Week 4 Social Media

Introduction

• Scenario: CEO approaches CISO about embarrassing information about the company on social media.

• Two main problems identified:

  • Finding the leak of information.

  • Getting false information taken down from social media platforms.

Importance of Policies

• Every company should have a social media policy for employees.

• Smaller organizations or NGOs may lack formal social media policies, but they still need to focus on this.

• Implementation of sanctions or oversight is essential to enforce policies.

  • Larger organizations may have dedicated communication units for monitoring social media mentions and addressing incidents.

  • HR involvement is crucial for handling any necessary sanctions.

  • In smaller organizations, all employees, including security professionals, may need to take part in social media monitoring.

Employee Responsibility

• All employees are responsible for the company’s reputation.

• Encouragement for employees to step up and assist in addressing reputation management.

Processes for Content Removal

• Various social media platforms have protocols for reporting and complaining about inappropriate content.

• Reality of content removal:

  • Protocols may not be satisfactory but are the only means available.

  • Removal can be difficult as it may not be your information to take down.

Finding the Leak

• Finding leaks can be straightforward if identifiable through social media.

• Disgruntled employees can be elusive and might attempt to misdirect suspicion onto innocent colleagues.

• Caution is needed in questioning employees; it may indicate suspicion or accusation.

• Collaboration with HR is vital to ensure fairness and ethical treatment of all employees.

Assessing the Value of Tracking the Leak

• Evaluate whether tracking down the leak is worth the effort.

  • Success in identifying the leak is not guaranteed and can consume unnecessary resources.

  • Importance of having clear, admissible evidence if pursuing any accusations.

• It may be beneficial to discuss with the CEO when they are in a calmer state to evaluate the seriousness of the situation.

Ethical Considerations

• Emphasis on handling the situation ethically and fairly.

• Consider reaching out to professionals with experience in managing leaks to gain advice on best practices.