2 15.2.2013 Liiketoiminnan lait -seminaari Turvallinen ja tehokas sosiaalinen media

Social Media and enterprise

Opportunities

Risks

External view

Internal view

Social Media in the

Enterprise

Social Media for Recruiting

Social Media for Internal Knowledge

Sharing

Social Media for Branding and

Marketing

Social Media for Internal

Communication

Social Media for Public Relations

Compliance Risks regarding

Social Media

Reputational Risks regarding

Social Media

Strategic Risks regarding

Social Media

Social Media CRM

Operational Risks regarding

Social Media

Social Media for Innovation and

Crowd Sourcing Social Media for Internal Trainings

Social Engineering

Privacy

Security

Regulations

Social Media for Customer

Feedbacks

3 15.2.2013 Liiketoiminnan lait -seminaari Turvallinen ja tehokas sosiaalinen media

Social Media Sites

4 15.2.2013 Liiketoiminnan lait -seminaari Turvallinen ja tehokas sosiaalinen media

Social Media risks and challenges

Criminal hackers “re-engineering” confidential information • Hacked, faked or compromised corporate accounts • Viruses, malware, cross-site scripting and phishing • Failure to establish complete and fully compliant archiving and record-retention

processes for corporate information shared on social media, especially in the health care, financial services and banking industries

Do not ignore, limit, restrict!

5 15.2.2013 Liiketoiminnan lait -seminaari Turvallinen ja tehokas sosiaalinen media

Social media: opportunities and risks abound

6 15.2.2013 Liiketoiminnan lait -seminaari Turvallinen ja tehokas sosiaalinen media

Social Media and enterprise

Which of the following controls have you implemented to mitigate the new or increased risks related to the use of social media?

45 %

45 %

40 %

32 %

11 %

10 %

20 %

18 %

72 %

67 %

26 %

5 %

8 %

3 %

Limited or no access to …

Policy adjustments

Security & social media …

Monitoring of social …

New disciplinary processes

Adjusted incident …

None

Global

Finland

7 15.2.2013 Liiketoiminnan lait -seminaari Turvallinen ja tehokas sosiaalinen media

Social media without effective governance

Management

Marketing & Communication

Human Resouces

Legal & Compliance

Research & Development

IT Security & Operations

Products & Services

Business networking website

Video-sharing website

Music-sharing website

Photo-sharing website

News and update-sharing website

Email client and personal updates

website

Social networking website

No Social Media Governance

8 15.2.2013 Liiketoiminnan lait -seminaari Turvallinen ja tehokas sosiaalinen media

Social media with effective governance

Marketing & Communication

Human Resouces

Legal & Compliance

Research & Development

IT Security & Operations

Products & Services

Management

Social Media Governance Good Practices Social Media Monitoring Centralized overview of the organization‘s

official social media sites Real-time monitoring of relevant keywords Established incident managemen system

adressing social media issues

Good Practices Social Media Awareness All employees have access to the social

media policy and are regularly informed about the do‘s and dont‘s

Testing of the policy through ethical social engineering attacks etc.

Good Practices Social Media Strategy Social media strategy that covers the specific strengths and

weaknesses of the organization related to social media Strategy is implemented through the social media policy

Good Practices Social Media Policies Corporation-wide social media policy with regional

adaption if necessary Social media policies for marketing and communication as

well as for business and private use by all employees

Business networking website

Video-sharing website

Music-sharing website

Photo-sharing website

News and update-sharing website

Email client and personal updates

website Social networking

website

9 15.2.2013 Liiketoiminnan lait -seminaari Turvallinen ja tehokas sosiaalinen media

Unlock potential benefits and address risk

Unlock potential benefits: • Recognizing strategic

opportunities • Brand awareness • Generate revenue • Enhanced competitive

advantage • Valued relationships • Efficient recruitment • Cost reduction • etc. Control the Risks: • Strategic risks • Operational risks • Reputation risks • Legal risks • Confidentiality risks

Effective Social Media

Governance & Strategy

Social Media Strategy Vision, Goals, KPIs

Social Media Assessment SWOT Analysis

Social Media Governance Framework Policies, Guidelines

Social Media Awareness Trainings

Social Media Monitoring Controls, Tools

Social Media Excellence

10 15.2.2013 Liiketoiminnan lait -seminaari Turvallinen ja tehokas sosiaalinen media

Social Media governance maturity model

11 15.2.2013 Liiketoiminnan lait -seminaari Turvallinen ja tehokas sosiaalinen media

Thank you

Antti Herrala IT Risk & Assurance Leader

Advisory Services

Email: antti.herrala@fi.ey.com Phone: +358 207 280 190 Mobile: +358 40 768 8397