Could Social Media Flub Cost Your Company $4.3 Million? HINT: Not an Interns Job!

What can a social media mistake cost your company in fines, litigation, or loss of customer trust? A new survey reveals some interesting data points.

Participation in social media cost major corporations an average of $4.3 million, according to a survey focused on the public relations disasters, lawsuits, security breaches, and other risks.

Sponsored by Symantec, the survey of enterprises with 1,000 or more employees was performed by the market research firm Applied Research and shows that IT organizations have many worries about the risks of social media–and that they have reason to worry.

Just about every firm surveyed reported suffering some sort of negative consequences related to social media. Since the survey only looked at the negative side of things, that does not necessarily mean the net impact was negative. That is, the survey didn’t ask about additional sales or other benefits coming through social media channels. However, it does show social media participation has some downsides that need to be contained.

The costs break down like this:

— 28% reported damage to brand reputation or loss of customer trust. The average estimated cost of that damage: $638,496.

— 27% reported loss of organization, customer, or employee data. Average cost: $184,714.

— 25% reported lost revenue. Average loss: $619,360.

— 22% reported compliance costs. Average cost: $204,079.

— 21% said they had experienced direct financial cost. Average cost: $641,993.

— 18% said they had been assessed regulatory fines. Average fine: $167,850.

— 17% reported data collection costs related to legal action. Average cost: $149,643.

— 16% said they had reported a reduced stock price. Average reduction: $1,038,401.

— 15% reported litigation costs related to social media. Average cost: $650,361.

Litigation costs and damage to stock market value had the greatest financial impact, but were suffered by fewer companies. The $4.3 million overall damage estimate is an aggregate figure, calculated based on how many firms reported each category of cost times the frequency with which it was reported.

Regardless of the risks, most enterprises recognize that participation in social media is both valuable and essentially unavoidable, Symantec director of product marketing Sean Regan said in an interview. A couple of years ago, some conservative firms were trying to close the door on social media, but today “companies that were saying that are starting to be embarrassed about it,” he said. “You could make the argument that social media has become the Internet,” given the extent to which social media widgets are turning up on other websites, he said, “so the only way to block social media is to block the Internet.”

Symantec sponsored the study because it beginning to play in the market for social media archiving, a regulatory and risk management necessity in industries like financial services. In May, Symantec announced the acquisition of acquisition of e-discovery specialist Clearwell Systems, and it is preparing to release Enterprise Vault 10, the latest release of its archiving and data discovery platform. One of the features of that release will be integrated archiving and discovery of social media and instant messaging data, which Symantec is accomplishing through partnerships with compliance data retention specialists like Actiance, CommonDesk, Globanet, Hanzo, and Socialware.

The business risks survey respondents were most worried about included:

— Employees sharing too much information (46%)

— Loss/exposure of confidential information (41%)

— Embarrassment/damage to brand/reputation (40%)

— Increased exposure to litigation (37%)

— Malware (37%)

— Violating regulatory rules (36%)

The biggest IT concerns included:

— Compliance with government/commercial data protection regs (45%)

— Compliance with information retention policies (45%)

— Management of eDiscovery (37%)

To address those risks, the tactics most (80% or more) of the survey participants said they planned:

— Social media policy (87%)

— Employee training (86%)

— Processes to capture confidential/proprietary data (85%)

— Data loss protection (85%)

— Technology to manage data (84%)

— Collect/archive sensitive information (82%)

But when it comes to how many have actually implemented those plans, the numbers are more modest:

— Social media policy (24%)

— Employee training (22%)

— Processes to capture confidential/proprietary data (21%)

— Data loss protection (21%)

— Technology to manage data (20%)

— Collect/archive sensitive information (18%)