The power of social media in building the security brand

mkhmarketing / Foter / CC BY

It seems like the ultimate paradox. Social media is where one shares. Security is for what one doesn’t want to share. Could the two ever meet?

They can, they do and they make a great partnership. Here’s how social media can help organizations build security into their brand.

Identify the social sentiment around security in the brand

Social media can be used to identify, understand and analyze the existing social sentiment around security in the brand, to answer questions like:

• What does the market perceive around the attention that the brand has paid towards security?
• Is the brand doing well in terms of advertising security capabilities and the overall security posture to the market?
• Have there been prior security experiences that are still fresh for the user population?
• Is security entirely overlooked by the brand?

Getting a quantified answer to such questions can provide valuable insights to framing security initiatives internally and externally in terms of impact to the public brand…and ROI.

Identify the need for security to enhance the brand

Would your brand benefit from a push in security? Or would it be perceived as an attempt to use FUD to drive sales? Social media can be used to identify social sentiment around:

• Customer perception around personal data in the product or service
• Market perception around the sensitivity of data aggregated by the product or service
• Questions raised around regulatory and other compliance requirements
• Chatter with regards to any recent geopolitical changes potentially impacting the brand

Understand the network effect around security in the brand

In economics and business, a network effect is the effect that one user of a good or service has on the value of that product to other people. When a network effect is present, the value of a product or service is dependent on the number of others using it. In the context of using social media to poll the security sentiment around the brand, some questions in this space could be:

• Could a growing community of security-minded users and the resulting “secure usage” of a product of service drive additional sales?
• Would it be helpful to solicit and nurture such a community in order to drive a focus on security?
• Are there specific areas, products, service levels or other categories that could drive the network effect around security?

Together, this can tell the organization where to focus its attention with regards to product-enhancement efforts and generating interest around security to drive future sales.

Analyze the ripple around security incidents

Incidents happen. Mitigation and forensics typically happen next. When the security incident happens somewhere “out in the wild”, social media gives the affected entities a great platform to talk about their experiences; both with the product or service in question; as well with the response team(s) concerned. The brevity of the social media communication often lets the world read between the characters and cascade the message in varying forms; and analyzing the “spread” and evolution of the message en route to it becoming a “social sentiment” can offer fascinating insights with regards to the market’s perception of security in the brand.

• Who first reported the incident?
• What was the original tone of the public communication?
• What is the current tone of the public communication?
• How quickly was the news picked up?
• Who has been key in carrying the message?
• Are there any off-product contextual parameters that contributed to the perceived severity of the incident?

Adequate security incident response is key to supporting the customer base today. Timely responses and ‘getting in front of the surge’ preserves the brand in most cases when it comes to security event.

Communicate a unified message around security

A key requirement related to security incident management, as well as maintaining a cohesive posture around security in the brand; is to have a single point of publication relating to formal security messaging from internal teams. Social media can be actively used to ensure that this unified messaging channel from the organization gets the right amount of visibility so that the unauthorized derivative messaging does not pollute the truth. Using social media as a part of unified outbound security messaging could focus on the following:

• Which web properties are driving the most security-related messaging and audience?
• Are there specific niche forums that need to be considered from a security messaging perspective?
• Are there specific pockets of users that need one-one-one communication?

Identify influencers with regards to security

Influencers are prime property in the universe of social media. These are those who can steer conversations and create a tone for the public sentiment. Ensuring that the right influencers have the right security message from the product is key to building security in the brand. To the end, top considerations are:

• Who are the influencers related to the brand?
• What is their track record related to the brand?
• Has security been a consistent message from this inflencer?
• Is it a lack of information that is driving the concern around security with the influencer community?

Identifying influencers may offer the biggest benefits around building security into the brand.

Identify events and entities to carry the security message

In my opinion, Black Hat is the new RSA, DefCon is the new Black Hat, and B-Sides is the new DefCon…giving RSA the opportunity to reinvent itself in 2015.

Identifying the right influencers and the right gathering of influencers and the overall security community at events like these is critical to building security in the brand – both by way of drawing from the themes of these events, learning from the presentations…and recruiting to build the security team along the right path.

Social media and security is a great partnership, and in our world of news breaking over Twitter and citizen journalism over media-sharing social sites; it may be the best way to deliver an effective branding message around security.