Skip Links

Why security should monitor social media to prevent violence

Behavior on social media can offer clues to potential threats of violence against an organization and its employees.

By David Geer, CSO
February 18, 2014 11:51 AM ET

CSO - The lone actor

As everyone knows, lone actors such as active shooters and bombers target public places like schools, malls and movie theaters and public events like speaking engagements. In many cases, threats of violence posted to social media precede these attacks.

With this in mind, CSOs and CISOs should consider complementing security measures with social media monitoring and response efforts designed to address the potential that lone actors will carry out threats of violence against the enterprise or any of its employees.

Posted threats and enterprise responsibility

Authorities have uncovered strange and threatening behaviors that lone actors have exhibited on social media prior to acts of violence such as mass murders. Jared Lee Loughner, the man who killed six and injured thirteen including U.S. Representative Gabrielle Giffords in Tucson, Arizona on January 8, 2011 is a clear example.

After the shooting, news media reported that police found more than a hundred disturbing gaming forum posts from 2010 at the Earth Empires Massive Multiplayer Online game site (beware graphic language) and half a dozen bizarre YouTube videos that Loughner authored prior the attack (these are still posted on YouTube).

According to numerous media reports, Loughner's shocking posts included statements such as, "I know how to cut a body open and eat you for more then [sic] a week." He also posted about feeling aggression "24/7." Mental health issues and previous threats give credence to concerns over future violent acts, according to W. Scott Lewis, J.D., President, NaBITA (The National Behavioral Intervention Team Association).

Certainly, not everyone whose Internet communications are continually bizarre and violent is going to target people with bombings and shootings. But given the current environment and the frequency of loan shooter and bomber incidents, no enterprise wants to miss a case of social media threats against its people, or catch one and fail to act on it.

In all this, the CISO's role is to assess the risk from threats of violence that people post to social media, to communicate that to executive management and to help decide what the risk tolerance is for the company, says Dennis Devlin, CISO, SAVANTURE. Then, the enterprise must create and institute policies and programs to make sure that it carries out the executive management's intent.

Enterprise social response

The enterprise has several tools at its disposal in case of threats of violence on social media. The enterprise should monitor social media to uncover threats. Monitoring social media for threats of violence includes sentiment and keyword monitoring using social media monitoring tools such as Hootsuite, according to Max Goldberg, Social Media Expert, Shmedia Media. Hootsuite enables users to create streams of keywords and phrases to monitor and follow.

Similar to how typical social media management governs outbound content, the enterprise can monitor inbound content, according to Goldberg. Applications such as Bottlenose and SocialMention also use search-based filtering techniques to monitor social media and are useful for spotting threats of violence. Google and Google Alerts www.google.com/alerts are also useful for social media monitoring.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News