By Gary Bahadur, Jason Inasi and Alex de Carvalho
Reviewed by Jeimy J. Cano M., Ph.D., CFC, CFE, CMAS
Just 10 years ago the Internet was a place where a few people generated content and decided what stayed and what was deleted. Now, after an impressive evolution of Web 2.0, users develop and update content on the Internet without limitation. That is, the Internet has gone from a few controlled participants, to innumerable participants empowered and able to convene and mobilize through social networks and other forms of expression online.
According to a recent Strategy+Business article1, generation C, a group that stays connected, is content-centered and is highly oriented to digital communities, is on the rise. Given that this generation is beginning to join the workforce, it is even more necessary to begin the required risk analysis related to the use of digital social media in a business context.
Securing the Clicks: Network Security in the Age of Social Media, by Gary Bahadur, Jason Inasi and Alex de Carvalho, presents a practical methodology for evaluating the social media risk that arises from the use of social networks, so that enterprises become aware of the impact and practices required to enable them to mitigate their exposure to this risk. This approach details a matrix based on the acronym HUMOR: human resources, utilization of resources, monetary spending, operations management and reputation management.
Following the HUMOR analysis matrix, the authors break the book into five parts: assessing social media security; assessing social media threats; operations, policies and processes; monitoring and reporting; and social media 3.0.
This book, comprised of 18 chapters and an appendix, describes its model using a fictitious company called JAG Consumer Electronics, which establishes the conditions and actions that companies must consider to understand and review their exposures to the reality of social networks and other digital media.
The publication is particularly useful and recommended for professionals in information security, IT governance, IT audit and IT management in general, as a basic body of knowledge on security in social networks. Additionally, the book offers a set of practices and lessons learned for corporate executives to understand the use of digital social media as a natural element of 21st century corporations.
Finally, if you are not yet convinced that we live in times of information overload, instantaneous interactions and online relationships, this book recognizes generation C and the reality of empowerment of individuals who are creating a new world through web content.
Securing the Clicks: Network Security in the Age of Social Media is available from the ISACA Bookstore. For information, see the ISACA Bookstore Supplement in the latest issue of the ISACA Journal, visit the ISACA Bookstore online or email [email protected].
Jeimy J. Cano M., Ph.D., CFC, CFE, CMAS, is a distinguished professor in the law department of the Universidad de los Andes, Colombia. He has been a practitioner and researcher in information and computer security and in computer forensics for more than 15 years in different industries. Cano holds the COBIT Foundation Certificate and is a member of the ISACA Publications Subcommittee.
1 Friedrich, Roman; Michael Peterson; Alex Koster; “The Rise of Generation C: How to Prepare for the Connected Generation’s Transformation of the Consumer and Business Landscape,” Strategy+Business, Booz & Company Inc., iss. 62, Spring 2011, www.strategy-business.com/article/11110