Archive for November, 2011
Lessons Learned from the Arab Spring
Posted by nleong in Social Networking, Web Security on November 16, 2011
While the Arab Spring was unfolding, the US Department of Homeland Security (DHS) was taking note. For those in need of a refresher on Middle Eastern politics, it’s been nearly a year since mass protests starting sweeping through the Middle East and North Africa. Dictators fell, civil unrest ruled the day, and social media played a hand.
Huh, come again? What does Facebook and Twitter have to do with Middle Eastern despots? Well, given the reach of social and its ability to spread the word quickly and cheaply, it shouldn’t come as a surprise that the protesters turned to social to galvanize the masses and “bring the ruckus.” And ya know what. . . it worked. Dictators fell in Egypt and Tunisia, Gaddafi’s dead, and Syria and Bahrain are moving towards more openness.
So, why the concern from DHS? Simple. What happened in the Middle East could happen in the States as well. Anyone remember Timothy McVeigh from the Oklahoma City bombings? Or the Unabomber? That’s precisely the type of activity DHS is worried about. The Arab Spring showcased the power of social media and it opened some eyes at DHS. Social networks can be a treasure trove of intelligence information, and now DHS is keen to leverage social to keep tabs on potentially dangerous elements and threats in society.
Welcome to the social age. Spy movies will never be the same. The next time you see Bond and Bourne, they might be checking their Twitter feeds to see where the bad guys are. Problem with this is “how do I know this information is accurate or reliable?” This conundrum pre-dates social media and has always been a concern for all the government agencies and departments dealing with intelligence.
As DHS is still trying to figure how best to monitor social networking activities without running afoul of privacy laws, now might be a good time for them to start looking towards technology as an ally in the fight against threats, be it cyber or old school. With a deeper understanding of today’s technological capabilities, DHS will be better able to formulate appropriate social media monitoring guidelines and perhaps avoid Oklahoma City and Unabomber-type tragedies in the future.
Failing that, give Jason Bourne a call.
SEC: 10Ks are about to get a lil heftier
Posted by nleong in Compliance, Public IM, Social Networking, Web 2.0, Web Security on November 8, 2011
Recently, the SEC issued some guidance that potentially places an additional disclosure burden on public companies. Given technology’s influence in the world of finance and business operations in general, the SEC deemed it an opportune time to issue its thoughts on the role of cybersecurity. It hasn’t been codified yet as a rule, regulation, or statement, but it is indicative of SEC sentiment towards the topic.
With the proliferation of communications channels in use today (think email, instant messaging, Skype, social media, to name a few), this also increases the number of potential avenues for cybersecurity breaches to occur. The ability to easily post content, such as links, videos, podcasts, audio clips, etc., makes these new communications vehicles inviting targets for hackers and other folks with malicious objectives.
So, it makes sense indeed for the SEC to worry about the impact of security breaches on a company’s operations and ultimately its bottom line, which in turn, means it should be disclosed in a 10K. It could very well be that a significant part of a company’s business depends on protection against cyber attacks. For instance, a data center provider must ensure it has the highest levels of security in its buildings and IT infrastructure to ensure that its customers’ data and/or equipment is secure. A breach in the provider’s network will directly affect the performance and fortunes of its customers who rely on near 100% availability, if not 100%, to conduct their own businesses.
And the SEC took it one step further by saying that companies must be specific in their disclosures and not use such generalized language that it can apply to any company. 10Ks are already notorious for reading like soporific legal documents, filled with boilerplate language, but the challenges faced by e-commerce sites might differ from those encountered by social media sites. That’s just one example.
The complexity of cyberattacks and the sophistication of their perpetrators necessitate detailed information in disclosure reports. That’s not to say that a company should compromise its own cybersecurity, but it should at least provide enough information in the 10K to inform a prospective investor the unique security risks that company faces.
In light of the financial scandals and instabilities over the last ten years, investor protection should not be taken lightly. Thus, it’s commendable that the SEC is taking another step in ensuring investors are afforded all relevant data points to make informed decisions. Bravo.
Belbey Blogs: Observations from the road…
Posted by belbey in Compliance, Enterprise 2.0, FINRA, New Internet, Social Networking, Trends on November 1, 2011
As the Social Media and Compliance Specialist for Actiance, I am tasked with educating firms within regulated industries on how to use social media effectively, while meeting compliance requirements. In this role, I meet with clients, speak at industry events and am on hand to be the expert at seminars, trade shows and the like. This past few weeks, I’ve participated in lively conversations within the securities and insurance industries about deploying social media and thought I’d share what I’ve been hearing…
- When discussing book keeping requirements vs privacy issues at client meetings, several senior compliance professionals at large broker dealers have relayed that although FINRA is only interested in business communications, they plan to capture, supervise and archive all of their registered representatives’ use of social media. “How do I know that they aren’t doing business in their “personal” accounts is the question often asked? If they want to use the tools, the regulator is interested in the content of the message, not the identity that I used to post it”
- At the CEFLI Social Media – Regulatory Insights & Implementation Strategies Summit (http://www.cefli.org/events/summit-meetings/regulatory-insights-implementation-strategies) a senior marketing professional at one very large insurance firm told me that their advertising department develops content, sends it to their compliance department for approval and then adds the content to a centralized library for their producers to use. All subsequent conversations from that original content are supervised. At the same event, I learned that Facebook is the network of choice for many producers. They “friend” their clients and use “Life Events” such as getting married, buying a house and having children, as opportunities to sell insurance. I can understand that totally. Just like I understand why wealth management has great success with LinkedIn. Each market to their own network and all that.
- At the BDI Insurance Social Communications Leadership Form (http://www.cvent.com/events/insurance-social-communications-leadership-forum/event-summary-7391fdd325c149839aade4300775ba24.aspx a senior marketing professional from a global bank stated that not only is all content created by marketing and approved by legal, she personally crafts all the responses to the content for 10 Subject Matter Experts. I know for a fact, that since I, and members of the social team here at Actiance starting creating and crafting social messages, we’ve seen our organizations social interactions sky rocket. As is oft repeated in our internal meetings “ just because you give them access to social doesn’t mean that they know what they’re doing or what to share”.
- At the IQPC Financial Innovation Technology Forum (http://www.iqpc.com/Event.aspx?id=555242), one firm shared how they are using quizzes and gamification to drive revenue producing behavior. I love this and I love how gamification drives distributed teams – face it, if you’re in a team responsible for revenue you want to be the #winner so being able to see how you’re doing against your colleagues is conduicive to driving that behavior.
- And at the National Securities Compliance Professional (NSCP) Annual Conference http://nscpmeetings.com/2011/meeting-nat.html
Norv Leong, our director of product marketing, member of the California bar, legal ying to my social yang, and my booth mate for the conference were intrigued by the number of times we asked attendees whether they have social media policies in place and that they repeated “YES” Great we thought… until they added ”Our policy is no!”.
Want to know what we learned at the FINRA Advertising and Regulation Conference Stop by again shortly, and I’ll share all…
Hatches, Matches, & Dispatches: Marshalling Social Resources for Communications
Posted by nleong in Social Networking on November 1, 2011
None other than NATO itself used Twitter and Facebook to announce the killing of Muammar Gaddafi last week. Does that not strike (no pun intended) you as a bit odd for an organization typically associated with red tape and lack of consensus? That even NATO is using social media for notable events is a nod to the power of social media and its unique ability to marshal resources quickly and efficiently. The North African uprisings this past spring is a case in point.
Government agencies throughout the world are turning to social media to engage with their constituents and increase transparency. If anything, social media, due to its open nature, is tailor-made to exploit inconsistencies or misstatements. However, this cuts both ways. It can be a boon for events like the announcement of Gaddafi’s death or disseminating critical information during emergencies (e.g., natural disasters, terrorist attacks). But, if not used properly, social media can throttle an organization’s or individual’s reputation.
Some recent examples come to mind. Kenneth Cole, a US fashion designer, hijacked the #Cairo hashtag to promote his new spring collection of clothing. His insensitivity was quickly lambasted in social media sites, causing massive harm to his and his company’s reputation. Similarly, Airbnb, a startup that brings together folks with rooms to rent with those looking for a place to stay, tried to cover up a transaction gone awry. Instead of just admitting its fault and taking a proactive approach to rectify the situation, Airbnb came across as standoffish, paying a heavy price in PR damage.
Monitoring technologies, specifically geared towards social media, are available to government agencies and organizations. These sophisticated solutions enable the latter to effectively police the content posted to social media sites. In many respects, they are “trusted allies,” ensuring the safe use of social media in a very sensitive environment.
Because many of these international organizations are so large, the chances for a social media gaffe occurring are that much higher. For you statistics geeks out there, think of it this way: the larger the sample pool, the higher the probability of something going wrong. That’s why monitoring solutions can play an important role in managing social media activities.
Diffusing tense situations and providing stability in chaotic situations are central to NATO’s mission statement. Certainly, using social media wisely can be just as chaotic and challenging. Maybe that’s why NATO’s so comfortable using social. Do you agree?
