1. Close Gaps in Situational Awareness. "Most enterprises are simply not aware of the totality of their network."
2. Focus First on Solving "Old" Issues--and Doing It Well "Software updating and patching is a good place for many organizations to begin making improvements."
3. Educate Your Workforce on Security--and Include Them in the Process "Target C-level executives and other VIPs for extensive education, as they are prime targets for phishing and social engineering schemes."
4. Understand That One Security Border Is No Longer Enough "Business is becoming 'borderless,' and so, too, is the network, which means there are multiple borders to protect... and they are constantly changing."
5. View Security as a Differentiator for Your Business "How an enterprise approaches security and responds to trends such as social networking and mobility can have a direct impact on its ability to hire and retain talent."
More and more reports are being published covering security issues caused by social networks and social media. Surprisingly enough these reports are coming or being sponsored by providers of security software ...
Nevertheless the challenge is there and the IT departmetn need to respond, Hopefully not by just blocking social software. This can't be the solution. Or did you block E-Mail after the first worms occured? So Cisco's recommendations are on the right path. Security solutions are the one side of the coin, education is the other side, perhaps even more important.
P.S. And it is still not only Social Media: I heard through the grapevine that yesterday a real big German company had problems and could not work on their computers caused by the current Microsoft security hole. Of course such stories will never get officially published. It is a rumor. Or as we say in German: "Wie wir aus gut unterrichteten Quellen erfahren haben ..."