Corporate use of social media as a marketing engine is expected to rise significantly in the coming year, but most small and midsize businesses are unprepared for the associated risks and exposures, a recent survey concludes.
Fifty-three percent of senior financial executives surveyed in September by Chicago-based Grant Thornton L.L.P. and Morristown, New Jersey-based Financial Executives Research Foundation Inc. said they expect social media to become more prevalent in corporate marketing strategies over the next 12 months, and 68 percent said social media will be a critical or important component of marketing efforts going forward.
At the same time, the survey—which polled 141 senior executives at primarily small and mid-market businesses—indicated risk management and compliance efforts are far behind implementation of social media as a corporate tool. More than three quarters (76 percent) of the executives surveyed admitted their company doesn't have a formalized policy regarding employee use of social media, and 61 percent have not developed an incident management plan designed to address fraud, privacy breaches and other potentially devastating liability exposures.
The speed with which social media has grown in the last five years caught many executives by surprise," said co-author and Grant Thornton Managing Director Jan Hertzberg last month in a joint statement accompanying the study. "Social media is here to stay. Far-sighted companies that establish ground rules for using social media, monitor compliance and implement governance structures to support its adoption and integration will reap benefits over the long-term."
Aside from publishing-related risks such as defamation, libel and copyright infringement, and anti-competitive behaviors such as false advertising and disparagement of a competitor's product, companies using social media as a marketing tool can find themselves exposed to fraud, theft of sensitive data and other cyber security risks, according to the survey's authors.
Yet, 22 percent executives surveyed don't believe corporate use of social media is appreciably risky, the survey said.
"Management often thinks of breaches as stemming from lost laptops or hacking events. These are usually brought to someone's attention immediately after the event," Mark Sullivan, forensic and litigation services principal at Grant Thornton, said in the statement. "Social media allows for small disclosures over a period of time that, when taken in aggregate, could run afoul of applicable regulations."
Only 27 percent of executives surveyed said their company regularly reviews its social media content, and only 21 percent said their company trains its employees to recognize and report fraudulent activity. For the companies whose executives said they do have a formal fraud/privacy breach management plan, oversight of those responsibilities was split among general counsel (24 percent), corporate security (19 percent), human resources (14 percent) and IT departments (14 percent).
"Social media cuts across many areas of a company (such as HR, marketing, communications and legal, among others)," FERF Senior Research Associate Thomas Thompson Jr. said in the joint statement. "Therefore any policy surrounding it should be the result of a multidisciplinary approach."