Social Media PODs for Security

Social Media PODs have been used on Instagram, Facebook, and Linkedin. Social PODs are a technique to “hack” algorithm which governs feeds. The Security-Social-POD’s goals are not as elaborate. The focus will be the expand our social media reach while having a group of like-minded security professionals focuses on specific security themes.

Our curated Linkedin, Facebook, Twitter, and other social media communities are our natural equivalent of a social community. But it is not a “POD.” A focused social POD (taken from Cetacea community groups) has a “POD focus.” That focus is not oriented toward “likes” or popularity. The focus is based on achieving specific goals. In the case of the Security-Social-POD, the goal is security awareness, security empowerment, and security action.

Will the Security-Social-POD “Game” the System?

No. The function of the Security-Social-POD is to leverage the tools within each social media application. Focused engagement by POD members opens to expand the post’s reach through the usual means in each social media tool.

Goals for the Security-Social-POD

We would focus on action and pulling people into the existing security efforts. The threat-vector consequences have resulted in global “cyber-security anxiety.” There are a lot of security activities where people have not spent the time to get into the background. The result is a “spinning wheel” effect.

  • Goal #1 is to plug people into the existing security activities which have been working on the problem for over a decade.

Our overall theme is through our posts and our comments in action. “Talking about security” does not help the community to be more security resilient. “The only way to know if a law is real is to use the law in a court of law” was something my partner Laina Raveendran Greene always drilled into me. In other words, an action “ask” is part of all our messaging.

“Have you deployed this security BCP? If not, here is a deployment guide.”

“Have you written your incident response process? If not, has a guide.”

“Attacked? Did you call Law Enforcement? Here are steps the NCFTA recommends to report a cybercrime effectively.”

“Presenting to the Board of Directors? You can use public data to illustrate the risk to your business.”


Over time, the POD would learn the most effective approaches to encourage action.

  • Goal #2 is to promote and encourage action. Provide examples, illustrations, references, and data to help individuals and organizations take security action.
Licensed under the Unsplash+ License

Each of our voices weighs the security community. The knowledge, experience, and wisdom can be more effectively shared through collective support. “Collective support” is where each member of the Security-Social-POD helps each other succeed. This can be as simple as editing, suggestions on materials, or encouragement to put words to thoughts, experiences, observations, and insights. Members of the POD would be like a dolphin POD, helping each to thrive in their communications and expressions.

Each member of the Security-Social-POD will aspire to craft one new blog, article, or document each bi-weekly. Some might work towards a weekly goal, but we all know the chaos in today’s security environment. It is best not to set the goal high when you know stormy seas are ahead.

  • Goal #3 for each member of the Security-Social-POD would find ways to work to empower others to succeed with their expressions promoting the POD’s goals.

Types of “Shares”

We don’t share the bluntest promotion materials whose sole function is to promote commercial interest. Our focus is action. That does mean we post new reports on malware, botnets, dos attacks, and other security breaches. While these are coming from a “company,” the focus in the dialog would be the action that can be taken to minimize risk, mitigate the threat, remediate the risk, then track back to take civil and criminal legal action.

The “promotional” materials will be a challenge. Members of the Security-Social-POD would most likely be part of a security organization that uses empowerment as a marketing tool. A webinar on how to best use threat-intel is empowering but also promotional. The brand, the marketing, the collection of leads, and the extras about the company’s product are all “promotional.” At the same time, the materials empower and inform.

Each member of the Security-Social-POD makes their own decision on the “likes” for shares that have a collateral benefit of promotion.

Suggestion Guidelines for Comments on Semi-Promotional Shares

Don’t cut down the materials. For example, if there is a detailed malware analysis white paper, don’t use the comments to correct the error. Invest in the Security-Social-POD with 1:1 conversations (i.e., pick up the phone and call).

Add additional links. When sharing to the Security-Social-POD, expect people to “add value” with new links to other information sources. There might be additional white papers from other sources if there is a new white paper on a topic. This might get tricky. We don’t want to post a white paper from a competitor as an “additional resource.”

Communication in the Security-Social-POD

We will use a private Linkedin Group for all our security-social-pod communications. We have way too many chat tools. A Private Linkedin Group is a common denominator and has proven to work in other Social Pod teams. Typical Social Pod Communications Flow would be:

  • Someone writes a post, blog, or significant comment on an article.
  • That is shared with the security-social-pod Linkedin group.
  • Everyone has 24 hours to jump in, like the submission, and add a comment.
  • Repost in other social media forums and tools. For example, a post on Linkedin can be Tweeted.
  • Ask one other person in your community to read, share, like, or post. The intention is as important as the “automated” social media tools.

When there is time to concentrate, a quick “like” will get the process started, and later the $.02 comment can be added.

Expectations & Principles for the Security-Social-POD

There are core principles and expectations we will follow with the Security-Social-POD. Our expectations and principles differ from “many likes” on Instagram Social PODs. Security-Social-POD focuses on communicating in a mode that promotes security action. We don’t have an immediate timeline. We are working with people worldwide in all the time zone. Plue, members of security-social-POD will be pulled into security incidents and investigations that suck up all the available time.

  • Like with 24 Hours. Security-Social-POD members are asked to like each other posts within 24 hours of the post.
  • Constructive Commentary. Commenting on a member’s post with additional information, counterpoints, and links to materials is encouraged within 48 hours. It is ok to be many days later. We aim to expand the social reach and add meaningful commentary promoting security awareness, empowerment, and action.
  • Going Dark. Let the POD know when you get pulled into a security investigation, incident, or other activity that consumes your time. It is expected in our community.
  • Please do not leech. Leeching is where you post, members of the POD promote, but then you don’t do your part to promote others. This is considered you are reaping the benefits of Security-Social-POD without giving back. Participation with a Like is just a few minutes.

Recommending New POD Members

Any existing members can propose new members. We seek members with a history of action, active participation in security organizations, and a long track record in the security space.

Definition: POD

päd. social media term

Originating from dolphins, a pod is a family of dolphins who live together to support one another. An Instagram POD is a group used to increase engagement on Instagram. PODs can range from 3-100 people. Users comment and like each other’s content to boost engagement on their posts. These groups can exist on Facebook or through an Instagram group (direct message thread). Rules vary according to POD but typically fall into three categories.

Category A – All users must comment on and like every post within 1 hour.

Category B – All users must comment on and like every post within 24 hours.

Category C – All users must comment on and like relevant posts whenever possible.


References for Social Media PODs

Yes, we have a reading list. The following links have advice on how to craft your social media post best to evoke the best responses. Some of the advice is from the author reaching for BCP tips with no data to support if these tips are practical. But you should still read through this growing list of reference articles and materials on Social Media & Engagement PODs.

Start with Quality Post

Linkedin, Medium, and other Social Media entities are pushing quality. Here are articles that provide excellent guides to writing your post effectively. Read through them now, practice, wait a month, then read through them again. Quality posts are not something that you “get” from day 1. They take time, practice, crafting, experimenting, and consistency.

Engagement & Social Media PODs

The Internet is a wealth of social media engagement advice. Just start searching on and checking out Youtube videos. Here is a list I’ve read at one time that will help you get started (if you are new):

New Ideas for the Security-Social-POD

Focused Hashtag. The #security-empowerment-pod hashtag can use a focused hashtag to promote the mission of the POD.

Are you looking for more practical, public-service Security Advice?

The materials and guides posted on here are designed to help organizations leverage the talent around them to get started with their security activities. Start with the Operator’s Security Toolkit and Meaningful Security Conversations with your Vendors. Each is no-nonsense security for all Operators. It provides details to help them build more security-resilient networks. In the meantime, stay connected to the Senki Community to get updates on new empowerment and security insights.