This is a summary of Gray's presentation on social media risk, delivered at the Global Risk Network Forum in New York on 12 June 2012.

Comparing the agenda of this event to that of the Florence meeting in 2007, it is clear that the world is very different. Five years ago we discussed models to identify building vulnerability, and now we are dedicating a significant amount of time to discuss a subject, social media, that has only really existed for the past two years.

Five or six hundred years ago the edges of maps were marked “Here be dragons.” There lived monsters conjured in the minds of mariners. Returning to a theme from a previous blog post, the social web, by which I mean the combined external social networks – Facebook and Twitter – and internal collaborative platforms – like Yammer and Connections, is often viewed in a similar way: an unexplored area where lethal dangers await.

There are huge advantages to be gained by engaging on the social web, but this engagement comes with risk. In general, I see three sources of social media risk:

1. The ‘Avatar Effect’ – “The merging of the fantasy world and real world.” -- such as staff send personal messages from official accounts, which can damage an organization’s reputation. Although the impact of posting inappropriate content can be significant, nimble organizations can turn an adverse event into a coup. Read about the positive Red Cross example here;
2. Some people are crazy: you can connect with people on social networks that are malicious, disturbed and who have no sense of scale. For example, beginning in December 2011, the Government of Sweden has given a citizen control of the @Sweden twitter account, to promote tourism. All was well until one of the account owners began to post controversial material; and
3. People doing stupid things: this is the source of almost all social media disasters. BBC Editors provide sound advice on how to combat this in paragraph 1.a of the BBC News social media guidance: “Don’t do anything stupid.”; This advice is so elegant, it can be recast it as Social Web Rule #1.

What is interesting is that all three risks involve people, which means that the ways of controlling them will be people-centered.

How Can One Control The Risks?

Implement a social media policy.

Social media policies tend to take two forms:

1. The Ten Commandments approach, characterized by a series of “Thou shall not’s”; and
2. The opposite.

Ideally a social media policy (214 examples here) should provide staff with the guidance, tools and support to identify and manage risks; here are some additional must-haves. You should also give some thought about how to deal with the co-mingling of private and official data. For example, how would your firm treat a departing staff member’s LinkedIn contacts? Who owns them?

Staff Training

Do not just train staff on social media risk management in a formal setting, but offer fora for staff to share experience to encourage informal learning. An essential element of both formal and informal learning approaches will be to sensitize staff with how to write on social networks and how to tell compelling stories, as the lack of staff familiarity with these skills is a major inhibitor to effective staff engagement. To be successful, executive and senior staff must set the example.

Don’t fear the dragons ...

As I wrote before:

Casting a social media shadow by exposing your thoughts and ideas to scrutiny is anxiety producing, both for the organization and staff members. However, the potential benefits far outweigh the risks. We cannot be sure what we will encounter during our journey to integrate the social web into the work environment, but like the explorers of old, we can be sure that the monsters we imagined are far worse than the ones we actually face.

_______________

This post was taken from Brian Gray's blog, Buridansblog. For more of Gray's posts visit http://buridansblog.wordpress.com/. Gray will be presenting at the Continuity Insights New York conference, October 29-30, 2012, on the topic of The Rise of Social Media in Emergency Management. For more information go to http://www.continuitynewyork.com.