A Practical Social Media Incident Runbook
ABSTRACT: Enterprise business strategy often includes the use of third party social media services such as Facebook, Twitter, LinkedIn, and Youtube to establish brand reputation, relay information, and solicit customers. These social media services now represent new security risks for organizations and a valuable target for attackers. Responsible organizations use pre-established incident handling procedures for data breaches, phishing attacks, and DDOS attacks but may not have a social media incident runbook. Each of the six phases of the incident handling process can be analyzed from the perspective of a social media security incident and used to construct a runbook. Like other security incident runbooks, when a social media incident runbook has been specifically tailored to the organization's environment it will be a critical guide to deal with future social media security incidents.
View the entire white paper at SANS.ORG