ISACA Birmingham. Michael Kiefer General Manager [email protected] Agenda:. Who owns listening/auditing the Internet? How does the Internet Ecosystem effect on an organization? Who owns brand, revenue or reputation risk? Departmental risk opportunities
There are known known's. These are things we know that we know. There are known unknowns. That is to say, there are things that we know we don't know. But there are also unknown unknowns. There are things we don't know we don't know.
“Cyberspace is its own medium with its own rules. Cyberattacks, for instance, are enabled not through the generation of force but by the exploitation of the enemy’s vulnerabilities. Permanent effects are hard to produce. The medium is fraught with ambiguities about who attacked and why, about what they achieved and whether they can do so again. Something that works today may not work tomorrow (indeed, precisely because it did work today). Thus, deterrence and warfighting tenets established in other media do not necessarily translate reliably into cyberspace. Such tenets must be rethought. This monograph is an attempt to start this rethinking.”
Rand Report to USAF, 2009
By the end of 2010, criminals will routinely use the Internet to extort funds from organizations, threatening to damage their corporate reputation by ensuring that routine online search requests will return negative or even libelous results……
"If your business depends on a positive Internet reputation, then you have little choice than to explicitly manage that reputation online. The Internet is like a bad-news Petri dish; negative information multiplies and spreads with frightening speed and becomes virtually impossible to erase.“
2 New Blogs Created
2 Million e-mails Sent
7 PCs Sold
1,157 Videos Viewed on YouTube
7 People Logon For the First Time
11,000 Songs Shared
Who here is next?
I've recommended Dell computers for many years. But my confidence in them was shaken when I got a new laptop in Fall 2004, and I ended up in "Dell Hell"
Stella seeks support to shed ‘wife beater’ image
Complainant alleges that it owns federal common law trademark rights in the term xxxxx based on use in commerce in the United States and consumer recognition of the mark.
Complainant alleges that the disputed domain names <xxxxx.com> and <xxxxxonline.com> are identical or confusingly similar to its trademark.
Complainant contends that Respondent lacks rights or legitimate interests in the disputed domain names. Complainant indicates that Respondent has not been authorized to use its trademark in the disputed domain names, and that Respondent has not made any bona fide offer of goods or services under the trademark.
Complainant alleges that Respondent registered and has used the disputed domain names in bad faith. Complainant argues that Respondent has attempted to disrupt Complainant’s business by preventing Complainant from using the disputed domain names, and by directing providing “dead links” to Internet users that may falsely create the impression that Complainant is no longer sponsoring events. Complainant further argues that Respondent acted in bad faith because he transferred the disputed domain names from Complainant without its knowledge or consent, and at least initially hid his identity behind a privacy shield.
Enterprise Internet Governance
*mk estimate 2009 consumer products only
If $162,000 in cash was missing, would you investigate?
Teck Cominco, February 10th, 2009 market cap of $16B at $27+/share
(Diversified resource company committed to responsible mining and mineral development with major business units focused on copper, metallurgical coal, zinc, gold and energy)
Email Pump/Dump email scam linking to Yahoo! Finance
Falsified financials found on Yahoo Finance
US Health Science Summit Nov 2008
$3.3 Trillion WW spend
10% of all global prescriptions counterfeit
Internet “Threat Assessment” Result:
22,000+ infraction websites*
Cost to company estimated at $80M Net Sales Annually @ 70%+ margin
Action: Nothing - $4M to fix not in budget, channel issue and making number
The website http://www.dealbreaker.com/2007/01/merrill_lynch_super_model_sex.php is discussing a sex scandal that took place between a Merrill Lynch executive and a super model
Effective Action Plans are a combination of subject matter expertise with online intelligence.
we added 5% in top line revenue?
we moved the meter on customer satisfaction, would that make a difference and lower our call center costs?
our channels were clean and trusted, what would the ROI be?
an antitrust case was logged and how would it effect us?
we lost our reputation? (60% of market cap)
experienced a 10% market cap loss, what would we pay for that insurance?
Bottom Line: CEO’s and Boards are now INVOLVED, as MARKET VALUES are affected…NO ONE OWNS it!
Listen to the Internet continuously in host languages
Internet Data Mining capability
Understand & Embrace Social Media
Track Internet Linkages & Associations
24x7 Internet Incident Response
Relationships with the 4,000+ Global Internet Service Providers & Certs
Monitoring of your marks and messaging (IP and Images)
Global Enterprise visibility & workflow
Thank You and Questions?
“As blogs, message boards and social network sites continue to dominate the Internet culture, brand-monitoring services and security vendors must extend their technologies and services to cover these areas. Only Brandimensions and Cyveillance offer such services.”
Gartner, Notes on Brand Monitoring firms