Security Awareness and Social Media
Should you use Social Media?
One of the many data security seminars I attended this year to stay current as a computer security specialist (I can’t remember which or I’d give credit) included a good story as illustration…
Imagine this is 1989 and you’re a foreign intelligence agent tasked with identifying potential “assets” in a US aerospace defense contractor. You target female senior engineers, divorced, in their 40s. It might take months of research to identify individuals, and months more to find their interests and daily habits. All of this would be quite costly. Fast forward to 2009: you could find all this data and much more in minutes through Facebook, Twitter, LinkedIn and similar sites. People tend to trust contacts they make through social networking sites so after a few dozen interactions, and almost no expense, they trust you. You know what their hobbies are, their likes and dislikes, and are well placed to recruit them. This is one of the many nightmares facing big business and government, and it’s one of the reasons Read the rest of this entry »