Organizations need to adopt a more comprehensive approach to risk management to address new threats coming from digital, social media and mobile. - Jen McClure, CEO, JEM Consulting
PALO ALTO, CALIF. (PRWEB) July 10, 2017
Companies face a growing number of risks posed by digital and social media, and are challenged to effectively and comprehensively manage them. While most organizations have policies, procedures and programs to manage more traditional IT security risks effectively, they are less mature in their management of new types of digital and social media risks. Although digital governance teams and Digital Centers of Excellence are beginning to be more common, most organizations do not yet have fully optimized, managed, and resourced processes and programs to comprehensively manage new and growing types of digital and social media risks, and are slow to adopt tools and technologies to help manage these risks. These were among the key findings of a landmark new study that surveyed more than 200 companies across a wide range of industries to track how they perceive and manage digital and social media risks today.
“The 2017 State of Digital and Social Media Risk Management” was conducted by JEM Consulting & Advisory Services, a Silicon Valley-based management consultancy. The study, sponsored by Proofpoint, highlights trends and best practices for digital and social media risk management, and provides a useful resource for teams responsible for managing the growing number and types of digital and social media risks in their organizations.
Key findings include:
- Organizations face a wide, complex and increasing number of digital and social media risks, including malware, email security, cloud-based applications, breaches, data collection storage and management, brand fraud, website security, backend systems, phishing, digital trolls, bots, denial of service (DoS) attacks, social media and imposter social media accounts and mobile.
- Regarding social media, organizations are most concerned about a wide range of both internal and external risks ranging from risk to brand reputation and employees mistakenly sharing confidential, regulated or embarrassing information via social media to hackers and trolls targeting employee social media accounts; social media scams and phishing; fraud and counterfeiting using fake social media accounts; integration with other systems such as CRM and intranet and FTC and HIPAA regulatory compliance.
- As the number and types of risks continue to expand, responsibility for managing digital and social media risks extends well beyond the IT department. These risks are still primarily managed by the IT team at most organizations. However, as the digital risk landscape expands, many other functions have primary responsibility for managing digital and social media risk, including the digital team, compliance team, marketing team, and social media team, among others.
- Digital governance teams and Digital Centers of Excellence are becoming more common at organizations to help manage digital and social media risks. Seventy percent of respondents stated that they have a digital governance team and / or a Digital Center of Excellence, yet more than 30% have no social media policy or training for employees, although the use of branded and employee social media is quickly expanding across most organizations.
- Companies are slow to adopt tools and technologies to help them manage the growing number of digital and social media risks. While organizations face a multitude of new challenges and concerns, only 33% use any tools or technologies to specifically manage social media brand, security, and compliance risks.
- Most organizations do not have a fully optimized, managed, and resourced process and program for managing digital and social media risk. Less than 10% of organizations rated their digital and social media risk management maturity level as “optimized,” and at the other end of the spectrum, more than 30% are in the still in the initial stage of developing a comprehensive program.
“Most organizations have established policies, procedures and programs to manage more traditional IT security and digital risk effectively, but are less mature in their management of new types of digital and social media risks,” stated Jen McClure, CEO, JEM Consulting & Advisory Services. “Organizations need to adopt a more comprehensive approach to risk management to address new threats coming from digital, social media and mobile. This can be accomplished through more effective collaboration between the growing number of departments and functions responsible for risk management, including not only IT, but also the digital and social media teams, compliance, marketing and others. They need to work together to update their risk management strategy and governance including policies, processes and programs to specifically address the growing number and types of threats. Companies need to develop employee training and enablement programs to help employees better understand, identify and manage these new risks; and deploy new tools and technologies to proactively identify and manage advanced attacks delivered via email, social media and mobile apps.”
“Enterprises have very clearly recognized the need to protect and mitigate risk across their owned infrastructure; however, social media and mobile communication have increasingly expanded that scope to include third-party, public and consumerized infrastructure,” said Jonathan Reedy, vice president of Digital Risk Business Development for Proofpoint. “The 2017 State of Digital & Social Media Risk Study results are echoed across our customer base. Digital channels have accelerated the potential impact of a data breach, which requires organizations to deploy sophisticated remediation measures as quickly as possible.”
The key findings of this research were presented in a webinar by JEM Consulting CEO, Jen McClure and Jonathan Lee of Proofpoint, who discussed the latest digital and social media risks facing companies today; how leading organizations are addressing and managing these risks; goals and challenges organizations are facing regarding digital and social media risk management and best practices, processes and tools to proactively identify and manage these risks more effectively. A recording of the webinar is available here.
About JEM Consulting & Advisory Services
JEM Consulting & Advisory Services is a Silicon Valley-based management consultancy for the digital age. JEM works with its clients to help them gain a competitive edge through digital and social media strategy, enablement and governance. For more information, visit http://jem.consulting.