Social media has both driven and coincided with the substantial change in the way that organizations react to their customers – and as we witness the threat landscape increasing in volume and complexity, it’s no surprise that social media threats to businesses have risen dramatically.
In January 2021, the average targeted organization experienced nearly 34 attacks via social media – and by September that number had increased to an average of 61 attacks per month. While social media can be useful for quick identification of potential threats by helping surface anomalies that need to be investigated, corporate security teams often lack the situational tools needed to effectively monitor and assess these threats, leaving them overwhelmed with large amounts of unorganized, unactionable social media data.
Take one Ontic client, for example, a Fortune 200 electric company that started experiencing a drastic increase in the volume and severity of complaints from its customers. With the amount of social media activity pouring in, it was difficult to effectively identify negative complaints and isolate those that may be threatening. Not only was there a lack of visibility, but there wasn’t a strong process in place to prioritize more severe complaints and ensure they had access to the most up-to-date information at each plant location.
With Person of Interest (POI) data stored in a static spreadsheet, their security team was severely limited in their ability to collaborate and unable to sufficiently monitor the area around each facility location – which was a critical component in keeping employees, their property and other assets safe.
When the threatening activity turned from social media to protests and local group planning, the company realized they needed a solution that would allow them to stay ahead of threats and risks and ensure nothing slipped through the cracks.
They turned to the Ontic Platform to obtain a holistic view of historical and real-time threats creating the ability to proactively monitor activity on various social channels and set up filters to monitor posts specific to each of the 10+ electrical plant locations.
Once the company’s signal feed surfaced a threatening social media post with a clear photo of the plant location, the Director of Security was able to take action immediately. Within just 15 minutes the image was taken down, closing the pathway for threat actors to assemble a plan to protest at the plant location. The security lead was able to forward the post and action plan to the social media team within minutes, mitigating the threat while also highlighting the security team’s value.
Having increased visibility of potential threats and the ability to quickly assess their severity drastically improved the security team’s time to resolution for potential threats and reported incidents. They now have more actionable signals and a fuller picture of their threat landscape that allows for easier prioritization of threats that pose a greater risk.
“Now with a holistic view of our threat landscape, we have the ability to run down every single threat. We’re able to categorize and prioritize all of our threats to better determine which ones are important and which ones aren’t. Having this platform allows us to make better use of our time and focus on what is critical,” said the Director of Security at the company.
While social media posts are a dime a dozen, it only takes one to slip through the cracks that can potentially have a devastating impact on your organization’s business operations and reputation. In the new digital age, it’s critical for businesses to implement the proper tools to proactively monitor activity online and alert security teams in real-time so suitable action can be taken. Having a tool that gives more actionable signals and a fuller picture of your threat landscape allows for easier prioritization of threats that pose a greater risk, improving time to resolution for potential threats and therefore better protecting your business and your people.
Want to learn more about how this company was able to protect its people and assets by collecting critical intelligence? Take a look at their case study with the Security Executive Council (SEC) here.