The rise of social media is nothing new to insurance carriers, most of which have social media strategies of varying sophistication in place to support their sales, marketing and customer service efforts. Yet many carriers worry about the new risks that social media exposes them to—strategic, business, regulatory, legal, market, reputational and brand risks.
Managing these risks is far from easy, given the constant growth in the number of social media platforms, the difficulties of foreseeing and quantifying the risks of social media, and how organizations are changing as digital natives join the workforce.
But if they are not effectively mitigated, these risks can lead to serious consequences such as fraud, loss of intellectual property, financial losses, privacy violations, and breaches of laws and regulations. Let’s look briefly at some of the risks that social media brings into the insurance carrier’s business.
Hacking: Cases of hackers representing themselves as organizations or companies have highlighted the potential of social media to be co-opted for the perpetration of fraud. This is often harder to deal with because information “goes viral” so quickly. For example, hackers posing on Twitter as the Associated Press posted a false story about a bombing at the White House which caused the Dow Jones Industrial Average to fall about 150 points in a matter of minutes.
Leakage of financial information and intellectual property: Privileged corporate information can be misused maliciously or for personal gain by people both inside and outside a company. It can also be shared accidentally. The salesperson who establishes LinkedIn relationships with customers doesn’t intend to disclose a valuable customer list, but in effect is doing so. In one case, spies working for a security consultancy were able to predict that a company would file for bankruptcy based on employee tweets about budget cuts and the fact that the vice president of operations was looking for a job on LinkedIn.
Financial loss due to malware: Users of social media platforms such as Facebook often send links to each other—links to videos, music and so forth. That makes it easy for hackers and spies to install rogue software on computers when people inadvertently click a bad link. Such malware can cause a variety of harm, including luring people into fraudulent transactions or using hidden software to steal data and personal information, as well as corporate information that might be on the computer.
Privacy violations: In some highly publicized cases, social media sites have experienced security breaches in which confidential user information was shared publicly. This might be the result of a sophisticated assault, or simply some previously undiscovered back door into a social media application. Another way that customer privacy can be violated is through “data scraping”—a method of tracking people’s activities online and gathering personal data from their use of social media and other online sites.
In my next few blog posts on this topic, I’ll look at how insurers can address the organizational vulnerabilities that underlie most social media risks. To learn more and download the full report: A Comprehensive Approach to Managing Social Media Risk and Compliance