
Threat actors can aggregate on-line postings to reveal a great deal of sensitive personal information about an individual, resulting in impersonation, identity theft or even physical harm. In the reconnaissance phase of the attack, attackers can even use social media platforms to piece together information from many individuals and create a detailed picture of the target organization’s IT infrastructure.
To answer these questions you need to bring together all the information your organization possess about itself such as its people, risk posture, attack surface, entire digital footprint and digital shadow. This information must be relevant and contextual, based on industry, company size and geography, and must include insights into would-be attackers.
Cyber situational awareness provides this level of information by analyzing your organization through an “attacker’s eye view” and identifying risks that are specific to your organization, including potential threats, instances of sensitive data loss or compromised brand integrity. With this perspective you can proactively mitigate risks, including those enabled by social media, and minimize potential damage. So go ahead and jump on the social media train – just make sure your eyes are wide open.