Some thoughts from the thought
leaders: web future
• Acting as a human prosthesis, working for them
unconsciously
• Carry ...
Social Networks – Should my
employer be concerned?
Mark Henshaw, (ISC)2
Why do we have Social Networks?
• They have established themselves, are ubiquitous
and persistent
• “A limb”, “a right”, “...
Social Networks – trust everyone
Targeted malware
Lack of control
n2n bridgeheads
Attack surfaces
Corporatevulnerability
G...
Information under Siege
Unfettered evolution; hyperconnected coupled with web x.x leads to
significant reduced effectivene...
People Dependent, controlled, limited,
dangerous, inefficient
Liberated, self-governing, self-selecting, self-
protecting ...
Should my employer be concerned?
YES if any one of the following is true
1 - No business awareness and risks are not under...
Questions
Contact the presenter: markh@acceptablesolutions.co.uk
Upcoming SlideShare
Loading in …5
×

Social networks – should my employer be concerned

400 views
365 views

Published on

With the exponential rise in the use of social networks, it now seems odd when you come across the one or two individuals who staunchly oppose the use of these much cherished and adored refuges. But can we really know, trust, and keep track of the several hundred virtual friends we are amassing. This session takes a scientific look at whether we can and the impact the answer to this has on employees, and the corporations in which they work.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
400
On SlideShare
0
From Embeds
0
Number of Embeds
23
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Social networks – should my employer be concerned

  1. 1. Some thoughts from the thought leaders: web future • Acting as a human prosthesis, working for them unconsciously • Carry forward openness • Do a better job understanding the language of the web – video, pictures, still images, and connecting them to people; communities and collaboration • Do what the brain can’t do • Ultimate extension of me, my own knowledge base Contributors: Howard Bloom, Author, The Evolution of Mass Mind from the Big Bang to the 21st Century, Peter Norvig, Director of Research, Google Inc., Jon Udell, Evangelist, Microsoft Corporation, Prabhakar Raghavan, PhD, Head of Research and Search Strategy, Yahoo! Inc. [Extended list available from presenter]
  2. 2. Social Networks – Should my employer be concerned? Mark Henshaw, (ISC)2
  3. 3. Why do we have Social Networks? • They have established themselves, are ubiquitous and persistent • “A limb”, “a right”, “a differentiator” • Community, belonging, social groups • Decline in citizenship • Increased social dispersal • Language is a cheap means of social grooming – maintaining uncoupled yet effective social cohesion Dunbar’s number = 150 Bernard and Killworth mean number = 290
  4. 4. Social Networks – trust everyone Targeted malware Lack of control n2n bridgeheads Attack surfaces Corporatevulnerability GREATER TRUST INCREASES VULNERABILITY Open web access Increasing pervasive vulnerabilities due to unfettered hyperconnected “trust” in the workplace • Number of social contacts = currency • Impersonation is relatively simple • Creating false persona and building a social network • Social Engineers dream • Basic instincts ignored, easy lures
  5. 5. Information under Siege Unfettered evolution; hyperconnected coupled with web x.x leads to significant reduced effectiveness of traditional layered controls and increased risk to critical assets
  6. 6. People Dependent, controlled, limited, dangerous, inefficient Liberated, self-governing, self-selecting, self- protecting and self-healing, peer production, free to choose how we work Process, and Data Hard coded (DNA), one size, big engine long ROI, inefficient, ineffective, single use, dumb Adaptive, Intelligent, loss protected DLP, rights managed DRM, classified information, clever metadata, information managers Technology Monolithic, evolved bottom up, limiting, data centric Stateful, layered, risk based, plug-in and go, software as service, standardised, SOA, information centric, vendor agnostic Supplier Silo minded vertical, product based solutions, part of the problem Integrated cross-pollinated supplier-plus- supplier-to-customer (S+S2C), diverse service orientated Governance Internal focused, hierarchical weighting, exclusive, not holistic Extended, cross-community participative, aware, peer-to-peer, collaborative, inclusive, operating with a clear business mandate We are: We want: today future Integrated approach Architecture of Participation
  7. 7. Should my employer be concerned? YES if any one of the following is true 1 - No business awareness and risks are not understood 2 - Social Media Policy does not exist, or Policy does exist BUT employees are not trained 3 - Employees not aware of risks – no education and awareness exists covering use of Social Media and Social Networks 4 - Data Loss Prevention tools (DLP) not installed OR operational 5 - High sensitivity/value information/industry 6 - If no business benefit Create and implement a Social Media Strategy Form a Social Media steering committee Establish robust and proven governance Where appropriate prevent access Consider the impact of personal use Develop Architecture of Participation Ensure that your employee NDA’s include client information (identities, names, addresses, etc.) within the definition of “confidential information.” Add a social media section to non-compete clauses and NDAs that clearly addresses use of social media Carefully periodically review the various use, privacy, copyright and other policies
  8. 8. Questions Contact the presenter: markh@acceptablesolutions.co.uk

×