Professional Documents
Culture Documents
Research Report - Student
Research Report - Student
CIT
Student Name
Number
Assessor Feedback
Table of contents...................................................................................................................................5
Executive Summary...............................................................................................................................6
Introduction...........................................................................................................................................7
Social Media and Cyber Security...........................................................................................................8
Table 1. Social Media Challenge Types and Information Security Risks.............................................8
Table 2: Estimated ROI of Social Media Protection Investments Based on Incident Reduction........9
Strengths and Weaknesses of Social Media for Business in a Cyber Security context.........................10
Table 3: SWOT Analysis: Facebook/Twitter for business use...........................................................10
Conclusion...........................................................................................................................................11
Recommendations...............................................................................................................................11
References...........................................................................................................................................12
Participating in social media comes with advantages and disadvantages (and associated
costs).
This report evaluates the pros and cons of Facebook and Twitter in a business and cyber
security context.
The report, after considering the risk, return on investment, and given the current adverse
media attention directed toward these platforms not meeting community expectations or
legislative requirements on practices, security or integrity, recommends business, at this
time, monitor, but not actively participate in social media.
To date, social network sites have become an important and crucial part of daily
communication practices for millions of people (Hekkala et al., 2012).
As of the first quarter of 2018, Facebook and Twitter had 2.19 billion (Statista, 2018) and
327 million (Statista, 2018) monthly active users respectively.
With more businesses taking advantage of social media to reach the masses and connect
globally comes increasing security challenges and risks (Punjabi, 2014).
This report:
Evaluates the cyber security context of Facebook and Twitter;
Compares usage on how business can benefit or be damaged by ‘connecting’, viewed
through a cyber security lens; and
Makes recommendations to assist the Board of Directors in determine if business
should engage in social media, and if so, to what degree.
In an employment context, under the doctrine of vicarious liability, social media presents a
risk to employers who may be obligated to prevent employees from disseminating
defamatory, confidential or unlawful information connected with their employment
(Kettles, 2014).
With social media becoming rampant, business needs to guard against social media security
threats like social engineering, targeted phishing attacks, and misuse of fake accounts
(Ghosh, 2011).
The most prevalent challenges for social media information security relate to data integrity
and confidentiality (leaking information by accident, phishing, identity theft, scams, spam,
malware, reputation damage) and the different roles of social media in the company
(private vs. professional identity, networking, marketing tool) (Hekkala et al., 2012) (see
Table 1).
The openness and speed of communication available through enterprise social media
creates attendant security, reputational, and legal and compliance exposures. The scope of
exposure continues to grow (Houlihan, 2016). No surprises then to learn that more than one
in eight enterprises have suffered security breaches related to a social media-related
cyberattack (Cooper, 2017).
Many technology solutions have emerged to help organisations address the information
management, monitoring, policy application, and data analysis required to manage social
media risk.
Solutions do come at a cost, as outlined by Blue Hill (Houlihan, 2016) (see Table 2).
Better practice cyber hygiene (Ghosh, 2011) would suggest business consider:
Develop a social media security policy;
Have a multidimensional, risk-based approach;
Identify safe social networking sites;
Enhance enterprise network visibility;
Classify sensitive data;
Protect endpoints; and
Educate employees.
Apart from the number of users, and that Facebook networks people while Twitter networks
ideas and topics (webTEGRITY, 2018), they are similar in nature and have been evaluated as
one item for the SWOT analysis.
Weaknesses
Messages are not targeted
No control of users or how they use the medium
Specific interest groups are difficult to reach without participating on their sites
(not ours)
Users need to have an interest in the business to search for us
Sites are subject to abuse, scams and misinformation (intentional or otherwise)
Need to maintain an active presence to maintain/retain external interest
Opportunities
Can reach a new audience very quickly
Can create new business and networks with the right marketing strategy
Threats
Current public opinion and media attention is trending towards a lack of trust in
the platform/s, use, content and management
Platforms have been compromised, and continue to be so
Audience attention needs to be maintained to warrant the investment
Business brand can be easily tarnished through malicious or otherwise user action
Business could suffer financial loss if platform opinion is negative
Business will need to invest in people, controls and resources to avoid vicarious
liability. This is of an unknown magnitude that the business may not be able to
afford
Business will need to develop policies for social media usage and security
Even passive monitoring is a cost the business may not be able to afford
The changing nature of social media and its lack of integrity creates an additional layer of
risk for business sustainability.
While systems and processes can protect applications from most instances, human activity
presents the highest risk that is most difficult and resource intensive to mitigate against.
At this point, SWOT analysis indicators are that risk, and costs outweigh benefits.
Recommendations
1. Given the limited locus of control business has of external users/usage of the
platforms and the inherent risks associated with intentional/unintentional incidents,
it is recommended the business only passively interacts with Facebook and Twitter
i.e. the business monitors social media sentiment towards it but does not actively
maintain sites or provide comment.
2. If the business were to ‘connect’, it will come at a cost. A budget will need to be
allocated to provide the necessary resources to participate, as well as prevent, detect
and respond to social media incidents.
Cooper, C. (2017). Social media is a cybersecurity risk for business. Retrieved from
https://www.csoonline.com/article/3198715/data-breach/social-media-is-a-
cybersecurity-risk-for-business.html
Ghosh, S. (2011). Seven social media security best practices. Retrieved from
https://www.computerweekly.com/tip/Seven-social-media-security-best-practices
Hekkala, R., Väyrynen, K. & Wianda, T. (2012), Information Security challenge of social
media for companies. Retrieved from
https://pdfs.semanticscholar.org/3de6/f912cf379f0ff82e33b20e0776b31bfe0d7d.pd
f
Houlihan, Esq, D. (2016). Estimating the ROI of social media risk prevention investments.
Retrieved from https://www.proofpoint.com/sites/default/files/blue-hill-roi-social-
media-risk-protection.pdf
Punjabi, V. (2014). Security risks/threats & rewards in social media. Retrieved from
http://jultika.oulu.fi/files/nbnfioulu-201502111069.pdf
Statista. (2018). Number of monthly active Facebook users worldwide as of 1st quarter 2018
(in millions). Retrieved from https://www.statista.com/statistics/264810/number-of-
monthly-active-facebook-users-worldwide/
Statista. (2018). Number of monthly active Twitter users worldwide from 1st quarter 2010 to
1st quarter 2018 (in millions). Retrieved from
https://www.statista.com/statistics/282087/number-of-monthly-active-twitter-
users/
webTEGRITY, (2018). What’s the difference between Facebook and Twitter. Retrieved from
https://webtegrity.com/our-blog/social-media-marketing/whats-difference-
between-facebook-and-twitter/