EXECUTIVE SUMMARY:

CEOs strive to prevent problems. According to the 23rd Annual Global CEO Survey, as many as 80% of CEOs have modified their level of interaction on social media due to potential cyber security risks. Forty-eight percent are sufficiently concerned about cyber attacks that they’re ditching social media sites altogether.

In the past decade, social media sites have become unintentional vehicles for over-sharing information. More than 3.6 billion people are plugged into social media platforms, and people are quick to use these platforms as mechanisms for building their identities or their personal brands. As a result, for high-profile individuals, social media can be a security risk and can present unwanted opportunities for reputational damage.

“A bigger part of this picture is that corporate espionage is alive and well,” says expert Brandy McCarron. A company’s competitors and serious cyber criminals may be stealthily surfing social media sites for information. They may want to pick up ideas, intellectual property or other insights that could enhance their image, products or provide financial reward.

The social media risk appetite

The risk appetite for social media can vary widely based on geographic locale, industry and personal preferences. “There is no single right policy…other than to have a business-appropriate policy in place,” says expert and CEO Yaniv Bardayan.

Social media can present risks of numerous kinds:

  • Intellectual risks
  • Reputational risks
  • Legal risks
  • Market risks

Social media retains the power to share negative messages about a person or a brand with millions of people in just a few minutes. At the same time, social media is often credited with improving business outcomes.

Stories circulate about fake social media posts that have mentioned a company’s overall performance, and then forced an escalation or a decrease in stock prices. As a result, people have profited unduly.

There are also stories of firms that have fended off breaches after recognizing that hackers pieced together password-related information via employee’s social media profiles.

Organizations may be aware of these social media trouble spots, but may also believe that use of social media cannot be avoided. Other organizations do not see social media as a risk. In a survey, only 36% of respondents reported that their organizations offered social media training.

Why the complacency?

Organizations often fail to understand the risks posed by social media due to the fact that social media is ubiquitous and the risks can’t easily be quantified. But, without any examination of the risk, are organizations offering opportunities to hackers?

For more information about managing social media risk, check out this report from Accenture.