Hosted by ISACA, a global association of 95,000 IT professionals, Asia-Pacific CACS will examine topics such as cloud computing, e-government security, governance of enterprise IT (GEIT), and social media risks and benefits.
In his session titled Social Media: Business Benefits with Security, Governance and Assurance Perspectives, Urs Fischer, CISA, CRISC, member of ISACA’s Guidance and Practices Committee, will urge organizations to actively address potential risks, such as viruses and lack of control over content, without prohibiting the use of social media.
Fischer’s presentation will help organizations address security, customer service and corporate reputation risks raised by their employees’ use of social media—on the job and off.
“Historically, organizations tried to control risk by denying access to cyberspace, but that won’t work with social media,” said Fischer. “Companies should embrace it, not block it. But they also need to empower their employees with knowledge to implement sound social media governance.”
Since tools like Facebook and Twitter don’t require new hardware or software from the IT department, they can be introduced by a business unit, marketing team or individual employees, bypassing the normal safeguards and risk assessment provided by IT, HR and Legal. This issue is reflected in IT department attitudes—62% of respondents to the 2010 ISACA IT Risk/Reward Barometer rated the risk posed by employees visiting social networking sites or checking personal e-mail as medium or high.
Organizations need to consider employee behavior when developing their approach to social media policies and practices. There are four significant risks created when employees use social media, whether they are on the job or off.
Although social media provides a new entry point for technology risks such as malware and viruses, these risks are increased primarily due to lack of employee understanding of “risky behavior.” Fischer notes that any strategy to address the potential risks of social media usage should first focus on user behavior.
Fisher’s “Social Media: Business Benefits With Security, Governance and Assurance Perspectives” presentation is based on an ISACA Emerging Technology white paper of the same name.
Monday, February 21- 2011 @ 9:12 UAE local time (GMT+4) Replication or redistribution in whole or in part is expressly prohibited without the prior written consent of Mediaquest FZ LLC.