Social Media Watch
Social media has become an indispensable marketing, recruiting, communications, and customer engagement tool for millions of companies. However, social media – whether through corporate accounts, employees, or customers – can expose organizations to information and physical security issues as well as risk and compliance concerns.
Cyveillance Social Media Watch was designed explicitly to meet the needs of smaller organizations. It eliminates the need to hire or dedicate internal resources to address compliance and risk issues on social media. If we identify an actual threat, risk or leak, we alert you and deliver an in-depth report. In addition, the captured social media content related to you can be searched and measured, and metrics compiled for due diligence and management reporting through our customer portal.
From a security standpoint, criminals and bad actors are just as active in social media as consumers and businesses, and are using it to create impostor accounts, publicly embarrass organizations and individuals, plan disruptive physical activities such as riots and protests, and publicly post confidential documents. From a compliance and risk standpoint, organizations must balance human resource and legal concerns with the risks that employees and third-party vendors can post information that may purposely or inadvertently expose confidential information, or violate regulations or requirements for their industry.
Not surprisingly, one of the biggest challenges is how to monitor social media and identify actual risks and threats amidst all the noise. This can be especially problematic for smaller organizations that don’t have the resources to hire a dedicated team or invest in sophisticated analytics software and tools to manage security, compliance and risk issues related to social media.
Looking beyond the client’s own enterprise, Global Intelligence reports contain details about major security risks and threats across industries and geographic locations so that security and risk teams stay informed about what is going on in the security space outside of their own organization.
Social Media Watch consists of four service elements: Monitoring, Vetted Alerting, Incident Investigation Reports, and Global Intelligence.
We use automated systems to gather data from critical social and Web-based sources, and use advanced systems and human threat analysts to identify a broad range of security risks and online threats:
- Physical threats to people, facilities, or infrastructure
- Organized disruptions, protests or activism affecting your operations
- Online data loss and leakage of sensitive information
- External threat actors referencing your company or discussing attack plans, targets or systems related to you
- Imposter accounts on Twitter, Google +, and YouTube
Social media monitoring is also an increasingly important concern for risk and compliance professionals. For example, the recent Federal Financial Institutions Examination Council (FFIEC) Guidance reminds financial institutions that turning a blind eye to what occurs on social media is not an option, and the Food and Drug Administration (FDA) has issued similar guidance for pharmaceutical companies. Organizations have a duty to ensure that they are protecting their official accounts and their customers’ information from outside threats on social media.
By automating the search process and scanning the most popular social media platforms for indications of potential problems, Cyveillance Social Media Watch ensures you have the required monitoring in place, enabling you to address compliance requirements and devote your time to solving potential issues rather than finding them. As an added benefit, the Cyveillance Threat Center, our online portal, not only houses all of your findings and reports, it maintains a rolling index of all the social and web content we’ve collected for you, so you can search through the data yourself.
Beyond compliance, monitoring for security threats can include looking for indications of recruitment, planning, execution, or claiming of responsibility of a cyber-attack against your organization, or mentions of specific attack methods (e.g. DDoS, SQL injection data dumps etc.) or tools employed in those attacks, (e.g. Low Orbit Ion Canon, UDP Flooder, etc.) It can also include monitoring for references to or discussion of your organization, brand or leadership by individuals or groups previously identified as a known cyber or physical Threat Actor.
Social media runs around the clock, and so do we. Our Security Operations Center is staffed with top analysts 24 x 7 to vet the information that our automated systems bring in, ensuring that we only alert you to real issues. Rapid notification of potential issues allows you to get ahead of the problems and react accordingly.
Rapid notification is important, but our customers rely on us for much more than just the knowledge that a problem may be coming. We answer the critical questions that allow you to react appropriately: WHO is this person or group? WHAT can you tell me about them? WHY are they interested in or attacking my organization? HOW seriously should I take this issue? Is there anything I should DO to be ready?
Each time we send an alert, we assign the case to an investigator who prepares an in-depth follow up. Our Incident Investigation Report, which typically follows in 12 to 24 hours, uses all available online sources and our own Threat Actor database to answer these questions.
Our Global Intelligence reports provide you with the big picture of what is going on in the world outside your network and offices. This general Cyber Threat Activity and Trends report allows you to see what the latest threats are outside of your organization.
We provide you with details on the global threat trends that we study and investigate on a daily basis for customers across all industries so you can stay informed about what is going on outside of your sector. This helps you to easily stay aware of security news that has been vetted, investigated, and collected by our expert analysts, not a third-party newsfeed.
- Targeted monitoring for specific risks and threats
- Coverage of major social media platforms, plus dozens of document-sharing, leak and “paste” sites
- Vetted, human-validated alerts
- In-depth Incident Investigation reports
- Access to 24×7 secure web portal
- Global Intel for security awareness
- Access to trained threat analysts 24x7x365
- Information on top threats and risks for organizations of similar size to help you plan accordingly
- We only send you real threats, so you don’t waste resources on non-issues
- In-depth investigations contain the information necessary to quickly develop a response plan
- Access to all of the data that did not rise to the level of a risk or a threat satisfies the need for social media and web monitoring for security and compliance
- Daily Global Intelligence reports help you stay current with threat trends and become the information source on security risks and threats for your organization