Social Media In Government: Managing The Risks - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Government // Leadership
04:31 PM

Social Media In Government: Managing The Risks

Government CISOs have an added layer of responsibilities in balancing the pros and cons of social media in their organizations.

10 Breakthrough DARPA Technologies
10 Breakthrough DARPA Technologies
(click image for larger view and for slideshow)
There is no debating the significance of social media to the online world as we know it today. Twitter, Facebook and the numerous other social media platforms have transformed everything from marketing and brand reputation to communicating official government information.

Although it might seem like a "no-brainer" to fully embrace and accept social media within an enterprise, government chief information security officers (CISOs) and other leaders are grappling with an additional layer of pros and cons in allowing social media platforms within their organizations.

Whereas private industry is typically accountable to a specific group of clients or stockholders, government CISOs are public servants responsible for protecting the information of military veterans, taxpayers and every national citizen. If government systems are compromised, the effect is not solely an embarrassment or loss of revenue. Individual lives can be negatively affected by crimes such as identify theft, and citizens and businesses might be unable to obtain critical government services for grants or patents or the acquisition of records.

Thus, government CISOs need to understand the intended business use of social media and evaluate and clearly convey the associated security and privacy risks. But they also must provide leadership and guidance, keeping other decision-makers properly informed to ensure any intended adoption of social media is both controlled and secure.

[ Spam is a government problem, too. Read Social Spam Invades The Enterprise. ]

Similarly to the origins of the Internet, when the Defense Advanced Research Projects Agency (DARPA) first conceived it, the initial concept and platform for social media was never intended to be used to the extent it is today. As noted in an MIT Sloan Management Review interview, "tools for social business were originally created for consumers." Issues surrounding the business needs, administration and security of social media are still being debated by agency leaders.

Lured by cost savings and other benefits, CISOs wanting to implement social media use within their agency or department must first define the intended purpose -- whether it is for individual employee use, official department or agency communications, or both. The actual business must be the driver for the adoption of a social media platform, as this need will drive the baseline policy, the corresponding security controls, and the acceptable level of risk based on the associated value.

One of a CISO's most critical responsibilities is to ensure that other decision-makers are well-informed of various security risks and can weigh those risks against the promise of better productivity. Here are the five key areas you should monitor for social media:

1. FISMA and other regulatory compliance

Social media is subject to the Federal Information Security Management Act (FISMA) when used to process, store or transmit federal government information. In a June 2011 Government Accountability Office (GAO) Report, the GAO identified challenges in agencies' use of social media relating to records management, privacy and security. Many cloud service providers also have social media components that fall within the scope of the Federal Risk and Authorization Management Program (FedRAMP). Access to and use of social media platforms directly affects compliance with these federal regulations and programs.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Chuck Brooks
Chuck Brooks,
User Rank: Author
11/13/2013 | 10:26:43 PM
re: Social Media In Government: Managing The Risks
Social media is being used more and more for customer service at federal agencies. As Nikk mentioned, it is very useful in emergency situations and natural disasters. I see from my own experience that many government executives are visible and active on Linked In. Although there are cybersecurity concerns, it is a good thing that government is becoming more transparent and involved via social media platforms.
User Rank: Author
11/7/2013 | 11:32:00 PM
re: Social Media In Government: Managing The Risks
There are many innovative examples of agencies using social media. One of the great resources is GSA's Digital Gov blog. Go to:
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Becoming a Self-Taught Cybersecurity Pro
Jessica Davis, Senior Editor, Enterprise Apps,  6/9/2021
Ancestry's DevOps Strategy to Control Its CI/CD Pipeline
Joao-Pierre S. Ruth, Senior Writer,  6/4/2021
IT Leadership: 10 Ways to Unleash Enterprise Innovation
Lisa Morgan, Freelance Writer,  6/8/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll