November 18, 2020

Embracing Risk: Not all social media threats are created equal

Paul Buckley by Paul Buckley

Widespread user adoption of social media has proven to present multifaceted challenges to organizations. Online channels can be used by disenfranchised customers, activist groups, and bad actors in ways that can potentially be harmful to organizations. Moreover, real-world threats that have the potential to pose physical or reputational risk to an organization can also be reported at an early stage by social media users. Forward-thinking organizations can be proactive about these threats by harnessing social data to manage risk.

“A one-size-fits-all approach to social media threat identification is rarely effective…”

A one-size-fits-all approach to social media threat identification is rarely effective, given the unique characteristics of organizations, their operating environments, their customer profiles, and their supply chains. In order to build effective defences, organizations must engage in continuous monitoring of online arenas, either directly or through the use of specialist tools. They should anticipate that different types of threats will emerge; some obvious, some less obvious; some with a direct brand impact, others indirect but with no less potential to impact the organization.

As Head of Social Media at an international airline for over eight years, I was responsible for interpreting and capturing social media threats, and working with various parts of the business (Corporate Security, Public Relations, Product, Operations etc.) to mitigate the risks presented. During this time, I utilised an array of social media management tools, one of which was samdesk, to ensure blanket coverage across as much of the social web as possible, and to minimise “blind spots” – social media posts that we were unaware of, but that had the potential to signify a threat.

“…social media users are your friends, not your enemies – they’re the ones that are giving you a first-person view of the situation on the ground.”

I established that all social media threats can be plotted on a chart with the level of potential risk on the X axis, and the ambiguity of the threat on the Y axis. The chart area can thus be divided into four quadrants, indicating discrete categories of threats to which organisations must be constantly alert.

Not all organizations approach social media in this way – indeed, social is seen by some to be a “necessary evil”, something of an annoyance that brands need to put up with or suppress. But to take this approach is to miss a fundamental benefit of social media, and one that media organisations have been much quicker to recognise than those in business. Brands that are serious about managing physical risks in order to maintain brand equity and customer loyalty can use social data to gain valuable time and intelligence when physical or environmental threats against the business emerge. In these situations, social media users are your friends, not your enemies – they’re the ones that are giving you a first-person view of the situation on the ground.

Classification of social media threats

1. Customer service and public relations (low risk, low ambiguity) 

Organizations are familiar with everyday social and online threats – dissatisfied customers, influencer critique, activist campaigning etc. These risks are readily identifiable – the organization’s social media accounts will quickly be tagged in these posts. Established customer service or PR processes are likely to be in place for dealing with these issues.

2. Direct threat (high risk, low ambiguity) 

Social media threats can sometimes warn of immediate danger to the organization, its people, assets, customers or partners. These risks are communicated via social media directly to the organisation by the originator of the threat. Examples include a threat to harm an employee by a disgruntled customer, or a bomb threat. They require rapid escalation and assessment, and decisive action to mitigate.  

3. Social listening (low risk, high ambiguity) 

Some threats are less obvious and less immediate – for example, a slowly emerging narrative of customer criticism, a steady rate of decline in the organization’s share of voice. This data needs to be collected and categorised over longer periods of time in order to identify patterns. The data can then be reported on internally to address shortcomings or drive performance. Social listening tools were some of the earliest social media management tools, and have more of an application in marketing or product development than they do in crisis response. 

4. Unforeseen crisis (high risk, high ambiguity) 

The final category is for threats that are unexpected and unusual, while potentially presenting significant risk to the organization. In these cases, it is not the social media posts themselves that represent the threat. Rather, the posts act as early indicators of the existence of a real-world threat. These threats can be described as “brand-adjacent”, meaning they do not directly reference the organization, but they still present material risk. Examples include:  

  • Reports of flooding and electrical fires following a storm – key parts of the organization’s supply chain are located in the region.  
  • Video showing a possible terrorist attack at a hotel – the hotel is hosting a conference that is being attended by the organization’s executives.  
  • Reports of police activity and evacuation at an airport – the company operates retail outlets at this location. 

Where Samdesk fits in the classification of social media threats

Given the obscure nature of these threats, risk and security managers would have historically relied on personal contacts and media reporting to be alerted to them. The reality is that, when confronted with a threat of this nature, first-hand participants rarely have the time or the wherewithal to report and escalate to managers that may well be unknown to them and based in a different country.   

“…turn risks into clearly defined strategies and even opportunities to build stronger brands.”

With the advent of tools like samdesk, organizations can use public social and online data to expose threats more rapidly than by simply relying on traditional media reports or internal escalations. In this way, organizations can gain valuable time in planning and executing responses. 

By taking a full quadrant approach organisations can not only be aware of social media-based risks but start to turn risks into clearly defined strategies and even opportunities to build stronger brands. Brands that are serious about managing physical risks are brands that will earn loyalty in an ever-competitive landscape.

Paul Buckley is a social media consultant and former Head of Social at a national airline.

By continuing to use this site you consent to the use of cookies in accordance with our cookie policy. Learn more