SlideShare a Scribd company logo

InfoSec's Guide to Social Media [WHITEPAPER]

J
Josh Stein
1 of 7
Download to read offline
HIGHLIGHTS: • Strategies to remediate traditional information security risks launched on social media • How to leverage social media as an OSINT threat intelligence repository • Working with marketing to secure corporate accounts like any other high-value asset • Using security techniques to remediate business risks such as piracy, counterfeit goods, and ad dilution due to social botnets • Outline of security’s responsibilities in remediating each type of risk • ZeroFOX recommendations for an operational framework around mitigating social media risks across the organization WHY INFOSEC NEEDS TO CARE ABOUT SOCIAL MEDIA A SECURITY TEAM’S GUIDE TO COLLABORATIVELY REMEDIATING SOCIAL MEDIA RISKS WHITEPAPER
© ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM Page 2 of 7 The information security team’s role has changed significantly over the last few decades. Ten years ago infosec was laser focused on securing the endpoint, getting a handle on the extended network perimeter, and minimizing the potential attack surface. Today, the information security team’s charter is much more complex. Yes, infosec is still tasked with protecting the organization from all potential information, technology, and digital risks, but the new twist is that they must do this while enabling more connectivity, mobility, and engagement across the organization. Security must now facilitate the expansion of the attack surface, something that runs counter to every fiber of security best practices. For security teams, this means working closely with several other departments, specifically marketing, finance, risk management, and fraud. These departments are all faced with risks on social media, and security teams are now tasked with remediating risk while enabling secure usage of social networking channels. Most importantly, security teams must lead this initiative. INTRODUCTION SOCIAL MEDIA SWIM LANES In order for each department to achieve their goals, they must know where their responsibilities fall and how to work collaboratively to solve the security and business risks presented by social media. SOCIAL MEDIA RISKS FINANCE/RISK Budgeting Risk Modelling SECURITY Phishing Malware Social Engineering Training/Awareness Testing MARKETING Content Creation Engagement Optimization Social Media Advertising Piracy PII/Sensitive Info Counterfeit Goods Customer Fraud Account Protection Brand Impersonation Hashtag Hijacking LOSS PREVENTION ADVERTISING BRAND PROTECTION Bot Followers Fake Customer Reps Policy Building
Page 3 of 7© ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM The tactics used on social media are classics: spearphishing, malware distribution, and social engineering. The industry has taken notice, and much has been written about the rise of social network exploitation and the use of social networks to compromise corporate and government networks. FireEye, PCWorld, SecurityWeek, McAfee, and CSO/CIO Magazine all included social media on their list of biggest and most dangerous threat vector predictions. According to Norton, 40% of people have fallen victim to social media cybercrime and nearly 4 in 10 accept unknown, unsolicited friend requests. Barracuda’s research supports this as well: 92% of social media users report receiving spam, 54% have received phishing links, 23% malware, and nearly 20% have had an account hacked. TrendMicro’s research shows that 5.8% of tweets are malicious; that’s 29,000,000 malicious tweets per day. High profile attacks such as the Office of Personnel Management, CENTCOM, and the HAMMERTOSS APT have all leveraged social as an attack vector. The list goes on and on. SOCIAL MEDIA AS A CYBER ATTACK VECTOR Cisco’s 2015 Midyear Report claims Facebook scams are the #1 method for network security breaches, far more common than traditional email phishing. McAfee reported that employees experience cybercrime on social media more than any other business platform, including email. A helpful comparison can be made between email phishing and social phishing. In the late 90’s and early 2000’s, the anti- phishing industry sprang up around the need to detect phishing attacks on email platforms. Social media is the next logical evolution for attackers to target an organization’s people, who have never been so accessible online. Social media phishing already accounts for $1.2 billion of the total $5.9 billion lost to phishing each year. Users are not only spending more time on social networks than any other online platform, they are far more willing to click potentially dangerous links while they’re at it. SECURITY TEAMS RESPONSIBILITIES: • Work with marketing to gain access to social accounts • Continuously monitor corporate social media accounts for cyber threats • Blacklist/block malicious URLs and IPs found on social media • Establish workflows for dealing with social media cyber crime targeting the organization • Takedown malicious posts and profiles • Test employees on susceptibility to social media cyber attacks • Train employees on safe usage, best practices, and what to do in the event of an attack • Working with marketing, keep a close eye on social media initiatives and campaigns
© ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM Page 4 of 7 Many attackers are coordinating their efforts in broad daylight. For example, attackers launch DDoS attacks on Twitter, posting IP addresses, domains, attack tools, the time of the attack and the desired target. Because this all occurs on public venues, intel is readily available to security personnel. Security teams can use that forewarning to prepare a response strategy, such as blackholing the incoming requests or coordinating with network teams, professional services, and ISPs. Security teams can also monitor threat actor chatter to determine if their organization is being mentioned. Any threats posted on social media, be it physical or cyber, can be alerted upon. To do this, security teams ought to establish a list of organization-specific keywords and phrases including IP, proprietary/sensitive phrases, codebase, copyrighted content, employee PII, and unique words and phrases such as organization monikers and abbreviations. By analyzing the context around these unique phrases as they appear on social media, security teams can ensure a decisive early warning system against attacks. SOCIAL MEDIA AS AN OSINT THREAT INTELLIGENCE PLATFORM
1. ACCOUNT SECURITY • Reduce the number of people with access to accounts and publishing tools. • All social logins should be routed through a centralized, corporate controlled email address with a robust password and 2-factor authentication. • For networks like LinkedIn and Facebook, which associate a company’s page with a personal account, the admin should have extensive security controls. • All authentication should come through a single securely managed device. 2. CONTENT SECURITY • Continuously monitor accounts for suspicious settings changes. • Continuously monitor accounts for malicious outgoing posts. • In conjunction with both internal and external stakeholders (infosec department, marketing department, social networks), establish a plan of action in preparation for an account compromise. Page 5 of 7© ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM When it comes to the website, marketing is in charge of conception, design, content creation, maintenance, and optimization. Security is charged with surrounding the asset and ensuring it is safe from intruders. In the the new marketing paradigm, social media accounts are the latest and greatest way to engage with customers and prospects. When it comes to social networking profiles, marketers aren’t burdened by hosting, databases, network infrastructure, and development. They can focus on what they do best: content creation, engagement, lead nurturing, and advertising. But the security team’s job hasn’t changed. They must keep a keen eye on these highly public assets and ensure they are surrounded by the most robust protections available. Unlike other assets, security teams can’t pull the proverbial plug on breached social media accounts, meaning the attacker can remain in control for hours if not days. ZeroFOX research shows the average account compromise lasts 5.5 hours. At the high end, ABAJournal took nearly three days to recover their Twitter account. The cost? Every second you don’t have control over your account causes a viral information cascade that results in brand and customer relationship damage, loss in revenue, public relations nightmares, and huge customer support costs. SECURITY MUST SECURE ALL DIGITAL ASSETS 160,000 Facebook accounts breached every day. (if you know the name of your social media manager’s dog, you are halfway to brute forcing your organization’s account) Other high profile account compromises include: ZEROFOX RECOMMENDATIONS: A TWOFOLD APPROACH
© ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM Page 6 of 7 P © ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM Page 6 of 6 Social media can cause major headaches elsewhere in the organization as well. Business risks such as hashtag hijacking, corporate impersonations, customer fraud (a global annual cost of nearly $4 billion), bot followers, counterfeit goods, online piracy (a global annual cost of over $70 billion), and fake customer service can hamstring an organization’s online revenue. Using similar techniques for identifying and mitigating information security risks, security teams can help address a variety of threats that span information security, compliance, revenue generation, and marketing. By continuously monitoring social media for malicious activity, security and marketing teams can identify profiles advertising pirated content or counterfeit goods, thus saving the organization potentially millions in lost revenue. Teams can also find and takedown scammers and fraudulent actors targeting an organization’s hashtags or impersonating the brand. This is a perfect opportunity for security teams to go beyond locking down assets and hardening walls by empowering other departments to do their jobs more safely and effectively. Moreover, the financial benefit is immediately tangible and quantifiable. One issue of particular note is fake follower and botnets following the corporate accounts, whether purchased by the marketing team or gained involuntarily. The presence of bot followers makes distributing content to legitimate supporters very difficult. This issue becomes especially problematic with social media advertising. Ads are often judged by the number of impressions the recieve online. Because bots can account for the vast majority of an ad’s total impressions, their presence greatly undermines marketing ad spend. In the long run, removing fake followers leads to higher click through rate, higher conversion rate, more engagement, and a healthier social media marketing and advertising program. SECURITY TECHNIQUES USED TO MITIGATE BUSINESS RISKS ON SOCIAL MEDIA On Facebook, a post only reaches 2-7% of followers. The more bots, the less likely real followers will see and engage with posted content. SECURITY TEAMS RESPONSIBILITIES • Test and train employees on safe social media usage • Continuously monitor for business risks on social networks • Continuously monitor for organization-specific sensitive keywords and phrases • Identify and remove fake followers and social botnets • Establish workflows for dealing with business risks targeting the organization • Takedown malicious posts and profiles © ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM Page 6 of 7
© ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM Page 7 of 6© ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM Page 7 of 6 Social media is an inevitable constant for conducting business in the modern world. As marketers continuously expand their presence, security teams must work alongside them to ensure it is done safely and securely. SECURITY CANNOT SUCCEED IN ISOLATION ZeroFOX combats the cutting-edge threat of social network exploitation, protecting your employees, your customers, and your business. Our software platform enables organizations to mitigate modern infosec and business risks: targeted phishing, account takeover, piracy, attacker chatter, customer scams, fraud and more. Social media is the new foundation for business and personal communication, representing the largest unsecured network in the world; security teams must continuously monitor for threats where their people are most vulnerable: social media. ZeroFOX Enterprise is a cloud platform built to monitor social media objects (profiles, keywords, hashtags, etc.) and detect threats impacting your organization. At the heart of the ZeroFOX Enterprise technology stack is FoxScript, a customizable JavaScript-based language that opens the power of ZeroFOX’s data collection and analysis engines to virtually any use-case. You control what data to monitor and which analyses to perform. THE ZEROFOX EDGE Identify employee targeted phishing attacks on social networks Find and takedown fraudulent & impersonating accounts Mitigate costly customer fraud and scams Uncover stolen information, counterfeit goods and pirated content Continuously monitor key employee & company accounts for compromise Investigate attacks being planned against your organization Integrate via API into existing security technology Develop custom FoxScripts to detect unique security use-cases ZEROFOX RECOMMENDATIONS: A COMPREHENSIVE APPROACH © ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM Page 7 of 7 PHASE 1: FORM A SOCIAL MEDIA SECURITY TEAM TASK FORCE • The size and makeup of this group will vary by organization, but should include security, marketing, and any other departments facing risks on social media (fraud, compliance, HR, sales, risk management, finance, etc). PHASE 2: ESTABLISH CONTROLS AND BEST PRACTICES FOR PROTECTING ACCOUNTS • 2-factor authentication, robust passwords, centralized email address for logins, password managers such as LastPass and Dashlane, etc. PHASE 3: TRAIN RELEVANT PARTIES ON SAFE SOCIAL MEDIA USAGE • This should include setting passwords, clicking links, and i dentifying malicious social profiles. PHASE 4: SECURITY TEAMS TAKE LEAD ON CONTINUOUSLY MONITORING SOCIAL MEDIA PHASE 5: REGULAR MEETINGS TO REVIEW CONTROLS AND ASSESS EFFECTIVENESS • The social media security task force should meet monthly or quarterly to review the initiative and make appropriate changes.

Recommended

idg_secops-solutions
idg_secops-solutionsidg_secops-solutions
idg_secops-solutionsJonny Nässlander
 
The Social Takeover
The Social TakeoverThe Social Takeover
The Social TakeoverZeroFOX
 
Security Awareness Training from KnowBe4
Security Awareness Training from KnowBe4Security Awareness Training from KnowBe4
Security Awareness Training from KnowBe4Carol Montgomery Adams
 
Protecting Against Web Threats
Protecting Against Web ThreatsProtecting Against Web Threats
Protecting Against Web ThreatsKim Jensen
 
Interop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeInterop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeBen Rothke
 
THESIS-2(2)
THESIS-2(2)THESIS-2(2)
THESIS-2(2)Elsayed Muhammad
 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response PlanningPECB
 
Cyber Security, Why It's important To You
Cyber Security, Why It's important To YouCyber Security, Why It's important To You
Cyber Security, Why It's important To YouRonald E. Laub Jr
 

Recommended

idg_secops-solutions
idg_secops-solutionsidg_secops-solutions
idg_secops-solutionsJonny Nässlander
 
The Social Takeover
The Social TakeoverThe Social Takeover
The Social TakeoverZeroFOX
 
Security Awareness Training from KnowBe4
Security Awareness Training from KnowBe4Security Awareness Training from KnowBe4
Security Awareness Training from KnowBe4Carol Montgomery Adams
 
Protecting Against Web Threats
Protecting Against Web ThreatsProtecting Against Web Threats
Protecting Against Web ThreatsKim Jensen
 
Interop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeInterop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeBen Rothke
 
THESIS-2(2)
THESIS-2(2)THESIS-2(2)
THESIS-2(2)Elsayed Muhammad
 
Cyber Security Incident Response Planning
Cyber Security Incident Response PlanningCyber Security Incident Response Planning
Cyber Security Incident Response PlanningPECB
 
Cyber Security, Why It's important To You
Cyber Security, Why It's important To YouCyber Security, Why It's important To You
Cyber Security, Why It's important To YouRonald E. Laub Jr
 
Trends_in_my_profession(revised)
Trends_in_my_profession(revised)Trends_in_my_profession(revised)
Trends_in_my_profession(revised)Mantenso Skido-Achulo
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Erik Ginalick
 
Threat Actors and Innovators - Webinar
Threat Actors and Innovators - Webinar Threat Actors and Innovators - Webinar
Threat Actors and Innovators - Webinar Sparity Inc.
 
IBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexIBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexAndreanne Clarke
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyAgus Wicaksono
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyIBM Security
 
American Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standardsAmerican Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standardsDavid Sweigert
 
Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoJoão Rufino de Sales
 
Cybersecurity in Banking Sector
Cybersecurity in Banking SectorCybersecurity in Banking Sector
Cybersecurity in Banking SectorQuick Heal Technologies Ltd.
 
Failed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareFailed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareIBM Security
 
6 Cybersecurity Trends to Watch in 2019
6 Cybersecurity Trends to Watch in 20196 Cybersecurity Trends to Watch in 2019
6 Cybersecurity Trends to Watch in 2019BluePayProcessing
 
Why Should A Business Worry about Cyber Attacks?
Why Should A Business Worry about Cyber Attacks?Why Should A Business Worry about Cyber Attacks?
Why Should A Business Worry about Cyber Attacks?Ainsha Noordin (Umie)
 
Cyber Security small
Cyber Security smallCyber Security small
Cyber Security smallHenry Worth
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking SectorSamvel Gevorgyan
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee TrainingPaige Rasid
 
Cybersecurity Challenges in Retail 2020: How to Prevent Retail Theft
Cybersecurity Challenges in Retail 2020: How to Prevent Retail TheftCybersecurity Challenges in Retail 2020: How to Prevent Retail Theft
Cybersecurity Challenges in Retail 2020: How to Prevent Retail TheftIntellias
 
Payment fraud
Payment fraudPayment fraud
Payment fraudRamiro Cid
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsIBM Security
 
What you need to know about cyber security
What you need to know about cyber securityWhat you need to know about cyber security
What you need to know about cyber securityCarol Meng-Shih Wang
 
Cyber Security small
Cyber Security smallCyber Security small
Cyber Security smallHenry Worth
 
2bach0809
2bach08092bach0809
2bach0809Livia Loaiza
 
Qué es dropbox
Qué es dropboxQué es dropbox
Qué es dropboxYudithr
 

More Related Content

What's hot

Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Erik Ginalick
 
Threat Actors and Innovators - Webinar
Threat Actors and Innovators - Webinar Threat Actors and Innovators - Webinar
Threat Actors and Innovators - Webinar Sparity Inc.
 
IBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexIBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexAndreanne Clarke
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyAgus Wicaksono
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyIBM Security
 
American Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standardsAmerican Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standardsDavid Sweigert
 
Failed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareFailed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareIBM Security
 
6 Cybersecurity Trends to Watch in 2019
6 Cybersecurity Trends to Watch in 20196 Cybersecurity Trends to Watch in 2019
6 Cybersecurity Trends to Watch in 2019BluePayProcessing
 
Why Should A Business Worry about Cyber Attacks?
Why Should A Business Worry about Cyber Attacks?Why Should A Business Worry about Cyber Attacks?
Why Should A Business Worry about Cyber Attacks?Ainsha Noordin (Umie)
 
Cyber Security small
Cyber Security smallCyber Security small
Cyber Security smallHenry Worth
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking SectorSamvel Gevorgyan
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee TrainingPaige Rasid
 
Cybersecurity Challenges in Retail 2020: How to Prevent Retail Theft
Cybersecurity Challenges in Retail 2020: How to Prevent Retail TheftCybersecurity Challenges in Retail 2020: How to Prevent Retail Theft
Cybersecurity Challenges in Retail 2020: How to Prevent Retail TheftIntellias
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsIBM Security
 
What you need to know about cyber security
What you need to know about cyber securityWhat you need to know about cyber security
What you need to know about cyber securityCarol Meng-Shih Wang
 
Cyber Security small
Cyber Security smallCyber Security small
Cyber Security smallHenry Worth
 

What's hot (20)

Trends_in_my_profession(revised)
Trends_in_my_profession(revised)Trends_in_my_profession(revised)
Trends_in_my_profession(revised)
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
 
Threat Actors and Innovators - Webinar
Threat Actors and Innovators - Webinar Threat Actors and Innovators - Webinar
Threat Actors and Innovators - Webinar
 
IBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexIBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence Index
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach Study
 
American Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standardsAmerican Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standards
 
Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceo
 
Cybersecurity in Banking Sector
Cybersecurity in Banking SectorCybersecurity in Banking Sector
Cybersecurity in Banking Sector
 
Failed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated RansomwareFailed Ransom: How IBM XGS Defeated Ransomware
Failed Ransom: How IBM XGS Defeated Ransomware
 
6 Cybersecurity Trends to Watch in 2019
6 Cybersecurity Trends to Watch in 20196 Cybersecurity Trends to Watch in 2019
6 Cybersecurity Trends to Watch in 2019
 
Why Should A Business Worry about Cyber Attacks?
Why Should A Business Worry about Cyber Attacks?Why Should A Business Worry about Cyber Attacks?
Why Should A Business Worry about Cyber Attacks?
 
Cyber Security small
Cyber Security smallCyber Security small
Cyber Security small
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking Sector
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee Training
 
Cybersecurity Challenges in Retail 2020: How to Prevent Retail Theft
Cybersecurity Challenges in Retail 2020: How to Prevent Retail TheftCybersecurity Challenges in Retail 2020: How to Prevent Retail Theft
Cybersecurity Challenges in Retail 2020: How to Prevent Retail Theft
 
Payment fraud
Payment fraudPayment fraud
Payment fraud
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile Metrics
 
What you need to know about cyber security
What you need to know about cyber securityWhat you need to know about cyber security
What you need to know about cyber security
 
Cyber Security small
Cyber Security smallCyber Security small
Cyber Security small
 

Viewers also liked

Qué es dropbox
Qué es dropboxQué es dropbox
Qué es dropboxYudithr
 
Plaza de la catedral (1)
Plaza de la catedral (1)Plaza de la catedral (1)
Plaza de la catedral (1)victoria rueda
 
Presentacion de epistemología
Presentacion de epistemologíaPresentacion de epistemología
Presentacion de epistemologíaGabriela Bojorquez
 
2017 showing kindness & respect lesson #2
2017 showing kindness & respect lesson #22017 showing kindness & respect lesson #2
2017 showing kindness & respect lesson #2superrin
 
Herramientas de almacenamiento web
Herramientas de almacenamiento webHerramientas de almacenamiento web
Herramientas de almacenamiento webJorge Villarreal
 
3ds max 2017 – integrated project from start to finish
3ds max 2017 – integrated project from start to finish3ds max 2017 – integrated project from start to finish
3ds max 2017 – integrated project from start to finishعاشور النعيمي
 
Resolución 1441 Infraestructura de Lab Clìnico
Resolución 1441 Infraestructura de Lab ClìnicoResolución 1441 Infraestructura de Lab Clìnico
Resolución 1441 Infraestructura de Lab ClìnicoYudithr
 
Bedrijfspresentaties - korte impressie
Bedrijfspresentaties - korte impressieBedrijfspresentaties - korte impressie
Bedrijfspresentaties - korte impressiePro-Moois Vormgeving
 

Viewers also liked (13)

2bach0809
2bach08092bach0809
2bach0809
 
Qué es dropbox
Qué es dropboxQué es dropbox
Qué es dropbox
 
Plaza de la catedral (1)
Plaza de la catedral (1)Plaza de la catedral (1)
Plaza de la catedral (1)
 
Unit 1
Unit 1Unit 1
Unit 1
 
Presentacion de epistemología
Presentacion de epistemologíaPresentacion de epistemología
Presentacion de epistemología
 
2017 showing kindness & respect lesson #2
2017 showing kindness & respect lesson #22017 showing kindness & respect lesson #2
2017 showing kindness & respect lesson #2
 
03 eicam 2008 escape túnelvial
03 eicam 2008 escape túnelvial03 eicam 2008 escape túnelvial
03 eicam 2008 escape túnelvial
 
Herramientas de almacenamiento web
Herramientas de almacenamiento webHerramientas de almacenamiento web
Herramientas de almacenamiento web
 
Интернет - площадка для профессионального развития библиотекарей
Интернет - площадка для профессионального развития библиотекарейИнтернет - площадка для профессионального развития библиотекарей
Интернет - площадка для профессионального развития библиотекарей
 
3ds max 2017 – integrated project from start to finish
3ds max 2017 – integrated project from start to finish3ds max 2017 – integrated project from start to finish
3ds max 2017 – integrated project from start to finish
 
Resolución 1441 Infraestructura de Lab Clìnico
Resolución 1441 Infraestructura de Lab ClìnicoResolución 1441 Infraestructura de Lab Clìnico
Resolución 1441 Infraestructura de Lab Clìnico
 
Bedrijfspresentaties - korte impressie
Bedrijfspresentaties - korte impressieBedrijfspresentaties - korte impressie
Bedrijfspresentaties - korte impressie
 
Pacifik
PacifikPacifik
Pacifik
 

Similar to InfoSec's Guide to Social Media [WHITEPAPER]

Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security AwarenessRamiro Cid
 
Social Media & Enterprise Security Whitepaper
Social Media & Enterprise Security WhitepaperSocial Media & Enterprise Security Whitepaper
Social Media & Enterprise Security WhitepaperSchleighS
 
Presentación - Protecting your Employess, Customers, and Investments in the A...
Presentación - Protecting your Employess, Customers, and Investments in the A...Presentación - Protecting your Employess, Customers, and Investments in the A...
Presentación - Protecting your Employess, Customers, and Investments in the A...Interlat
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyMark Albala
 
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest MindsWhitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest MindsHappiest Minds Technologies
 
What Are Social Engineering Attacks .pdf
What Are Social Engineering Attacks .pdfWhat Are Social Engineering Attacks .pdf
What Are Social Engineering Attacks .pdfSysvoot Antivirus
 
Balancing Security & Authencity Final
Balancing Security & Authencity FinalBalancing Security & Authencity Final
Balancing Security & Authencity FinalCindy Kim
 
8Cyber security courses in Bangladesh.docx
8Cyber security courses in Bangladesh.docx8Cyber security courses in Bangladesh.docx
8Cyber security courses in Bangladesh.docxArindamGhosal6
 
September 2019 part 9
September 2019 part 9September 2019 part 9
September 2019 part 9seadeloitte
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threatsReadWrite
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
 
Mapping Organizational Roles and Responsibilities for Social Media Risk
Mapping Organizational Roles and Responsibilities for Social Media RiskMapping Organizational Roles and Responsibilities for Social Media Risk
Mapping Organizational Roles and Responsibilities for Social Media RiskMohamed Mahdy
 
Corporate Cybersecurity: A Serious Game
Corporate Cybersecurity: A Serious GameCorporate Cybersecurity: A Serious Game
Corporate Cybersecurity: A Serious GameTatainteractive1
 
Mapping Organizational Roles & Responsibilities for Social Media Risk
Mapping Organizational Roles & Responsibilities for Social Media RiskMapping Organizational Roles & Responsibilities for Social Media Risk
Mapping Organizational Roles & Responsibilities for Social Media Risk- Mark - Fullbright
 
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest LinkInsiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest LinkRichard Common
 
Best Cyber Security Courses In Bangladesh.docx
Best Cyber Security Courses In Bangladesh.docxBest Cyber Security Courses In Bangladesh.docx
Best Cyber Security Courses In Bangladesh.docxArindamGhosal6
 
Executive threat monitoring
Executive threat monitoringExecutive threat monitoring
Executive threat monitoringMichael Kiefer
 
You will be the required technical report; a ten-page single-spaced .docx
You will be the required technical report; a ten-page single-spaced .docxYou will be the required technical report; a ten-page single-spaced .docx
You will be the required technical report; a ten-page single-spaced .docxtaishao1
 
FORUM 2013 Social media - a risk management challenge
FORUM 2013 Social media - a risk management challengeFORUM 2013 Social media - a risk management challenge
FORUM 2013 Social media - a risk management challengeFERMA
 
Mobile Security: Preparing for the 2017 Threat Landscape
Mobile Security: Preparing for the 2017 Threat LandscapeMobile Security: Preparing for the 2017 Threat Landscape
Mobile Security: Preparing for the 2017 Threat LandscapeBlackBerry
 

Similar to InfoSec's Guide to Social Media [WHITEPAPER] (20)

Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
 
Social Media & Enterprise Security Whitepaper
Social Media & Enterprise Security WhitepaperSocial Media & Enterprise Security Whitepaper
Social Media & Enterprise Security Whitepaper
 
Presentación - Protecting your Employess, Customers, and Investments in the A...
Presentación - Protecting your Employess, Customers, and Investments in the A...Presentación - Protecting your Employess, Customers, and Investments in the A...
Presentación - Protecting your Employess, Customers, and Investments in the A...
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economy
 
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest MindsWhitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
 
What Are Social Engineering Attacks .pdf
What Are Social Engineering Attacks .pdfWhat Are Social Engineering Attacks .pdf
What Are Social Engineering Attacks .pdf
 
Balancing Security & Authencity Final
Balancing Security & Authencity FinalBalancing Security & Authencity Final
Balancing Security & Authencity Final
 
8Cyber security courses in Bangladesh.docx
8Cyber security courses in Bangladesh.docx8Cyber security courses in Bangladesh.docx
8Cyber security courses in Bangladesh.docx
 
September 2019 part 9
September 2019 part 9September 2019 part 9
September 2019 part 9
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
Mapping Organizational Roles and Responsibilities for Social Media Risk
Mapping Organizational Roles and Responsibilities for Social Media RiskMapping Organizational Roles and Responsibilities for Social Media Risk
Mapping Organizational Roles and Responsibilities for Social Media Risk
 
Corporate Cybersecurity: A Serious Game
Corporate Cybersecurity: A Serious GameCorporate Cybersecurity: A Serious Game
Corporate Cybersecurity: A Serious Game
 
Mapping Organizational Roles & Responsibilities for Social Media Risk
Mapping Organizational Roles & Responsibilities for Social Media RiskMapping Organizational Roles & Responsibilities for Social Media Risk
Mapping Organizational Roles & Responsibilities for Social Media Risk
 
Insiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest LinkInsiders Guide to Social Engineering - End-Users are the Weakest Link
Insiders Guide to Social Engineering - End-Users are the Weakest Link
 
Best Cyber Security Courses In Bangladesh.docx
Best Cyber Security Courses In Bangladesh.docxBest Cyber Security Courses In Bangladesh.docx
Best Cyber Security Courses In Bangladesh.docx
 
Executive threat monitoring
Executive threat monitoringExecutive threat monitoring
Executive threat monitoring
 
You will be the required technical report; a ten-page single-spaced .docx
You will be the required technical report; a ten-page single-spaced .docxYou will be the required technical report; a ten-page single-spaced .docx
You will be the required technical report; a ten-page single-spaced .docx
 
FORUM 2013 Social media - a risk management challenge
FORUM 2013 Social media - a risk management challengeFORUM 2013 Social media - a risk management challenge
FORUM 2013 Social media - a risk management challenge
 
Mobile Security: Preparing for the 2017 Threat Landscape
Mobile Security: Preparing for the 2017 Threat LandscapeMobile Security: Preparing for the 2017 Threat Landscape
Mobile Security: Preparing for the 2017 Threat Landscape
 

InfoSec's Guide to Social Media [WHITEPAPER]

  • 1. HIGHLIGHTS: • Strategies to remediate traditional information security risks launched on social media • How to leverage social media as an OSINT threat intelligence repository • Working with marketing to secure corporate accounts like any other high-value asset • Using security techniques to remediate business risks such as piracy, counterfeit goods, and ad dilution due to social botnets • Outline of security’s responsibilities in remediating each type of risk • ZeroFOX recommendations for an operational framework around mitigating social media risks across the organization WHY INFOSEC NEEDS TO CARE ABOUT SOCIAL MEDIA A SECURITY TEAM’S GUIDE TO COLLABORATIVELY REMEDIATING SOCIAL MEDIA RISKS WHITEPAPER
  • 2. © ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM Page 2 of 7 The information security team’s role has changed significantly over the last few decades. Ten years ago infosec was laser focused on securing the endpoint, getting a handle on the extended network perimeter, and minimizing the potential attack surface. Today, the information security team’s charter is much more complex. Yes, infosec is still tasked with protecting the organization from all potential information, technology, and digital risks, but the new twist is that they must do this while enabling more connectivity, mobility, and engagement across the organization. Security must now facilitate the expansion of the attack surface, something that runs counter to every fiber of security best practices. For security teams, this means working closely with several other departments, specifically marketing, finance, risk management, and fraud. These departments are all faced with risks on social media, and security teams are now tasked with remediating risk while enabling secure usage of social networking channels. Most importantly, security teams must lead this initiative. INTRODUCTION SOCIAL MEDIA SWIM LANES In order for each department to achieve their goals, they must know where their responsibilities fall and how to work collaboratively to solve the security and business risks presented by social media. SOCIAL MEDIA RISKS FINANCE/RISK Budgeting Risk Modelling SECURITY Phishing Malware Social Engineering Training/Awareness Testing MARKETING Content Creation Engagement Optimization Social Media Advertising Piracy PII/Sensitive Info Counterfeit Goods Customer Fraud Account Protection Brand Impersonation Hashtag Hijacking LOSS PREVENTION ADVERTISING BRAND PROTECTION Bot Followers Fake Customer Reps Policy Building
  • 3. Page 3 of 7© ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM The tactics used on social media are classics: spearphishing, malware distribution, and social engineering. The industry has taken notice, and much has been written about the rise of social network exploitation and the use of social networks to compromise corporate and government networks. FireEye, PCWorld, SecurityWeek, McAfee, and CSO/CIO Magazine all included social media on their list of biggest and most dangerous threat vector predictions. According to Norton, 40% of people have fallen victim to social media cybercrime and nearly 4 in 10 accept unknown, unsolicited friend requests. Barracuda’s research supports this as well: 92% of social media users report receiving spam, 54% have received phishing links, 23% malware, and nearly 20% have had an account hacked. TrendMicro’s research shows that 5.8% of tweets are malicious; that’s 29,000,000 malicious tweets per day. High profile attacks such as the Office of Personnel Management, CENTCOM, and the HAMMERTOSS APT have all leveraged social as an attack vector. The list goes on and on. SOCIAL MEDIA AS A CYBER ATTACK VECTOR Cisco’s 2015 Midyear Report claims Facebook scams are the #1 method for network security breaches, far more common than traditional email phishing. McAfee reported that employees experience cybercrime on social media more than any other business platform, including email. A helpful comparison can be made between email phishing and social phishing. In the late 90’s and early 2000’s, the anti- phishing industry sprang up around the need to detect phishing attacks on email platforms. Social media is the next logical evolution for attackers to target an organization’s people, who have never been so accessible online. Social media phishing already accounts for $1.2 billion of the total $5.9 billion lost to phishing each year. Users are not only spending more time on social networks than any other online platform, they are far more willing to click potentially dangerous links while they’re at it. SECURITY TEAMS RESPONSIBILITIES: • Work with marketing to gain access to social accounts • Continuously monitor corporate social media accounts for cyber threats • Blacklist/block malicious URLs and IPs found on social media • Establish workflows for dealing with social media cyber crime targeting the organization • Takedown malicious posts and profiles • Test employees on susceptibility to social media cyber attacks • Train employees on safe usage, best practices, and what to do in the event of an attack • Working with marketing, keep a close eye on social media initiatives and campaigns
  • 4. © ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM Page 4 of 7 Many attackers are coordinating their efforts in broad daylight. For example, attackers launch DDoS attacks on Twitter, posting IP addresses, domains, attack tools, the time of the attack and the desired target. Because this all occurs on public venues, intel is readily available to security personnel. Security teams can use that forewarning to prepare a response strategy, such as blackholing the incoming requests or coordinating with network teams, professional services, and ISPs. Security teams can also monitor threat actor chatter to determine if their organization is being mentioned. Any threats posted on social media, be it physical or cyber, can be alerted upon. To do this, security teams ought to establish a list of organization-specific keywords and phrases including IP, proprietary/sensitive phrases, codebase, copyrighted content, employee PII, and unique words and phrases such as organization monikers and abbreviations. By analyzing the context around these unique phrases as they appear on social media, security teams can ensure a decisive early warning system against attacks. SOCIAL MEDIA AS AN OSINT THREAT INTELLIGENCE PLATFORM
  • 5. 1. ACCOUNT SECURITY • Reduce the number of people with access to accounts and publishing tools. • All social logins should be routed through a centralized, corporate controlled email address with a robust password and 2-factor authentication. • For networks like LinkedIn and Facebook, which associate a company’s page with a personal account, the admin should have extensive security controls. • All authentication should come through a single securely managed device. 2. CONTENT SECURITY • Continuously monitor accounts for suspicious settings changes. • Continuously monitor accounts for malicious outgoing posts. • In conjunction with both internal and external stakeholders (infosec department, marketing department, social networks), establish a plan of action in preparation for an account compromise. Page 5 of 7© ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM When it comes to the website, marketing is in charge of conception, design, content creation, maintenance, and optimization. Security is charged with surrounding the asset and ensuring it is safe from intruders. In the the new marketing paradigm, social media accounts are the latest and greatest way to engage with customers and prospects. When it comes to social networking profiles, marketers aren’t burdened by hosting, databases, network infrastructure, and development. They can focus on what they do best: content creation, engagement, lead nurturing, and advertising. But the security team’s job hasn’t changed. They must keep a keen eye on these highly public assets and ensure they are surrounded by the most robust protections available. Unlike other assets, security teams can’t pull the proverbial plug on breached social media accounts, meaning the attacker can remain in control for hours if not days. ZeroFOX research shows the average account compromise lasts 5.5 hours. At the high end, ABAJournal took nearly three days to recover their Twitter account. The cost? Every second you don’t have control over your account causes a viral information cascade that results in brand and customer relationship damage, loss in revenue, public relations nightmares, and huge customer support costs. SECURITY MUST SECURE ALL DIGITAL ASSETS 160,000 Facebook accounts breached every day. (if you know the name of your social media manager’s dog, you are halfway to brute forcing your organization’s account) Other high profile account compromises include: ZEROFOX RECOMMENDATIONS: A TWOFOLD APPROACH
  • 6. © ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM Page 6 of 7 P © ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM Page 6 of 6 Social media can cause major headaches elsewhere in the organization as well. Business risks such as hashtag hijacking, corporate impersonations, customer fraud (a global annual cost of nearly $4 billion), bot followers, counterfeit goods, online piracy (a global annual cost of over $70 billion), and fake customer service can hamstring an organization’s online revenue. Using similar techniques for identifying and mitigating information security risks, security teams can help address a variety of threats that span information security, compliance, revenue generation, and marketing. By continuously monitoring social media for malicious activity, security and marketing teams can identify profiles advertising pirated content or counterfeit goods, thus saving the organization potentially millions in lost revenue. Teams can also find and takedown scammers and fraudulent actors targeting an organization’s hashtags or impersonating the brand. This is a perfect opportunity for security teams to go beyond locking down assets and hardening walls by empowering other departments to do their jobs more safely and effectively. Moreover, the financial benefit is immediately tangible and quantifiable. One issue of particular note is fake follower and botnets following the corporate accounts, whether purchased by the marketing team or gained involuntarily. The presence of bot followers makes distributing content to legitimate supporters very difficult. This issue becomes especially problematic with social media advertising. Ads are often judged by the number of impressions the recieve online. Because bots can account for the vast majority of an ad’s total impressions, their presence greatly undermines marketing ad spend. In the long run, removing fake followers leads to higher click through rate, higher conversion rate, more engagement, and a healthier social media marketing and advertising program. SECURITY TECHNIQUES USED TO MITIGATE BUSINESS RISKS ON SOCIAL MEDIA On Facebook, a post only reaches 2-7% of followers. The more bots, the less likely real followers will see and engage with posted content. SECURITY TEAMS RESPONSIBILITIES • Test and train employees on safe social media usage • Continuously monitor for business risks on social networks • Continuously monitor for organization-specific sensitive keywords and phrases • Identify and remove fake followers and social botnets • Establish workflows for dealing with business risks targeting the organization • Takedown malicious posts and profiles © ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM Page 6 of 7
  • 7. © ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM Page 7 of 6© ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM Page 7 of 6 Social media is an inevitable constant for conducting business in the modern world. As marketers continuously expand their presence, security teams must work alongside them to ensure it is done safely and securely. SECURITY CANNOT SUCCEED IN ISOLATION ZeroFOX combats the cutting-edge threat of social network exploitation, protecting your employees, your customers, and your business. Our software platform enables organizations to mitigate modern infosec and business risks: targeted phishing, account takeover, piracy, attacker chatter, customer scams, fraud and more. Social media is the new foundation for business and personal communication, representing the largest unsecured network in the world; security teams must continuously monitor for threats where their people are most vulnerable: social media. ZeroFOX Enterprise is a cloud platform built to monitor social media objects (profiles, keywords, hashtags, etc.) and detect threats impacting your organization. At the heart of the ZeroFOX Enterprise technology stack is FoxScript, a customizable JavaScript-based language that opens the power of ZeroFOX’s data collection and analysis engines to virtually any use-case. You control what data to monitor and which analyses to perform. THE ZEROFOX EDGE Identify employee targeted phishing attacks on social networks Find and takedown fraudulent & impersonating accounts Mitigate costly customer fraud and scams Uncover stolen information, counterfeit goods and pirated content Continuously monitor key employee & company accounts for compromise Investigate attacks being planned against your organization Integrate via API into existing security technology Develop custom FoxScripts to detect unique security use-cases ZEROFOX RECOMMENDATIONS: A COMPREHENSIVE APPROACH © ZeroFOX 2015 – All Rights Reserved | ZEROFOX.COM Page 7 of 7 PHASE 1: FORM A SOCIAL MEDIA SECURITY TEAM TASK FORCE • The size and makeup of this group will vary by organization, but should include security, marketing, and any other departments facing risks on social media (fraud, compliance, HR, sales, risk management, finance, etc). PHASE 2: ESTABLISH CONTROLS AND BEST PRACTICES FOR PROTECTING ACCOUNTS • 2-factor authentication, robust passwords, centralized email address for logins, password managers such as LastPass and Dashlane, etc. PHASE 3: TRAIN RELEVANT PARTIES ON SAFE SOCIAL MEDIA USAGE • This should include setting passwords, clicking links, and i dentifying malicious social profiles. PHASE 4: SECURITY TEAMS TAKE LEAD ON CONTINUOUSLY MONITORING SOCIAL MEDIA PHASE 5: REGULAR MEETINGS TO REVIEW CONTROLS AND ASSESS EFFECTIVENESS • The social media security task force should meet monthly or quarterly to review the initiative and make appropriate changes.