Parakum Pathirana, profile picture
Uploaded byParakum Pathirana
PPT, PDF3,640 views

Social media and Security risks

The document discusses the security risks associated with social media, particularly focusing on the context of Sri Lanka. It highlights key statistics regarding internet penetration, active Facebook users, and various security threats such as malware and privacy concerns. Recommendations for individuals and organizations on defending against these risks, including best practices for privacy settings and monitoring, are also provided.

Embed presentation

Downloaded 48 times
Social Media and Security Risks http://www.isaca.lk/ info@isaca.lk Parakum Pathirana Principal Consultant – LOLC Technologies, President – ISACA Sri Lanka Chapter MSc, FBCS, CISA, CISM, CGEIT, CISSP, ISO 27001 LA, MCP, CHFI, QCS, ITIL, CCSK
Disclaimer • I’m employed in the #infosec industry, however not authorized to speak on behalf of my employer/ clients • Everything I say can be blamed on the voices in your head
My credentials • 9+ years in #Infosec field • Tutor, consultant/ advisor, auditor, head of InfoSec • Sectors: financial, leisure, manufacturing, advertising, gov, insurance, etc. • Crazy about #cycling, #infosec, #socialmedia • Still learning and not an expert at anything • lk.linkedin.com/pub/parakum- pathirana/2/a52/2a2/
Agenda • Key facts • Sri Lanka digital overview • Security threats • Case study • Facebook graph search • Threats arising from third party applications • TMI • Defense
Social Media Jungle !!!
Facebook
Twitter
Key facts • Facebook has over 1.11 billion monthly active users, and daily active users passed 665 million 1 • Research suggests that only 14% of consumers trust advertisements 2 • Social media & Arab spring • Impact on Sri Lanka Presidential Elections 2015 • Free wi-fi • Impact on individuals, organizations, etc.
Sri Lanka digital overview Attribute Sri Lanka Indonesia Malaysia Total population 21,675,648 251,160,124 29,628,392 Internet users 3,927,948 72,700,000 19,200,408 Internet penetration 18% 29% 65% Active Facebook accounts 2,000,000 62,000,000 15,600,000 Facebook penetration 9% 25% 53% Active mobile subscriptions 20,324,070 281,963,665 41,324,700 Mobile subscription penetration 94% 112% 139% Percentage of mobile subscriptions that are 3G connections 13% 22% 43% Number of active mobile broadband subscriptions 953,000 80,100,000 4,000,000 Mobile broadband subscriptions as a percentage of the total population 4.4% 32% 14% Active social media users accessing social media on a mobile device 1,400,000 52,000,000 13,000,000 Penetration of mobile social as a percentage of the total population 6.6% 21% 44%
Security threats • Malware distribution • Koobface - a worm masquerading as Adobe Flash Player update • Started in 2009, users were enticed to watch a funny video, then conned into “updating” Flash • Koobface connected infected computers to botnet, served machines ads for fake antivirus software • Estimated 400,000–800,000 bots in 2010 • Cyber stalking/ harassment • Privacy concerns • Impact on employment, reputation, etc. • Concerns for organizations: brand reputation, laws and regulations
Security threats
Case Study
Case Study •Not the first time Sir John has been left red- faced over photos posted on Facebook. • His wife, Lady Sawers, put up a picture of Sir John wearing skimpy swimming shorts on her Facebook page last May when he was appointed to the MI6 top job.
News Highlights
Facebook Graph Search
Social Networking – Local context
Cricket Sri Lanka
J.P. Morgan
Threats arising from third party applications • Anyone can write one…No assurance on security or privacy • No complete Terms and Conditions – either allow or deny • Once installed, developers will have access rights to look at your profile and overrides your privacy settings!
TMI • Lack of common sense: it’s very difficult to delete information after it’s been posted online • Indiscreet information can adversely affect college employment, your personal life, etc. “Connor Riley: “Cisco just offered me a job! Now I have to weigh the utility of a [big] paycheck against the daily commute to San Jose and hating the work.” • Location services, be careful when you check-in • URL shortner services • E.g. bit.ly
How to defend yourself? • Reasonable “Common sense” measures • Use strong, unique passwords • Provide minimal personal information: avoid entering birthdate, address, etc. • Review privacy settings, set them to “maximum privacy” • “Friends of friends” includes far more people than “friends only” • Exercise discretion about posted material: • Pictures, videos, etc. • Opinions on controversial issues • Anything involving coworkers, bosses, classmates • Anything related to employer (unless authorized to do so) • Be wary of third party apps • Supervise children on social media
How to defend yourself? • “If it sounds too good to be true, it probably is” • Use browser security tools for protection: • Anti-phishing filters (IE, Firefox, Chrome) • Web of Trust • AdBlock/NoScript • Personal reputation management: • Search for yourself online, look at the results… • Google Alerts • Extreme cases: • Cease using, delete accounts? • Contact law enforcement
How to defend yourself? • Combatting url shortners • Think before you click?
Defense strategy for organizations • Monitoring & Responding • Formulating the necessary policy framework • Awareness
….
Thank you

More Related Content

PPT
Network security and protocols
byOnline
 
PPTX
Social Media Privacy
byLisa Turner
 
PPTX
Social media privacy and safety
bySarah K Miller
 
PPTX
Social media and Security: How to Ensure Safe Social Networking
byIshfaq Majid
 
PPTX
Social Networking Security
byS. M. Shakib Limon
 
PPTX
Social Media Cyber Security Awareness Briefing
byDepartment of Defense
 
PPTX
Social media privacy issues
byNousheen Arshad
 
PDF
Social Media Forensics
byJohn J. Carney, Esq.
 
Network security and protocols
byOnline
 
Social Media Privacy
byLisa Turner
 
Social media privacy and safety
bySarah K Miller
 
Social media and Security: How to Ensure Safe Social Networking
byIshfaq Majid
 
Social Networking Security
byS. M. Shakib Limon
 
Social Media Cyber Security Awareness Briefing
byDepartment of Defense
 
Social media privacy issues
byNousheen Arshad
 
Social Media Forensics
byJohn J. Carney, Esq.
 

What's hot

PPTX
Social Media And Privacy October 9 2009
bycanadianlawyer
 
PPTX
VAPT - Vulnerability Assessment & Penetration Testing
byNetpluz Asia Pte Ltd
 
PPTX
Cyber Security in Society
byRubal Sagwal
 
PPTX
Types of cyber attacks
bykrishh sivakrishna
 
PDF
Social engineering attacks
byRamiro Cid
 
PPTX
Privacy issues in social networking
byBryan Tran
 
PPTX
Introduction to Cybersecurity Fundamentals
byToño Herrera
 
PDF
What is Open Source Intelligence (OSINT)
byMolfar
 
PPTX
Security threats in social networks
byTannistho Ghosh
 
PPTX
Ethics,security and privacy control
bySifat Hossain
 
PPTX
Cyber security and its advantages
byRadhika Sharma
 
PPT
Indian perspective of cyber security
byAurobindo Nayak
 
PDF
Microsoft 365 Compliance
byDavid J Rosenthal
 
PDF
SOCIAL NETWORK SECURITY
byMarketingatBahrain
 
PPTX
The pros and cons of social media
bySally Loan
 
PPT
Cyber Security and Cyber Awareness
byJay Nagar
 
PPTX
Data Security - English
byData Security
 
PPTX
Security Awareness Training.pptx
byMohammedYaseen638128
 
ODP
Cyber security awareness
byJason Murray
 
PPT
What Is Social Media?
byAlexLowe
 
Social Media And Privacy October 9 2009
bycanadianlawyer
 
VAPT - Vulnerability Assessment & Penetration Testing
byNetpluz Asia Pte Ltd
 
Cyber Security in Society
byRubal Sagwal
 
Types of cyber attacks
bykrishh sivakrishna
 
Social engineering attacks
byRamiro Cid
 
Privacy issues in social networking
byBryan Tran
 
Introduction to Cybersecurity Fundamentals
byToño Herrera
 
What is Open Source Intelligence (OSINT)
byMolfar
 
Security threats in social networks
byTannistho Ghosh
 
Ethics,security and privacy control
bySifat Hossain
 
Cyber security and its advantages
byRadhika Sharma
 
Indian perspective of cyber security
byAurobindo Nayak
 
Microsoft 365 Compliance
byDavid J Rosenthal
 
SOCIAL NETWORK SECURITY
byMarketingatBahrain
 
The pros and cons of social media
bySally Loan
 
Cyber Security and Cyber Awareness
byJay Nagar
 
Data Security - English
byData Security
 
Security Awareness Training.pptx
byMohammedYaseen638128
 
Cyber security awareness
byJason Murray
 
What Is Social Media?
byAlexLowe
 

Viewers also liked

PDF
Social media and security essentials.pptx
byPink Elephant
 
PDF
Social Media From a Security Point Of View - Telenor GoToSec and Telenor Peop...
bySpareBank 1 Gruppen AS
 
PDF
Social Media Security Risk Slide Share Version
byfamudal
 
PDF
The Lanka Gate Initiative
byPrabath Siriwardena
 
PDF
The Cyber Security Readiness of Canadian Organizations
byScalar Decisions
 
PDF
IGF Sri Lanka
byAPNIC
 
PPT
HRM RELATED USE OF ICT IN JUDICIARY
byTalwant Singh
 
PDF
Computer Network Security
bySachithra Gayan
 
PDF
ISOC Sri Lanka Way Forward
byAPNIC
 
PPTX
ION Sri Lanka - DANE: The Future of TLS
byDeploy360 Programme (Internet Society)
 
PPT
Introduction to ICTA - Org Study Presentation
byJackseen Jeyaluck
 
PPTX
[Challenge:Future] Rallying Youth Against Cyber Crime
byChallenge:Future
 
PDF
Executive Summary of the 2016 Scalar Security Study
byScalar Decisions
 
PPT
Intellectual Property in Sri Lanka
bySLINTEC
 
PPTX
Sri Lankan Context for Electronic Commerce
byUpekha Vandebona
 
PPTX
Guide to-social-media--2016
byAndy Smith
 
PPTX
Intellectual Property, Sri Lanka and Copyrights
byUpekha Vandebona
 
PDF
Ict act in sri lanka
byThilini munasinghe
 
PPTX
SRI LANKA, CHINA MARITIME INFRASTRUCTURE
byHansani Sampath
 
PDF
2016 Scalar Security Study Roadshow
byScalar Decisions
 
Social media and security essentials.pptx
byPink Elephant
 
Social Media From a Security Point Of View - Telenor GoToSec and Telenor Peop...
bySpareBank 1 Gruppen AS
 
Social Media Security Risk Slide Share Version
byfamudal
 
The Lanka Gate Initiative
byPrabath Siriwardena
 
The Cyber Security Readiness of Canadian Organizations
byScalar Decisions
 
IGF Sri Lanka
byAPNIC
 
HRM RELATED USE OF ICT IN JUDICIARY
byTalwant Singh
 
Computer Network Security
bySachithra Gayan
 
ISOC Sri Lanka Way Forward
byAPNIC
 
ION Sri Lanka - DANE: The Future of TLS
byDeploy360 Programme (Internet Society)
 
Introduction to ICTA - Org Study Presentation
byJackseen Jeyaluck
 
[Challenge:Future] Rallying Youth Against Cyber Crime
byChallenge:Future
 
Executive Summary of the 2016 Scalar Security Study
byScalar Decisions
 
Intellectual Property in Sri Lanka
bySLINTEC
 
Sri Lankan Context for Electronic Commerce
byUpekha Vandebona
 
Guide to-social-media--2016
byAndy Smith
 
Intellectual Property, Sri Lanka and Copyrights
byUpekha Vandebona
 
Ict act in sri lanka
byThilini munasinghe
 
SRI LANKA, CHINA MARITIME INFRASTRUCTURE
byHansani Sampath
 
2016 Scalar Security Study Roadshow
byScalar Decisions
 

Similar to Social media and Security risks

PDF
Social Media: Infiltrating The Enterprise
byJay McLaughlin
 
PPTX
Social media security
byn|u - The Open Security Community
 
PPTX
NTXISSACSC2 - Social Media: The Good, The Bad, and The Ugly by Paul Styrvoky
byNorth Texas Chapter of the ISSA
 
PDF
fissea-conference-2012_srinivasan.pdf
byRobin540999
 
PPTX
Social Media Security
byscstatelibrary
 
PDF
Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011
byBen Woelk, CISSP, CPTC
 
PDF
Interop 2011 las vegas - session se31 - rothke
byBen Rothke
 
PPTX
Risk Assessment of Social Media Use v3.01
byovercertified
 
PPTX
Brandon + Eddie users guide phi 235
bybrendaylo
 
PPTX
Users and behaviors social internet: Safety & Security
byDr. V Vorvoreanu
 
PPTX
Users and Behaviors- Social Internet
byKenie Moses
 
PPTX
Social media: Issues
bySandeep Thoniparambil
 
PDF
Effective Training and Policy Takes the Fear out of Social Networking - Shawn...
bysdavis532
 
PPTX
Mark Rogers' Social Network Presentation
byMark Rogers
 
PDF
How Safe Is YOUR Social Network?
byBlue Coat
 
PPTX
Social Computing – The Promise And The Perils Final
byKannan Subbiah
 
PPTX
Social Media And It's Effect on Security
byRajkiran Nadar
 
PPT
Social Networking Security For OCRI - Scott Wright - Condensed July 9, 2009
byScott Wright
 
PPTX
Privacy and social media
byAbirAhmed48
 
PPT
Social media user guide
byWhitney Moore
 
Social Media: Infiltrating The Enterprise
byJay McLaughlin
 
Social media security
byn|u - The Open Security Community
 
NTXISSACSC2 - Social Media: The Good, The Bad, and The Ugly by Paul Styrvoky
byNorth Texas Chapter of the ISSA
 
fissea-conference-2012_srinivasan.pdf
byRobin540999
 
Social Media Security
byscstatelibrary
 
Top Ten Tips for Shockproofing Your Use of Social Media, Lavacon 2011
byBen Woelk, CISSP, CPTC
 
Interop 2011 las vegas - session se31 - rothke
byBen Rothke
 
Risk Assessment of Social Media Use v3.01
byovercertified
 
Brandon + Eddie users guide phi 235
bybrendaylo
 
Users and behaviors social internet: Safety & Security
byDr. V Vorvoreanu
 
Users and Behaviors- Social Internet
byKenie Moses
 
Social media: Issues
bySandeep Thoniparambil
 
Effective Training and Policy Takes the Fear out of Social Networking - Shawn...
bysdavis532
 
Mark Rogers' Social Network Presentation
byMark Rogers
 
How Safe Is YOUR Social Network?
byBlue Coat
 
Social Computing – The Promise And The Perils Final
byKannan Subbiah
 
Social Media And It's Effect on Security
byRajkiran Nadar
 
Social Networking Security For OCRI - Scott Wright - Condensed July 9, 2009
byScott Wright
 
Privacy and social media
byAbirAhmed48
 
Social media user guide
byWhitney Moore
 

More from Parakum Pathirana

PPT
Cyber Threat Landscape - A Local Perspective
byParakum Pathirana
 
PDF
Unplug Yourself
byParakum Pathirana
 
PPT
Why your digital reputation matters?
byParakum Pathirana
 
PDF
IoT Adoption
byParakum Pathirana
 
PDF
Security beyond compliance
byParakum Pathirana
 
PDF
Social Media Adoption among the Banking Sector in Sri Lanka: Paper presented ...
byParakum Pathirana
 
PDF
Social Media Governance
byParakum Pathirana
 
PDF
Disruptive Technologies
byParakum Pathirana
 
PDF
Software Standards
byParakum Pathirana
 
PDF
Social media & the Financial Sector
byParakum Pathirana
 
PPT
digital tattoo
byParakum Pathirana
 
Cyber Threat Landscape - A Local Perspective
byParakum Pathirana
 
Unplug Yourself
byParakum Pathirana
 
Why your digital reputation matters?
byParakum Pathirana
 
IoT Adoption
byParakum Pathirana
 
Security beyond compliance
byParakum Pathirana
 
Social Media Adoption among the Banking Sector in Sri Lanka: Paper presented ...
byParakum Pathirana
 
Social Media Governance
byParakum Pathirana
 
Disruptive Technologies
byParakum Pathirana
 
Software Standards
byParakum Pathirana
 
Social media & the Financial Sector
byParakum Pathirana
 
digital tattoo
byParakum Pathirana
 

Recently uploaded

PDF
Happy Valentines 26 All Students by YogiGoddess
by©LDMMIA, ©Reiki Yoga
 
PPTX
Republic Day Quiz 2022.pptx aszxcvcxzxcvcx
bysanthoshbm9
 
DOCX
7 Best Place To Buy TikTok Accounts (PVA & Aged) in the US.docx
bypvaisback
 
PPTX
From 'the' Public Sphere to a Network of Publics: Rethinking Contemporary Pub...
byAxel Bruns
 
PDF
Top 20 Best Sites to Buy Verified PayPal Accounts in This Year.pdf
bysmartusapva.com
 
DOCX
Best Buy Old Gmail Accounts Checklist for First-Time Buyers (1).docx
bypvasmmpath
 
Happy Valentines 26 All Students by YogiGoddess
by©LDMMIA, ©Reiki Yoga
 
Republic Day Quiz 2022.pptx aszxcvcxzxcvcx
bysanthoshbm9
 
7 Best Place To Buy TikTok Accounts (PVA & Aged) in the US.docx
bypvaisback
 
From 'the' Public Sphere to a Network of Publics: Rethinking Contemporary Pub...
byAxel Bruns
 
Top 20 Best Sites to Buy Verified PayPal Accounts in This Year.pdf
bysmartusapva.com
 
Best Buy Old Gmail Accounts Checklist for First-Time Buyers (1).docx
bypvasmmpath
 

Social media and Security risks

  • 1.
    Social Media andSecurity Risks http://www.isaca.lk/ info@isaca.lk Parakum Pathirana Principal Consultant – LOLC Technologies, President – ISACA Sri Lanka Chapter MSc, FBCS, CISA, CISM, CGEIT, CISSP, ISO 27001 LA, MCP, CHFI, QCS, ITIL, CCSK
  • 2.
    Disclaimer • I’m employedin the #infosec industry, however not authorized to speak on behalf of my employer/ clients • Everything I say can be blamed on the voices in your head
  • 3.
    My credentials • 9+years in #Infosec field • Tutor, consultant/ advisor, auditor, head of InfoSec • Sectors: financial, leisure, manufacturing, advertising, gov, insurance, etc. • Crazy about #cycling, #infosec, #socialmedia • Still learning and not an expert at anything • lk.linkedin.com/pub/parakum- pathirana/2/a52/2a2/
  • 4.
    Agenda • Key facts •Sri Lanka digital overview • Security threats • Case study • Facebook graph search • Threats arising from third party applications • TMI • Defense
  • 5.
  • 6.
  • 7.
  • 8.
    Key facts • Facebookhas over 1.11 billion monthly active users, and daily active users passed 665 million 1 • Research suggests that only 14% of consumers trust advertisements 2 • Social media & Arab spring • Impact on Sri Lanka Presidential Elections 2015 • Free wi-fi • Impact on individuals, organizations, etc.
  • 9.
    Sri Lanka digitaloverview Attribute Sri Lanka Indonesia Malaysia Total population 21,675,648 251,160,124 29,628,392 Internet users 3,927,948 72,700,000 19,200,408 Internet penetration 18% 29% 65% Active Facebook accounts 2,000,000 62,000,000 15,600,000 Facebook penetration 9% 25% 53% Active mobile subscriptions 20,324,070 281,963,665 41,324,700 Mobile subscription penetration 94% 112% 139% Percentage of mobile subscriptions that are 3G connections 13% 22% 43% Number of active mobile broadband subscriptions 953,000 80,100,000 4,000,000 Mobile broadband subscriptions as a percentage of the total population 4.4% 32% 14% Active social media users accessing social media on a mobile device 1,400,000 52,000,000 13,000,000 Penetration of mobile social as a percentage of the total population 6.6% 21% 44%
  • 10.
    Security threats • Malwaredistribution • Koobface - a worm masquerading as Adobe Flash Player update • Started in 2009, users were enticed to watch a funny video, then conned into “updating” Flash • Koobface connected infected computers to botnet, served machines ads for fake antivirus software • Estimated 400,000–800,000 bots in 2010 • Cyber stalking/ harassment • Privacy concerns • Impact on employment, reputation, etc. • Concerns for organizations: brand reputation, laws and regulations
  • 11.
  • 12.
  • 13.
    Case Study •Not thefirst time Sir John has been left red- faced over photos posted on Facebook. • His wife, Lady Sawers, put up a picture of Sir John wearing skimpy swimming shorts on her Facebook page last May when he was appointed to the MI6 top job.
  • 14.
  • 16.
  • 17.
    Social Networking –Local context
  • 18.
  • 19.
  • 20.
    Threats arising fromthird party applications • Anyone can write one…No assurance on security or privacy • No complete Terms and Conditions – either allow or deny • Once installed, developers will have access rights to look at your profile and overrides your privacy settings!
  • 21.
    TMI • Lack ofcommon sense: it’s very difficult to delete information after it’s been posted online • Indiscreet information can adversely affect college employment, your personal life, etc. “Connor Riley: “Cisco just offered me a job! Now I have to weigh the utility of a [big] paycheck against the daily commute to San Jose and hating the work.” • Location services, be careful when you check-in • URL shortner services • E.g. bit.ly
  • 22.
    How to defendyourself? • Reasonable “Common sense” measures • Use strong, unique passwords • Provide minimal personal information: avoid entering birthdate, address, etc. • Review privacy settings, set them to “maximum privacy” • “Friends of friends” includes far more people than “friends only” • Exercise discretion about posted material: • Pictures, videos, etc. • Opinions on controversial issues • Anything involving coworkers, bosses, classmates • Anything related to employer (unless authorized to do so) • Be wary of third party apps • Supervise children on social media
  • 23.
    How to defendyourself? • “If it sounds too good to be true, it probably is” • Use browser security tools for protection: • Anti-phishing filters (IE, Firefox, Chrome) • Web of Trust • AdBlock/NoScript • Personal reputation management: • Search for yourself online, look at the results… • Google Alerts • Extreme cases: • Cease using, delete accounts? • Contact law enforcement
  • 24.
    How to defendyourself? • Combatting url shortners • Think before you click?
  • 25.
    Defense strategy fororganizations • Monitoring & Responding • Formulating the necessary policy framework • Awareness
  • 27.
  • 28.

Editor's Notes

  • #9 PR Newswire. (2013, May 1) Facebook Reports First Quarter 2013 Results. Retrieved August 15th, 2013, from http://www.prnewswire.com/news-releases/205652631.html. Qualman, E. (2012) Digital Leader. McGraw-Hill Gunawardene, N. (2015) Was #PresPollSL 2015 Sri Lanka’s first Cyber Election?, accessed on 13th January 2015, available at http://groundviews.org/2015/01/13/was-prespollsl-2015-sri-lankas-first-cyber-election/
  • #10 We are Social's 2014 Asia-Pacific Digital Overview (2014). Retrieved March18th, 2014, from http://www.slideshare.net/wearesocialsg/social-digital-mobile-in-apac
  • #13 Alexa Dell posing with her father 2012: dell spends 2.7million/ year on family security The Twitter account of Michael Dell’s daughter has been closed with speculation blaming the teen’s habit of carelessly broadcasting her family’s movements, including that of her father, in a way that undermined security