Social media is being embraced by individuals and companies in all industries and internally across all company silos. Whether companies are adapting to or embracing new media correctly is up for discussion what is not however is the ever increasing use of this new media which is gradually becoming more integrated in today’s business communication processes.

So we are all, the business and individual, starting to leverage the many benefits of being connected to the masses in this new form. However, there are also other not so positive aspects to this connectivity; whilst minimal they must not be discarded.

  • Anything that connects or congregates the masses has a certain element of risk and this risk must be managed. We can see this quite clearly in airports, train stations, sports stadiums, etc. In these physical spaces we can see that security is implemented to counter act the probable risks.  In these situations we can see how the officials at these physical spaces (airports,…), take these security precautions on our behalf and for the overall integrity of the environment.
  • As individuals this security is comforting, even though we may complain about long queues, etc. we understand that it is necessary. However, we also know that this security is not all inclusive. When we are in crowded areas, even though official security exists, we are always more conscious of our vulnerabilities. For the same reason we take certain precautions in order to protect ourselves. Such precautions could include making sure our bags are closed, that are wallets are in our inside jacket pockets and difficult to access. My wife, for example, will wear specific hand bags which she wears closer to her person.
  • In addition, if we see posters like “Beware of pickpocketers” we are even more cautious, this makes us recheck our personal security protocol: our wallets, money, passports, etc. and we do this almost sub consciously.

So we know that there are inherent risks in crowded areas and generally speaking we act accordingly and if we are additionally warned we will become even more cautious.

So, why then do we congregate through social media without taking any precautions? And why do we not pay any attention to the security warnings? I know that all IT security companies, including my own Panda Security, are trying to get those “posters” everywhere they can but apparently it is proving to be an uphill battle.

I am no anthropologist but I have a theory as to why this happens, and like all theories I cannot prove it and I don’t claim that it is right, it’s just my theory…in which I think the following 3 factors are part of the problem: environment, pain (cause and effect) and social fabric.

Before I go into each point above I would also mention that there is an obvious variable in this equation and that is the novelty of the threat. It is all so relatively new, we still have not been affected enough to internalize the situation as we have with other threats so I believe there is a learning curve here in which we must mature and the socialization of this information is key. However, that being said I still feel there are other factors which are not so tangible and they are as follows:


  • Physical: In the physical crowd we are more cautious in unfamiliar spaces. This is a basic defense mechanism in which we constantly look for the known and when we do not find it we know that there is a variable of risk. The risk variable causes uncertainty and influences our actions, as such we take precautions.
  • Virtual: We congregate in our virtual worlds (networks, communities) whilst, obviously, being physically in our safe, familiar physical contexts, such as our homes or work places. As such we do not perceive the danger associated with our virtual surroundings, it gives us a false sense of security.

Pain (cause and effect):

  • I  am outside my knowledge area here, however I will try. In the physical world if you get pick pocketed this would be a horrendous ordeal for the person involved. I would imagine that this creates a feeling of personal vulnerability and sense of violation. This has never happened to me; however it is pretty clear in my mind that there are serious consequences if I am not careful. You can visualize the consequences and as such internalize what could happen.
  • In the virtual world, however, it all seems to be a lot of harmless clicks. You cannot visualize the actual attack as it is all a lot of 101110011001. Also we do not associate The negative consequences, and believe me they exist, with our actions. Our PC runs slower, Internet connection is slower, PC blocks completely. At a business level, mail servers running slow, staff complaining about IT problems etc. However, we do not have that same clear cause and effect as we mentioned in the real world, it is obviously annoying what is happening but…. these things happen, …after all its IT, right?

Trust / Social Fabric:

  • It has been seen at least in virtual gaming worlds that gamers have an instinct to trust.  The attitude of gamers in virtual online worlds is to trust and share resources and challenges with unknown strangers. I am sure this can be extrapolated to nearly all virtual networks. Personally I am more trusting in a virtual environment due to the two points mentioned before, I do not perceive danger and I see so negative consequences that could be associated with my actions.
  • I have no doubt that the socialization of these real risks will have a direct impact on the points mentioned above but it seems that progress is slow. This is a huge challenge for the entire online community as a whole and this is my small contribution to an improved understanding of the risks that are out there.

So the take away here is be informed of the risks, be aware and take the necessary precautions. This is not rocket science by the way; there are very simple steps to take which can reduce the risk dramatically.

To get informed I would recommend that you sign up to a security feed which gives updated information about IT security issues and good practical examples on what you should do to protect yourself and data. There are plenty of excellent blogs and sites out there that are endeavoring to socialize this information. I can share the ones I use.