AP's Twitter hoax a wake-up call for all
- {{x.value}}
{{ twilioFailed ? 'SMS Code Failed to Send…' : 'Enter verification code' }}
{{ completedStep1 ? 'Authentication & Security' : content.trialHeading.replace('{0}', user.FirstName) }}
{{ content.upgradeHeading.replace('{0}', user.FirstName) }}
The email address you entered is registered with InvestSMART
Please login to continue
We have sent you an email with the details of your registration.
Looks you are already a member. Please enter your password to proceed
{{ upgradeCTAText }}
Updating information
Please wait ...
Your membership to InvestSMART Group recently failed to renew.
Please make sure your payment details are up to date to continue your membership.
Having trouble renewing?
Please contact Member Services on support@investsmart.com.au or 1300 880 160
You've recently updated your payment details.
It may take a few minutes to update your subscription details, during this time you will not be able to view locked content.
If you are still having trouble viewing content after 10 minutes, try logging out of your account and logging back in.
Still having trouble viewing content?
Please contact Member Services on support@investsmart.com.au or 1300 880 160
Please click on the ACTIVATE button to activate your Intelligent Investor 15-day free trial
Please click on the ACTIVATE button to finalise your membership
Unsuccessful registration
Registration for this event is available only to Eureka Report members. View our membership page for more information.
Registration for this event is available only to Intelligent Investor members. View our membership page for more information.
- You are already registered for this event.
- This event is already full.
- Please select a quantity for at least one ticket.
- {{ i }}
Forgotten password
Please enter your email address below to request a new password
- Verify your email address by clicking on the link we sent to {{user.Email}}
- You now have free access, we look forward to helping you on your financial journey.
Let’s put it this way: social media and security don’t work together very well today. Marketing professionals who see social media as a vital communication channel view security as a nuisance, whereas security pros view services like Facebook and Twitter as trivial pastimes that expose the business to enormous risk.
The problem is, when it comes to social media, these two facets of the organisation need to come to terms with each other – and this was clearly on display earlier this week when the Dow Jones briefly plummeted over 100 points due to false tweets from AP’s hacked Twitter accounts that indicated President Obama had been injured by explosions at the White House.
This recent breach signifies two things:
- The potentially damaging impact of social media is real and growing.
- Companies today aren’t doing enough to mitigate the risks.
As social media becomes a legitimate source of news and information, the implications for inaccurate or inappropriate behaviour continue to grow. Damaging or disparaging comments on Twitter (whether intended or not), can have a real impact on your business and the way customers view your company and brand.
Companies need to do more to protect their organisation from social media risk because Twitter account hacks are now “business as usual” for the social network. It seems every week there is news of another Twitter account hack (see CBS 60 minutes, Burger King, Jeep, not to mention Twitter’s own breach).
Clearly, Twitter needs to do more to enhance its own security protocols -- two-factor authentication is sorely missing from the social network’s arsenal – but Twitter can’t take all the blame. Companies need to accept the existing limitations of the social network and reinforce their social media efforts with better security practices of their own.
There are relatively easy ways to reduce the risk. The frequent Twitter account breaches also signify a larger trend of poor security behaviour when it comes to social media. Easily discoverable passwords, shared accounts, minimal governance, and no security oversight are common reasons why recent social media hacks were successful.
An effective spearphishing campaign opened the gates to the Associated Press Twitter account. These are relatively easy issues to fix, especially when you consider some of the much more complex security threats that exist today. They’re not completely solvable, but basic security protocols, such as using strong passwords, restricting access rights, and better awareness training would vastly improve your security posture.
Security and risk pros avoid the conversation today. Still too often S&R pros seek reasons to block social media altogether at the company and do not try to join social media strategy discussion. As much as they would like to do this, completely blocking social media isn’t practical or effective. Moreover, current security awareness efforts that can promote and educate the company on effective security behaviour are insufficient and often seen by the security team as unimportant.
In fact, according to our Forrsights Security Survey, security awareness initiatives fall towards the bottom on a long list of security priorities (10th on list of 15 possible initiatives).
The AP hack isn’t just about Twitter; it’s about your own security and protecting your own company’s brand and reputation. The only way this can happen is if security and risk management become regular parts of the social media conversation, and conversely, when the security and risk management start to value social media as an important business tool with real benefits, and real consequences.
Nick Hayes is a Forrester researcher serving Security & Risk Professionals. His research is dedicated to the organisational and strategic elements of building a successful governance, risk management, and compliance (GRC) program, including a focus on culture, communications, and other human aspects of GRC. This article was originally published on the Forrester Blog Network. Republished with permission.
Call 1300 880 160
Start a chat
Schedule a call
