Today i presented my thoughts at the Security Company SASIG event in Edinburgh. It turned out to be a useful debate and discussion about a range of organisations' approaches to Social Media and online security.
What was particularly surprising was the amount of correlation between what we are doing with policing and the approaches of other organisations including banking.
Since the Chatham House rule applied I will refer to generalities rather than specific comments from attendees
There seemed to be a number who ascribed to the following general challenges being faced by organisations with social media
In summary
There is a need to identify the Business benefits and disbenefits of use and also non-participation in social media
The challenge of creating an online corporate identity and retaining it.
Using social media to enhance both internal and external communications with staff and customers
Creating the right balance for personal empowerment
Designing or adapting to the most effective Social interaction
We had a useful discussion about the value of social media to corporate intelligence and the need to link it to existing non digital methods. In other words don't expect social media to replace other sources, more so to enhance and blend it's product. "Intelligence" translated as much to the commercial world as any public sector approach.
Clearly social media opens up a range of opportunities for the would-be attacker, whether internal or external, to cause damage to an organisation. Some ideas and issues discussed included
Know your enemy. Understand who would want to cause disruption and why. It could be an organised threat or it may just be a disgruntled employee or someone merely exercising their ability to use their skills for fun.
Strengthen the basics and in particular know what the internal rules are, and enforce them.
Identify the boundaries. Understand what people can do, build on creativity but be alive to loose cannons.
Spend time thinking about the next threat to your organisation or people. Consider what the impact might be on the next level of technology.
Put in place measures that will identify where people are leaking information, suspicious IP addresses for example.
We discussed the findings of the Legal and General Report, produced and trended in 2010
A valuable insight into risks associated with online social media and social engineering
http://www.legalandgeneral.com/_resources/pdfs/insurance/digital-criminal-2.pdf
Approaches to the more general issues associated with social media included
Building the existing security structures around the threat.
Being aware of comment about your organisation and addressing it whether positive or negative
Understanding the threat landscape and planning to change as the landscape changes
Engaging with customers and identifying their needs, wants and concerns at an early stage
The above represents a small selection of some of the discourse but the clear message for me was that literally, we are in this together. No agency, company or organisation, or sector has a monopoly on the best ideas. Only by sharing our thoughts suggestions and ideas across sector decides we will have an understanding of how best to relate to, respond to and benefit from social media.
A valuable lesson in avoiding the temptation to think that a single sector approach will always be the best.
This is my personal blog for issues that I will make comment upon, my own views. Feel free to comment or connect with me. AQL commissioned Ambassador for the Yorkshire Humberside Cyber security Information Sharing Partnership To join follow www.ncsc.gov.uk/CISP
Thursday 2 May 2013
Subscribe to:
Post Comments (Atom)
Popular Posts in last 7 Days
-
Latrigg is just north of Keswick and is a small hill with a stunning view of Keswick, Derwent and the surrounding hills. For a short walk th...
-
A few days ago the Register published an article about the waste of £20million pounds on Cyber Prevention. http://www.theregister.co.uk/2016...
-
I am helping Leeds University with a business Cybercrime Survey go to www.bit.do/cybersurvey to complete it or use the QR code. Many thanks
-
Fancy climbing a hill at night to take part in an amazing spectacle and raise money for a fantastic charity? I ran a simi...
-
The Apple FBI saga The disagreement over Apple and the FBI has become a microcosm of the world of cyber and digital crime. Warrant...
-
Following last week’s launch of The Cyber Security Breaches Survey which found that one in four large firms are experiencing a cyber br...
-
Ransomware Seminar 19th May 09.30-11.30 Ransomware is now one of the biggest threats to industry, charities, health and citizens. Fin...
-
So Saturday was the Big March. Anywhere between 300 and 500,000 peaceful protesters protesting. All magnificently managed by the Met suppo...
-
Yesterday I cycled around the Isle of Man, not for any charity or other worthwhile endeveour but as some might say "for t'beans&quo...
The police service is arguably the most forward thinking of all public sector organisations in using social media effectively, particularly around community engagement.
ReplyDeleteFor people who are interested, I have summarised the way UK police services use Twitter here: http://www.russellwebster.com/Blog/?p=337 and how police services are becoming increasingly sophisticated at using social media for detecting crime here: http://www.russellwebster.com/Blog/?p=428