Seattle, WA
Security and Social Media: An Interview with Security Expert Christopher Burgess
Social Media allows you to engage in conversations with users, build your brand and drive customers to buy. But with every great opportunity comes problems — from careless employees to criminals looking to exploit weaknesses.
Christopher Burgess, Senior Security Advisor
Christopher Burgess has been studying security and its role in social media as part of his job as Senior Security Advisor to Cisco. He says he became interested in the topic when he saw how criminals were using the online environment to their advantage.
“If businesses and individuals understand how their information may be used by an individual with malevolent intent, they can appropriately adjust,“ says Burgess. ”I help with the understanding. It is one of the reasons I volunteered for, and am a member of the Washington State Attorney General’s Internet Safety Taskforce.
Burgess will be speaking on how businesses and teams can create policies that minimize risk to their company while making sure they are asking the right questions of their IT team. He will offer tips, best practices and case studies. If you are a business owner, marketer, PR consultant, or brand manager, you won’t want to miss this presentation. We are anticipating another sold-out event, so be sure to register soon!
Before his talk we caught up with Burgess to ask him a few questions.
What are the biggest security threats posed by social media to businesses?
I’ll share two which are top of my mind for me at this time, but do understand, as we move forward on the timeline and new methodologies evolve so do new threats.
- Not having a social media handbook or guide which educates your employees on how social media is to be used in support of the business internally and externally
- Data migration to uncontrolled environments
You mention that writing a company social media handbook is a good thing to do but many company handbooks regarding social media seem to crack down on employee use and completely ignore the possible benefits of having your employees talk about your company. How do you strike a balance?
Hopefully there are far fewer iterations of a policy or handbook which lockdown their employees, and more which are created to guide their employees in the use of social media tools both internal and external to the company. Without such the business leaves to interpretation as to how to triage situations and define what and how the company prefers the tools to be used. I think most of us prefer to remove ambiguity and provide our employees with direction and resources to make good decisions.
When did you first realize that company security was at risk because of employee use of social media?
A great question. Risk is a broadly defined word which can be quantified and defined in a variety of ways.
So let me give you two examples and I’ll hit on these and a few more during the presentation.
The first I’ll take right out chapter one of my book “Secrets Stolen, Fortunes Lost.” The “The Tale of the Targeted Trojan” discusses a case which demonstrated how the confluence of physical and technical surveillance conducted by those with criminal intent allowed for the creation of a one-off piece of malware which was specifically designed to extract competitive data from an unsuspecting business and did so across a number of international borders. The surveillance included the mining and observation of the information the unsuspecting business and their employees had placed online and thus was available for harvest. A number of companies were successfully targeted and lost a host of information. The different types of information included intellectual property, go to market plans, customer data, personnel data, etc.
The second has to do with taking internal data and exposing it externally. Specifically, I witnessed, from afar, a company in the healthcare industry take their internal coordination of their patient records and services and organically migrate the coordination to a convenient external environment which gave them connectivity in such a way that their internal infrastructure did not. Unfortunately, the external environment wasn’t designed with the level of security required by regulatory directive.
What different security issues do small companies face compared to large ones?
Small companies by definition have more limited resources than larger ones and thus don’t readily have the infrastructure or head-count to throw at the issue, but other than the resource difference, the issues are identical. They still have their data, their customer data, their intellectual property and trade secrets and their brand to protect, the differences is scale.
Are there technical security issues business owners and managers should be discussing with their IT team?
Absolutely. Both large and small companies should be discussing how a given technological implementation meets the business needs, while also conforming with the company’s information security policies and regulatory guidelines. Lets return to my prior example of the company which had an organic migration to a third-party environment for the purposes of doing their job in a more collaborative and coordinated manner. It would appear the intent was noble, but it also appears that the security and privacy regime surrounding that environment were not fully understood. It is this understanding that I believe are amongst the most important to be discussing with those providing IT.
Why should people come see you speak? — Why is your talk so important?
Those who are able to attend should take away a perspective and context which they may not have given much thought too previously. There is no turning back time nor the tide, the evolution of social media is continuing, and we are all participants, keeping our businesses, ourselves and our families safe and secure is what this talk is about – that’s important.
Any last thoughts?
I do enjoy sharing information and am very much looking forward to the event on the 29th of June when I will be amongst my friends, family, and colleagues within the Social Media Club of Seattle, a club which I am a member. I hope this is just the beginning of this conversation.
See Christopher Burgess at our June Event:
Date – June 29, 2010
Time – 6-9 p.m.
Tickets – $15 includes two drinks and appetizers
Location – 415 Westlake – 415 Westlake Ave. N. Seattle, Washington 98109
Register Now - http://smcseajune.eventbrite.com/
(Complimentary on-site parking available)
Thank you to sponsors CBS Radio Seattle and Tungle.me
More About Christopher Burgess:
Christopher Burgess is a senior security advisor to the chief security officer of Cisco, where he focuses on intellectual property strategies. Additionally, Christopher leads the Global Investigative Support team, the Government Security Office, and the Global Threat Analysis team. Burgess co-authored the book “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century” (Syngress, March 2008). In December 2009, The Huffington Post published his piece “A Common Sense Approach to Social Media.” Follow Christopher Burgess on Twitter: @burgessct and Cisco: http://twitter.com/CiscoSystems
The Collision of Search and Social – Recap: Online Marketing Summit
By Maya Bisneer
SMCSeattle was a partner at the Online Marketing Summit this week.
As a member of SMCSeattle, I was clearly one of the few people who had a good pulse on the Social Media side. Considering that most people there were clearly going to be marketers, I was curious to see how they view the intersection of Social Media with Search marketing (SEO and SEM).
On the whole, it is great news for the Social Media community.
Social media is going to play a bigger and bigger role in search and marketing in the coming years. The best way to stay ahead and be the best marketer is to play and learn on the Social Media front. Embrace technology. Laggards in technology will always be laggards in marketing.
The opening Keynote with Rand Fishkin from SEOMoz and Mike Grehan of IncisiveMedia set the tone for the day.
They talked about Facebook, Twitter and Google and how search is shaping up beyond Google these days. Real time search is being redefined by location based applications such as OpenTable that tell you if a table is available at a restaurant close to your location RIGHT NOW. That is way different from, and more real time, than Google search, said Mike Grehan.
Rand Fishkin said they do not have enough data to say how exactly tweets are influencing real time search on Google, but the fact is that they(tweets) are and will influence search. Staying ahead matters, he said. So get on Twitter, Facebook, LinkedIn and Foursquare.
Each of the keynote speakers gave their four step marketing plan for any small business that wants to market without getting overwhelmed -
Rand Fishkin’s key points -
1. Start with Analytics – focus on measurements
2. Track your tweets, clicks on your links etc. using tools like bit.ly
3. Invest your time and marketing efforts on what you are most passionate about. If you are good at and feel strongly about Twitter and Facebook, start there. If you are an SEO person, first focus your efforts on SEO.
4. Give something away – something of value depending on what skill you have in house. White papers, infographics etc. always get a lot of hits and retweets, he said.
That should give you a good start. Keep measuring and slowly move to other areas and tools to market.
Mike Grehan had a 4P plan for businesses -
1. Positioning – First decide who you are. That is key to driving traffic.
2. Permission – Get the visitor’s permission to email them, add them to your lists etc. For this, you might need to give away something valuable.
3. Partnership – Do not try to go it alone. Marketing is so much more easy and effective if you co-promote, co-sponsor with other companies.
4. Performance – Now focus on doing better. Use tools such as email marketing, affiliates etc.
Measure everything. Analytics are key.
Another highlight of the day was a presentation by Jonathan Colman – Internet Marketing Manager at REI. I am including a link to that here. The presentation was packed with good information – so take your time to study it.
About: Maya Bisineer
twitter: @thinkmaya
Startup: Memetales – http://www.memetales.com
Blog: http://thinkmaya.com
SMC Seattle June Event: Social Media and Security
Thanks to the pervasiveness of social media, interactions between companies and customers are happening in an increasingly public ecosystem. As with every period of change, we need to learn how to effectively leverage the new mediums and tools at our disposal. We also need to learn how to maintain the security and integrity of our brands and companies.
Join us on June 29 as speaker Christopher Burgess offers his preferred practices and cautionary tales from his role as senior security advisor at Cisco.
When done right, says Burgess, social media allows you to engage in dynamic conversations with users, build brand equity, improve your solutions, and drive customers to purchase and adopt. But beware of the dark side, as employee behavior can cast a poor light on your company and put the integrity of your brand’s reputation, network, and IP at risk.
If you are a business owner, marketer, PR consultant, or brand manager, you won’t want to miss this presentation. We are anticipating another sold-out event, so be sure to register soon!
June event details:
Date – June 29, 2010
Time – 6-9 p.m.
Tickets – $15 includes two drinks and appetizers
Location – 415 Westlake – 415 Westlake Ave. N. Seattle, Washington 98109
Register Now – http://smcseajune.eventbrite.com/
(Complimentary on-site parking available)
About our speaker:
Christopher Burgess is a senior security advisor to the chief security officer of Cisco, where he focuses on intellectual property strategies. Additionally, Christopher leads the Global Investigative Support team, the Government Security Office, and the Global Threat Analysis team. Burgess co-authored the book “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century” (Syngress, March 2008). In December 2009, The Huffington Post published his piece “A Common Sense Approach to Social Media.” Follow Christopher Burgess on Twitter: @burgessct and Cisco: http://twitter.com/CiscoSystems
Thank you to our sponsors: CBS Radio and Tungle.me!
CBS Radio, Seattle (comprised by KZOK.FM, KMPS.FM, JACK.FM, and AM1090) recognizes and embraces the digital evolution of our media. Locally and nationally, their network employs a progressive perspective on multi-media stratagems and 360 solutions. Social media rests at the epicenter of our digital focus. Listeners are encouraged to blog, tweet, and facebook with his/her favorite on-air personalities, upload audio/visual content, share music, and much more. Follow them on Twitter: @1025KZOK and @941KMPS
Tungle.me makes scheduling meetings easy–across organizations, calendar systems, and time zones. Tungle.me is a free personal scheduling application that eliminates costly double bookings, time zone mishaps, and the endless back and forth of finding a time to meet. Tungle.me synchronizes with leading online calendar systems and does not require registration. Follow them on Twitter: @TungleRocks
Connecting with Social Media Club Seattle
Pardon our dust as we work to build out this portal on the official Social Media Club website. For now, if you would like up to date information on our chapter or to connect with local members, please visit us on our local website. Many thanks!
Recap: May Event “How to Call BS on a Social Media Guru (With Video!)
Thank you to everyone who turned out for another sold-out SMC Seattle Event. Speaker Scott Berkun put on a great presentation outlining ways to find out if the social media “expert” you’re meeting with really knows what they are talking about.
Here’s a video of Scott’s talk edited by the fabulous @coolguygreg for those of you who missed it or want to see it again. (If you weren’t there, there was a joke about drinking every time someone used a social media buzzword.)
SMC Seattle May Event: How to Call BS on a Social Media Guru from SMC Seattle on Vimeo.
Scott’s talk was filled with tactics and tools anyone can use to evaluate anyone presenting themselves as an “expert”. It’s what he called an applied critical thinking talk. Here are a few highlights:
Beware Snake Oil: In anything “new” there is bound to be some garbage out there. It attracts get rich quick scammers. Get nervous when you hear buzzwords like fundamental change, trans-formative, revolutionary, breakthrough, radical, paradigm-shift, or game changing. If anyone uses these words on you your radar should go off. Don’t believe anything unless it agrees with your own common sense.
Beware unattributed statistics: With enough money and time it’s possible to create data that says just about anything. (See “How to Lie with Statistics” by Darrell Huff) Anytime you hear a statistic floating in space there is no reason to give any credibility to it whatsoever. Where did it come from?
Question Marketing, PR and Sales: Anyone employed in that position has a strong incentive to only give the rosiest picture of their client. To that end, if they are marketing their marketing services to you be especially skeptical.
Key Questions When Hiring a social media “Expert”:
- How long have you been doing this?
- Why are you more credible than the other guy?
- Who are your clients? Can I talk to them?
- What are your examples? Samples?
- Are the promises you are making realistic?
- Have you done this yourself?
- How do you know what you know?
- When have you or your theory been wrong?
- Why do so many people fail at this?
- What are you selling?
- Does anything you say not suggest I should buy?
- Why aren’t you more popular in social media?
Phrases not to trust:
- “Studies say” – Which Studies? Are there equally reputable studies that say the opposite?
- “Experts say” – Which ones? When and where did they say it?
- “The data shows…”
- “Ashton Kutcher / Gary Vaynerchuck did…” What did non-celebrities do? How did people in my business do it?
This was an information packed talk and hard to do justice in a short summary, but if you want to see just the slides or you want to see all of Scott’s sources you can find them on his post about the talk.
A little bit about Scott Berkun:
Scott was a manager at Microsoft from 1994-2003, on projects including v1-5 (not 6) of Internet Explorer. He is the author of three bestselling books, Making Things Happen, The Myths of Innovation and Confessions of a Public Speaker. He works full time as a writer and speaker, and his work has appeared in The New York Times, The Economist, Wired magazine, National Public Radio and other media. He writes frequently on innovation and creative thinking at his blog: scottberkun.com and tweets at @berkun.
A Big Thank You to Subway, This Month’s Sponsor!
Subway has a long history throughout Western Washington, and is excited to be sponsoring this month’s SMC Seattle event. There are more than 360 Subway stores throughout the area– more than almost any other area in the country— which is a reflection of the healthy, active lifestyle of many Seattle residents. If you’re looking for a healthy on-the-go alternative to fast food, Subway offers eight different sandwiches; each with just six grams of fat or less. Subway’s Sweet Onion Chicken Teriyaki sandwich (Jared’s favorite) makes a great tasting, low-fat meal.
To stay up to date with Subway and it’s delicious offerings:
Twitter: http://twitter.com/subwayfreshbuzz
Facebook: http://www.facebook.com/subway
http://www.subway.com/
