Social media platforms have become the norm for companies to engage with customers and communicate information with the rest of the world. These networks also provide data that, when used with social monitoring tools, can be used to mitigate security issues before they become a major problem.
In this presentation you can learn how some of the world’s leading companies are using social intelligence to monitor security threats, identify liabilities, and get ahead of risk.
Covered:
Cyber security attacks
Fraud detection
Intellectual property protection
Executive and talent threats
4. Why Monitor Threat Detection?
• Social Media is great for broadcasting information…for positive actions as well as
malicious ones
• Remember: there are no limits to what people will post on social media
• Marketers leverage Social Media as their “haystack” for brand, competitive, and
influencer purposes
• We can utilize these same ideas and tools for security and threat detection
• We will expect a relatively small number of mentions, but when they occur, they
are extremely actionable and relevant. All it takes is one.
8. #SecurityWithSysomos
Use Case: Cyber Security
• One of the largest news sources and
news distributors in the world
• Owns many digital news properties that
are relied on heavily by their advertisers
• Same digital properties are very
attractive targets for hackers
• DDoS (Distributed Denial of Service
Attack): Overloads company
website/network by sending numerous
packets of information – making users
unable to access
9. Use Case: Cyber Threats
• Can Social Predict DDoS attacks and
other Cyber threats? Indirectly, yes.
• Utilizing email alerts
• Setting post frequency threshold
limits for a ‘true attack’
• Creating the threshold: from historical
attacks in the past year, 1000
mentions signified an attack and an
unusual number of mentions
• Cost to a company between
$5,000 to $100,000 /hr
• 49% of DDoS attacks last
between 6 – 24 hrs
10. Use Case: Cyber Threats
• Finding the bad apples and repeat
offenders
With a social media research platform
you can actively find and make lists of
social users and accounts who have:
• Targeted you in the past
• Act as early warning systems for
attacks
• Use language that indicates attacks
• Are part of communities often
involved in attacks
11. #SecurityWithSysomos
Use Case: Physical Threats
• Same large news source and distributor
• Has many publically known and
recognizable on-air talents,
personalities and executives working
for them
• Regularly receive physical threats
against these people
• Solution was to use long complex
trigger tags with keywords for every
possible scenario of a physical threat
12. Use Case: Physical Threats
• Example of a trigger tag:
"John Doe Harm"~3 OR "John Doe Hurt"~3 OR "John
Doe Vandalize"~3 OR "John Doe Vandalizes"~3 OR
"John Doe Vandalizing"~3 OR "John Doe Strike"~3 OR
"John Doe Attack"~3 OR "John Doe Loss of Life"~3 OR
"John Doe Kill"~3 OR "John Doe Killed"~3 OR "John
Doe Killing"~3 OR "John Doe Find"~3 OR "John Doe
Hackers"~3 OR "John Doe Hacking"~3 OR "John Doe
Cyber Attack"~3 OR "John Doe CyberAttack"~3 OR
"John Doe CyberAttacker"~3 OR "John Doe Cyber
Army"~3 OR "John Doe CyberArmy"~3 OR "John Doe
Al-Qaeda"~3 OR "John Doe AlQaeda"~3 OR "John Doe
Al Qaeda"~3 OR "John Doe Hacker"~3 OR "John Doe
Threat"~3 OR "John Doe Threatening"~3 OR "John
Doe Threatened"~3 OR "John Doe Plane Crash"~3 OR
"John Doe Suicide Attack"~3 OR "John Doe Suicide
Bomber"~3
• A tag like this can trigger an email alert,
be routed into a custom dashboard, or
be integrated through an API feed into a
command center with additional data
points outside of social
• Many different trigger tags can be made
for every possible security or threat
scenario
• Once these are made they can be
replicated for locations, peoples names,
various business assets and more
#SecurityWithSysomos
13. Use Case: Copy Cat
• Every time a Twitter handle pops up with
the brand name – any derivation thereof –
an alert is triggered
• Allows risk and security staff to identify
and take action on unauthorized user
accounts
• Ensures the reputation of the brand is not
compromised by a malicious attack
(from:a*_widget OR from:b*_widget OR
from:c*_widget OR from:d*_widget OR
from:e*_widget OR from:f*_widget OR
from:g*_widget OR from:h*_widget OR
from:i*_widget OR from:j*_widget OR
from:k*_widget OR from:l*_widget OR
from:m*_widget OR from:n*_widget OR
from:o*_widget OR from:p*_widget OR
from:q*_widget OR from:r*_widget OR
from:s*_widget OR from:t*_widget OR
from:u*_widget OR from:v*_widget OR
from:w*_widget OR from:x*_widget OR
from:y*_widget OR from:z*_widget OR
from:widget_a* OR from:widget_b* OR
from:widget_c* OR from:widget_d* OR
from:widget_e* OR from:widget_f* OR
from:widget_g* OR from:widget_h* OR
from:widget_i* OR from:widget_j* OR
from:widget_k*
#SecurityWithSysomos
14. #SecurityWithSysomos
Use Case: Piracy Protection
• Multinational Media Brand, and a
Multinational Sports Entertainment Group
• Heavily rely on revenues generated from
pay per view content, as well as protected
content, such as TV shows, and movies
• Major issue with leaked content before
release dates as well as illegal streaming
of content during events
15. Use Case: Piracy Protection
• Finding the source of illegal streaming, and also those helping to broadcast it
• Look for the most retweeted content, and the largest retweet spreads
• Find the original post promoting an illegal streaming source
• Create lists to track, monitor, and be alerted to these sources
((stream OR streaming OR
torrent OR livestream OR
online OR free OR “free
download” OR “streaming
online” OR “watch the”)
AND ("the martian" OR
martian OR themartian)
AND NOT (trailer))
#SecurityWithSysomos
16. Use Case: Fraud Detection
• Using visual cues – or ‘listening’ – as a
means to capture and track image-driven
content
• Illegal tickets
• Unauthorized apparel
• Phishing Scams
#SecurityWithSysomos
17. #SecurityWithSysomos
Three Things to Know
1. Survey the landscape and out what
existing conversations regarding threats are
happening on social
To surface conversations, think and search
social channels on:
• Related industries
• Known threats and security events from
the past
• Various market segments you are
involved in
18. #SecurityWithSysomos
Three Things to Know
2. Monitor for threats against your brand,
your executives, your office locations, etc.
Things to Consider:
• Have we scoped out a process and
workflow for any threats that may
occur?
– What resources need to
leveraged internally when a
threat takes place?
• Can we identify malicious actors that
need to monitored on an ongoing
basis?
19. #SecurityWithSysomos
Three Things to Know
3. Look beyond the text
Not all conversations about security will
happen via copy – think about how people
are sharing information:
• Instagram
• Facebook
• Tumblr
• Reddit