The security implications of the Facebook era.
Everyone’s familiar with the mapping of the genome, but you may not have heard about a more ambitious effort to map what scientists are calling the connectome, defined as a graphic representation of the brain’s synaptic connections. Such a microscopic roadmap, scientists say, might reveal not just inherited traits but also likes and dislikes; it may even give clues to future behavior.
It will likely be years before such a detailed grid of our personality is within reach, if it can ever be compiled, but there are already many ways in which social scientists are trying to map and predict human behavior based on macro connections—using our social networks. Though there may be some scary implications to all this, it is yielding many interesting security applications.
These efforts are facilitated by the proliferation of Web sites that emphasize personal connections. Through these venues, people voluntarily provide a wealth of data points about their own social interactions. As an example of how that information can be used, at least one company, Social Intelligence Corp., has a service where it offers to help clients weed out undesirable job candidates (and monitor current employees) by analyzing their social graph using only public information.
Not every effort is tied to the Web, however. Harvard social scientists Nicholas Christakis and James Fowler are looking into how social networks in the real world can be used to predict the spread of everything from the flu to radical terrorist ideologies. A key point they make is that officials trying to track the spread of disease or terrorist ideas must do more than find affected persons; they need to understand how connected each affected person is. Just knowing that there are X number of H1N1 infections reported to the Centers for Disease Control and Prevention, for example, is not as indicative of the risk of further infection as knowing whether the infected subjects are those with many social connections or few. The distinction can allow scientists to spot a pandemic weeks earlier, they say.
Even without life or death implications, social network interactions can be important. In an office, we all know how a few disgruntled employees can infect the culture with negativity. But that peer-level influence goes both ways, and it could be enlisted to facilitate the rollout of new programs. For example, the security program might have a better chance of being accepted if the security manager reaches out to individuals who are influential and respected within the rank-and-file social networks, bringing them in as early adopters and testers of the system to get their support.
It is said that this decade will be the Facebook era. As it unfolds, security professionals should keep an eye out for more security implications and applications.