Social networks are a fact that cannot be ignored anymore. Businesses are faced with social networks at the workplace (and outside of it) and have realized that these sites cannot be blocked. On the other hand, social networks are riddled with leaked trade secrets, and in general with information that businesses would like to keep confidential – and that’s on top of the immediate security threats that are being carried over these massively popular platforms.
In this talk we’ll cover the following aspects of social network intelligence from the CISO point of view:
- Building a corporate policy for social network usage by employees
- How to enforce the corporate security policy for social network usage – common tools and techniques.
- Building a security policy for social networks for 3rd party providers, contractors and consultants.
- Policy enforcement for 3rd parties – from legal to technology.
- Creating and maintaining a baseline of how my business is “seen” from the outside world in terms of social networks.
- Who is on it from my employees, what kind of data is out there, are there really my employees? Can you tell what am I doing now? What can be derived from my connections and my employees connections (Maltego™ to the rescue).
- Managing my business information on social networks – verification, control and takedown.
- Does John Doe work for accounting? Is this the actual John Doe from accounting? Publishing a “corporate” profile and owning the real one, and how to take down the fake ones.
- Using social networks for business and competitive intelligence (primer only).
Duration: 45 minutes.