Following the Cambridge Analytica scandal, Facebook had to reassure their users that their personal data was being protected. The social media platform had to recreate its image and rebuild consumer trust by reconfiguring its cybersecurity procedures. Facebook began by
- Conducting audits on and investigations of all applications that had access to large amounts of information prior to changing the platform policies in 2014.
- Complying with the European Union’s new data privacy regulations known as GDPR.
- Filing for two patents: dynamic eye-tracking calibration and techniques for emotion detection and content delivery.
The third joint remedy suggests that Facebook is looking to create eye-tracking technology to improve cybersecurity measures with devices that can track eye movement and emotions. The company has denied that it has taken any further steps toward implementing eye-tracking technology, but it holds the patents to do so.
Although the Cambridge Analytica scandal was more serious than most cyberattacks, it was only one of many. Social media has become a hotbed for cybercriminals given the rising popularity of social media platforms. It came as a surprise to many that high-profile security breaches were more common than most would have thought. What should we take away from this?
Cybersecurity is more important now than ever before.
Attackers are drawn to social media channels because they are cost effective and cybercriminals can easily create fraudulent accounts that spread malicious content efficiently and at an unprecedented scale. Scams on social media skyrocketed by 150 percent across Facebook, Twitter, Instagram, and LinkedIn in 2016, and that number is likely to continue to climb.
In the 21st century, information has become a new currency. People are constantly giving away their privacy rights on social media sites, at time without even being aware. Following the Cambridge Analytica scandal, people should be paying more attention to what they are agreeing to share when they sign up or log into an account. For example, according to Facebook’s Statement of Rights and Responsibilities, any photos and videos shared by other users remain on the site after you deactivate the account – most individuals are likely unaware of that.
As social media continues to take advantage of mobile devices and location-based services, the potential for privacy and security threats increase. Users should be aware that most smartphones are automatically collecting their location-based data, and social media apps tend to be the heaviest consumers of this personal data.
Without the guidance of fine-tuned legislation and privacy laws, social media services have a lot of leeway for how they use this data. In multiple instances people have been targeted by thieves or stalkers due to geo-location data that was automatically shared by their social media apps.
For now, user beware.
Various forms of cyberattacks are growing in numbers and complexity, making it evident that security should be a top priority for all companies, not just Facebook. Companies need to invest in better security engineering efforts, which Facebook CEO Mark Zuckerberg claimed to be one of their top priorities, along with creating specific teams to focus on building security rather than building products.
In order to do this, companies need to create a framework for security policies, standards, and guidelines that prevent data loss and proactively manage data and governance. Once implemented, data can be monitored for key risk indicators (KRIs) and key performance indicators (KPIs) that evaluate what is working for the company. Artificial intelligence and machine learning technologies are growing and can help detect cyber threats. Facebook and other social media networks should also start complying with industry security standards.
That said, users still play a role in allowing cybercriminals to gain access to their personal data. If users continue to misunderstand their privacy settings and choose to publicly post personal information cybercriminals can use their data to launch targeted emails containing malware links. Social media sites can be a great way to stay connected to outside world, but it is important for people to keep their privacy shades drawn at an appropriate level.
As technology continues to evolve at a fast pace, risks of cyberattacks will increase. Businesses are unable to keep up with the pace of technology, and we have no permanent solution to stop cybercriminals from attempting to hack into company servers. With threats becoming more complex, now is the time for companies to invest in cybersecurity in the age of digitalization.