In today’s digital age, almost every security tradeshow, convention, and summit has some kind of social media branding around the event. Similarly, almost all the companies, vendors, and exhibitors execute a social campaign. However, a good amount of security professionals will have no idea about this because they don’t partake in social networking. Why? Data exfiltration, phishing, and malware attacks pose too great a threat. So, if you’re like them, and cyber safety on social media is your biggest concern, this blog is for you.
Burner phones and Black Hat USA
The paranoia around devices being hacked is particularly heightened at Black Hat USA in Las Vegas. The annual information security conference takes place back-to-back with the Def Con hacking convention. Now, we’re not saying your concerns aren’t valid. Those hackers can really pull off some shenanigans. However, we’d like to reiterate that most cyber security incidents are caused by insider threats (such as employees), not hackers. So, please feel free to leave the burner phone at home.
We expect to have conversations regarding the risk of being an industry professional on social media when we exhibit at Black Hat USA. That is because having a social media profile is a requirement in order to be entered into our daily $300 Mastercard gift card raffle. Attendees who come by Gurucul Booth #1100 to meet and greet with our “celebrity” guest can be entered if they share their photo on social media tagging @Gurucul and #BHUSA.
Securing phones in a place where hackers knowingly gather should not be a concern for a $100 billion industry. And, like we stated above, it’s not the outsiders you need to be worried about – it’s the insiders. Practicing cyber safety on social media is not dependent on the level of security on the platform. It is actually dependent on you.
Read on to learn how to leverage the power of social networking and tips for practicing cyber safety on social media.
A Case for Security Professionals to Use Social Media
First, besides being up-to-date on the latest news at Gurucul (if you’re not already subscribed to our Behavior Analytics Newsletter), having a presence on social networking sites like LinkedIn or Twitter enables you to receive breaking industry news. Be the first to learn about the latest data breach or a partnering company’s product announcement. Simply plug in a security topic with a hashtag (#) to see what security professionals on social media are saying.
Secondly, industry professionals can use social media to meet and stay connected to others in the security space. Send a direct message to your colleague on LinkedIn to see if they’ll be attending the upcoming Black Hat USA conference in Las Vegas. Follow your favorite cyber security news correspondents on Twitter to get real time updates and event coverage. There’s a “find nearby connections” button on LinkedIn so when you’re at a show like Black Hat you can see which of your mates are there.
Lastly, cyber security professionals on social media can show off their mastery of the space, thus boosting their reputation as an industry leader. Should they choose to tag (@) the company they work for in their profile, their positive social media presence will boost their organization’s brand awareness by default. Also, this can go for any professional in any industry – not just cyber security!
Everyday Tips for Practicing Cyber Safety on Social Media
- Do not disclose personal information. Going on vacation for a week? Excited about the Corvette you just bought? These are things to feel excited about but should not be shared on social media. It informs potential cyber attackers that you’re not at work (perfect time to compromise an account) and the personal information you share can be used to steal your identity.
- Make your password a sentence. Your social media login password should be a strong passphrase to ensure protection from hackers and cyber threats. Choose a sentence with 15 or more characters that is easy to remember for you (for example, “I love running a lot”)
- Use the privacy and security settings. Sites like Facebook will allow you to choose the audience for your posts. You can also set your Twitter profile to “Private” if you want to limit who can see your tweets. Block any accounts that make you feel uncomfortable or unsafe. Any form of cyber-bullying, online harassment, or threatening content should be reported immediately.
- Spring clean your friends list and connections. Professional social networking sites like LinkedIn are great for connecting with other industry professionals. However, be careful who you deem a “friend” or “connection” as their inappropriate behavior can poorly reflect on you. For example, a former employee with whom you used to work connects with you on LinkedIn. You accept. What you do not know is that he is now disgruntled. He is leaving harassing comments under the company’s LinkedIn posts. Is this someone you want to associate with? Does he reflect your professional demeanor? If the answer is no, then decline, block, or remove the connection.
- Trust your gut when it comes to suspicious links. Never open a link from a profile or an account that looks fishy. Hackers and spambots place infected links, or malvertisements, in direct messages, tweets, and e-mails with convincing call-to-actions. For example, “We’re giving away $100 gift cards! Click here and answer a few short questions to redeem!” Did you really win a gift card, or are they trying to steal your information to sell?
Safely Leveraging Social Media as an Industry Professional Begins with You
Practicing cyber safety on social media begins with trusting your judgement. It’s also about being mindful of the information you chose to share.
We hope you’ll join us at Black Hat USA in Las Vegas, August 3-8. Stop by Gurucul booth #1100 for Behavior Based Security Analytics demos, Famous Fraudster presentations, and to meet and take a photo with “Britney Spears”! Be sure to follow Gurucul on Twitter, LinkedIn, and Facebook for real-time updates!