Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

The Foundations of Social Media Risk Management

733 Aufrufe

Veröffentlicht am

While most organizations recognize that the use of social media is a popular and often necessary part of modern business, it can be a compliance nightmare. To minimize corporate risk and maximize the benefits of social media, organizations should pursue a risk-sensitive strategy that engages employees and balances exposures, investment costs, and legal obligations.

Veröffentlicht in: Technologie
  • Als Erste(r) kommentieren

The Foundations of Social Media Risk Management

  1. 1. BLUE HILL RESEARCH Foundations of Social Media Risk Management December 9, 2014 David Houlihan Principal Analyst
  2. 2. Focuses on technology investment questions. How does this affect our business? Finance: What’s the ROI & TCO? Information Technology: How do I implement & manage this? Line of Business: Does it improve my performance?
  3. 3. Understanding Social Media Risk Common Questions: What is social media risk? How do I understand the value at risk? How do we effectively respond to these risks?
  4. 4. The Goal Cost of Prevention / Mitigation + Resulting Cost of Risk < Cost of “Doing Nothing”
  5. 5. Challenges of Social Media Risk Management • Technology is still emerging and changing • Lack of transparency regarding how social media is used across the enterprise • Difficult to estimate / quantify cost of risk • Multiple or unclear owners for social media risk • Unclear legal and regulatory requirements for social media use and policy
  6. 6. Poll 1: What’s Your Top Challenge Managing Social Media Risk? (A) KEEPING PACE WITH CHANGES TO SOCIAL MEDIA (B) UNDERSTANDING HOW SOCIAL MEDIA IS USED (C) QUANTIFYING THE COST OF RISK (D) LACK OF CLEAR ENTERPRISE OWNERSHIP (E) UNCERTAINTY REGARDING LEGAL REQUIREMENTS (F) OTHER
  7. 7. We All Know Social Media When We See It. . .
  8. 8. Personal Social Corporate Accounts Enterprise Social Individual personal / professional tools Internal corporate collaboration platform Exposes organization indirectly External corporate comms platforms Exposes organization directly Exposures about record or compliance Social Media Categories
  9. 9. We All Have An Idea of What’s at Risk. . . Hacked Jeep Twitter account announces sale of Chrysler to Cadillac. Netflix under SEC scrutiny for potential Regulation FD violation over CEO Reed Hastings’s Facebook brag about Netflix’s subscriber count. 2012 Feb 2013 Stock market drops $136 billion after hackers tweet about explosion at the White House from Associated Press accounts. Apr 2013 BBC uncovers over 800 investigations of police officers for posting racist content to social media sites and attempts to “friend” alleged victims of crimes. Apr 2013 Hearst Entertainment executive Scott Sassa retires after legal department receives sexually explicit text messages Sassa sent in a suspected catfishing and extortion scam. Apr 2013
  10. 10. What Makes Social Media Valuable, Makes it Risky
  11. 11. What are the Risks? DISCLOSURE DISCOURSE CONFLICT OF INTEREST FRAUD
  12. 12. Disclosure Risk n. Intentional or accidental release of sensitive information Business - Loss of intellectual property - Loss of competitive market advantage - Delayed or lost transactions/customers Legal Reputation - Regulatory and private legal liability - Brand damage - Lost revenue - Erosion in shareholder value + Employees or closely related third-parties
  13. 13. Discourse Risk n. Publication of content that harasses others, or negatively impacts corporate image Business Legal Reputation - Delayed or lost transactions/customers - Legal liability - Brand damage - Revenue loss - Erosion in shareholder value Identifiable employees Employees with access to corporate social media using personal social media Third-parties’ … … discussion of organization
  14. 14. Conflict of Interest Risk n. Use of social media to connect individuals inappropriately or in violation of restrictions Business - Loss of intellectual property - Loss of competitive market advantage Legal - Regulatory and private legal liability Employees or closely related third-parties Reputation - Brand damage - Lost revenue - Erosion in shareholder value
  15. 15. Fraud Risk n. Use of social media to obtain access to employees or sensitive information Business Legal - Loss of intellectual property - Loss of competitive market advantage - Delayed or lost transactions/customers - Regulatory and private legal liability Third-parties seeking access through social media Reputation - Brand damage - Lost revenue - Erosion in shareholder value
  16. 16. Poll 2: What Type of Social Media Risk Causes You the Most Worry? (A) DISCLOSURE (B) DISCOURSE (C) CONFLICT OF INTEREST (D) FRAUD (E) OTHER
  17. 17. Determining the Strategy That’s Needed Scope What are the risk events that could affect our organization? 1. Requirements on corporate statements and disclosures 2. Constraints on relationships and information sharing 3. Sensitivity of information handled by organization 4. Public “profile” of the organization Harm Likelihood What is the probability that a risk event will occur? 1. Number of employees using corporate social media 2. Number of employees using personal social media 3. Variety of social media tools used per employee 4. Frequency of use What are the potential results of a risk event? 1. Direct financial costs 2. Reputation and brand erosion 3. Lost customers and revenue 4. Lost shareholder value 5. Regulatory penalties, legal exposure, and litigation cost
  18. 18. Mapping Costs to Investment Planning Cost of Prevention / Mitigation + Resulting Cost of Risk Inherent Risk < Cost of “Doing Nothing” Estimated Harm ($) of Incident Likelihood (%) of Incident X Estimated Potential (#) Incidents ( X ( Preventative Investments ($) ( Cost ($) of Doing Nothing Mitigation - Value ($) of ( Budget Residual Risk
  19. 19. What’s at Risk? Average costs following social media risk incidents: Reputational Losses Source: Symantec’s 2011 Social Media Protection Flash Poll Financial Costs $641,993 Litigation Costs $650,361 Lost Revenue $619,360 Reduction in Stock Price $1,038,401 Direct Losses
  20. 20. Options for Combating Social Media Risk POLICY EDUCATION MONITOR / ARCHIVE ACCESS CONTROL
  21. 21. - Expense - Does not affect authorized users - Does not limit risks resulting from personal accounts POLICY EDUCATION MONITOR ACCESS CONTROL - Little preventative value - No identification of issues - No control over activities - Expense - No control over activities Advantages and Disadvantages - Set standards and limit liability - Identify issues - Maintain records for remediation & liability - Limit ability to access and misuse - Educate employees on standards & encourage behavior change
  22. 22. Poll 3: Where has your Organization Placed Resources to Combat Social Media Risk? (A) POLICY (B) EDUCATION, TRAINING, AND AWARENESS (C) SOCIAL MEDIA MONITORING (D) SOCIAL MEDIA ARCHIVING (E) ACCESS CONTROL (F) OTHER
  23. 23. Poll 4: Which of the Following is Your Top Priority for Social Media Risk Investment? (A) POLICY (B) EDUCATION, TRAINING, AND AWARENESS (C) SOCIAL MEDIA MONITORING (D) SOCIAL MEDIA ARCHIVING (E) ACCESS CONTROL (F) OTHER
  24. 24. Root Cause Analysis + + Disclosure Discourse + Employees Conflict of Interest Fraud
  25. 25. The Role of Training in Social Media Risk Access Control Monitoring Training and Education Policy
  26. 26. Employee engagement Clear communication of requirements and responsibilities Motivation for behavior change Principles and guidelines of ambiguous situations Encourage, retention, application, and promotion Employee Education Program Objectives 1. Explain social media risks and standards 2. Encourage compliance with social policies and standards 3. Identify guidelines and best practices that reduce risks 4. Encourage self-motivation and ownership
  27. 27. Thank You! To join the conversation, follow us on Phone: +1 (617) 624-3600 Contact Sales: sales@bluehillresearch.com Contact Research: research@bluehillresearch.com

×