Big Data and Security: A Review of Social Media Risks and Insights for Indonesia

The paper situates social media security within rapid advances in internet and mobile technologies that have permeated daily life and enabled widespread use of applications for communication, commerce, and services. With the proliferation of smartphones and internet connectivity, social media platforms (e.g., Facebook, Instagram, Twitter, WhatsApp) have transformed information dissemination, creating both opportunities and risks. Indonesia exhibits high social media penetration (e.g., ~160 million users out of 272 million population), intensifying exposure to threats such as data misuse and breaches (e.g., the Cambridge Analytica incident affecting Indonesian users). Survey data indicate heavy internet use among younger generations, underscoring social media’s influence and vulnerability. Concurrently, governments’ increasing reliance on cloud computing raises security challenges involving third parties, data storage, and underdeveloped legal frameworks. Many data breaches stem from inadequate controls in both private and public institutions, and existing security frameworks tend to be reactive. Given this context, the study aims to understand existing social media security risks and mitigation approaches through a comprehensive literature review and bibliometric analysis, to derive insights and best practices for more effectively addressing social media security threats, with a focus on informing Indonesian government strategies and policies.

The review consolidates global evidence on social media security risks and policy responses. He (2012) highlights the breadth of social media risks and the importance of effective security policies. Empirical studies indicate social media vectors can be highly effective for malware and data theft (e.g., Jensen et al., 2017), with large numbers of malicious files targeting platforms like Twitter and Instagram (Prajapati & Gupta, 2021). Despite risks, many governments lack appropriate controls and policies for secure social media use (Bertot et al., 2012; Shafqat & Masood, 2016), and when policies exist, users frequently ignore or misunderstand them (Obar & Oeldorf-Hirsch, 2020; Masur & Scharkow, 2016; Herath & Rao, 2009a, 2009b). Related literatures on cloud computing and big data security expose vulnerabilities around privacy, trust, and governance (Paquette et al., 2010; Pearson & Benameur, 2010; Liu et al., 2014; Price & Cohen, 2019). In Indonesia, regulatory efforts such as Presidential Regulation No. 39 of 2019 on One Data Indonesia aim to improve data governance. Case-focused works explore blockchain for e-certificates and public sector data (Rahardja et al., 2021; Wibowo & Sandikapura, 2019), data mining and sentiment analysis for service insights (Karvana et al., 2019; Sari & Ruldeviyani, 2020; Sudira et al., 2019), hybrid cloud security (Aryotejo & Kristiyanto, 2018), and big data for policy-making (Pramana et al., 2017). Overall, the literature reveals a research and policy gap in comprehensive, proactive mitigation strategies tailored to Indonesian contexts.

The study employs a bibliometric analysis using Scopus as the primary data source and VOSviewer (version 1.6.17) for processing and visualization. Data retrieval occurred on November 26, 2022. Search terms included combinations of “Big Data Security” with “Social Media,” “Social Media Risks,” and “Indonesia,” covering 2006–2022 without language filters beyond English. Initial searches yielded: (1) 546 items for “Big Data Security” AND “Social Media”; (2) 83 items for “Big Data Security” AND “Social Media Risks”; and (3) 87 items for “Big Data Security” AND “Indonesia.” Document types encompassed articles, conference papers, reviews, book chapters, books, editorials, notes, and short surveys. Analysis types conducted in VOSviewer included co-authorship (countries, authors), co-occurrence (all keywords), citation (documents, sources), and bibliographic coupling (documents, sources, authors, countries). Data were exported as CSV from Scopus and then analyzed to map trends, prolific sources, subject areas, and thematic clusters relevant to social media risks and big data security, with a particular focus on Indonesia.

- Publication trends: Scopus data show a dynamic but generally increasing number of publications on data security and social media risks from 2006 to 2022, with notable growth post-2013. - Influential sources: Among top sources with highly cited documents are The Lancet (e.g., Costello et al., 2009; 1,583 citations) and JAMA (Weber et al., 2014; 252 citations). Other influential venues include IEEE Transactions on Parallel and Distributed Systems and Risk Analysis. - Geographic distribution: Top publishing countries are the United States (22 documents), China (9), India (8), United Kingdom (8), Australia (7), Finland (3), South Korea (3), Canada (2), Germany (2), and Greece (2). Indonesia’s output remains limited, indicating a research gap. - Document types and subject areas: For the subset analyzed, articles (≈29) and conference papers (≈25) dominate, followed by conference reviews (≈12), book chapters (≈6), reviews (≈6), books (≈2), and a few editorials/notes/short surveys. Computer Science leads subject areas (≈55 documents), with Social Sciences also contributing substantially. - Most-cited documents (topic influence): Costello et al. (2009) (1,583 citations), Weber et al. (2014) (252), Liu et al. (2014) (181), Muhammad et al. (2018) (53), and Choi & Lambert (2017) (48) frame critical concerns and methods in big data and risk analysis relevant to social media security. - Indonesia-focused thematic clusters (keyword co-occurrence across 87 documents): Eight clusters emerged: (1) social media analytics methods (classification, k-NN, Naïve Bayes, sentiment analysis, Instagram); (2) economics and network security (financial services, monitoring, sustainable development); (3) big data and social network analysis (commerce, deep learning, official statistics); (4) information governance (cloud computing, personal data protection, risk assessment); (5) AI/IoT and data management (data mining, decision-making, IoT); (6) fraud and predictive analytics (decision trees, machine learning approaches); (7) ML classification and text mining (SVMs, forecasting); (8) advanced analytics and blockchain (interoperability, Indonesia). - Emerging issues since ~2020 (overlay visualization): (a) financial services and data/network security; (b) economic risk assessment in social media markets; (c) intelligent systems for online media crime monitoring and information management; (d) IoT data security; (e) fraud detection and ML approaches for social media-related crimes. - Indonesian case insights (selected studies): GIS/tabular data at sub-district level may expose population data vulnerabilities (Buchori et al., 2017); blockchain can enhance e-certificate data security (Rahardja et al., 2021) and One Data governance for local tax big data (Wibowo & Sandikapura, 2019); data mining and churn prediction support banking retention strategies (Karvana et al., 2019); hybrid cloud deployment (open-source HCDM) can address cloud security issues (Aryotejo & Kristiyanto, 2018); big data sources can inform government policy and official statistics (Pramana et al., 2017); Naïve Bayes outperforms decision trees for Twitter sentiment on public transport (Sari & Ruldeviyani, 2020); social media sentiment on digital payments signals security and trust issues (Sudira et al., 2019). Overall, despite increased digital activity, few studies explicitly propose comprehensive mitigation strategies for social media data security in Indonesia. - Risk and policy gaps: Social media is an effective vector for malware/data theft; many governments lack robust, actionable social media security policies; when present, policies are often misunderstood or ignored by users. Indonesia’s regulatory push (e.g., One Data Indonesia) is promising but requires operationalized, sector-specific mitigations and user-centered interventions.

The study’s bibliometric mapping and literature synthesis address the central question of how to understand and mitigate social media security risks—particularly for Indonesia—within the broader big data ecosystem. Findings show robust global research activity but relatively limited Indonesian-focused work, revealing a gap between risk exposure (high social media penetration, heavy youth usage, rapid digitization) and the availability of locally tailored mitigation strategies and policies. The thematic clusters illuminate where Indonesia’s research is concentrated (e.g., analytics, blockchain, IoT, fraud detection) and where further development is needed (comprehensive governance frameworks, user behavior interventions, sector-specific controls). Evidence that social media is a potent attack vector, combined with the ineffectiveness or neglect of policies by users and institutions, underscores the need to complement technical measures with policy design, training, and behavioral incentives. For Indonesian stakeholders, operationalizing One Data Indonesia with privacy-by-design, standardized controls, and interoperable security architectures, along with capacity-building and public awareness, can bridge identified gaps. These insights provide a foundation for strategic planning by government, industry, and academia to reduce social media-related data security risks.

The paper consolidates fragmented discussions on social media security risks and big data by conducting a bibliometric analysis (2006–2022) and targeted literature synthesis, with emphasis on Indonesia. It finds: (1) growing but uneven research output; (2) concentrated contributions from a handful of countries and venues; (3) emerging themes around financial services security, IoT data protection, fraud detection, and analytics; and (4) persistent gaps in comprehensive, proactive mitigation strategies and effective policy implementation in Indonesia. The authors highlight the need to expand Indonesian research and translate insights into actionable policies to combat information theft and malware and to enhance user and institutional practices. Future research directions include: developing and evaluating government-wide social media security frameworks; integrating blockchain and privacy-preserving analytics into public data governance; designing user-centered interventions that improve policy comprehension and compliance; and sector-specific case studies that validate mitigation techniques in Indonesian contexts.

- Data source and coverage: The bibliometric analysis is limited to Scopus-indexed, primarily English-language documents retrieved on November 26, 2022; relevant works in other databases or languages may be omitted. - Search scope: Results depend on selected keywords (“Big Data Security,” “Social Media,” “Social Media Risks,” “Indonesia”) and timeframe (2006–2022), which may exclude pertinent studies using different terminology. - Visualization constraints: VOSviewer mapping emphasizes items with higher weights/relevance, potentially suppressing less-connected yet important works. - Evidence base: The review synthesizes secondary literature and bibliometrics without primary empirical testing of mitigation strategies in Indonesia, limiting causal inference and generalizability of recommendations.