SMEs-ETIs minimize cybersecurity risks
In the 5th edition of the QBE/OpinionWay barometer of the risk management of French SMEs and ETIs, intangible risks, including cyber risk, appear dead last in the typology of risks that concern managers.
On the occasion of the AMRAE 2022 meetings, from February 2 to 4 in Deauville, QBE published the results of its 5th barometer of the risk management of French SMEs and ETIs, carried out with the OpinionWay institute. A total of 300 managers and decision-makers affected by risk were interviewed between September and October 2021, in order to find out their perception of the various risks. Overall, the level of perceived risk has increased with the continuation of the health crisis, with 30% of respondents indicating an increase in risk compared to 20% in 2019.
The types of risks of concern to French SMEs and ETIs
Source: 5th QBE/OpinionWay barometer of the risk management of French SMEs and ETIs.
While human risks are at the top of the list of respondents’ concerns, cited by 79% of them, on the other hand intangible risks, including cyber risk, are at the back of the pack. Thus, only 30% of managers say they are concerned about these risks, which also include damage to reputation and health risks. Cyber-risks are however well identified among the leaders, who are 73% to perceive them (a stable proportion compared to 2020, which had seen a sharp increase).
Leaders who are very (too) confident in the face of cyberattacks
The survey also reveals that nearly half of organizations (46%) have deployed additional safeguards against cyber threats in the past year. These include employee awareness raising (85% of those surveyed) and software updates (76%). As a result, a majority of respondents (88%) seem confident in their ability to manage a cyberattack if it occurs, with only 16% believing that these risks require specific support. While cyberattacks are not weakening and are becoming more and more sophisticated, the real level of threat therefore appears to be underestimated by most SMEs and ETIs, often overwhelmed by other more concrete issues such as recruitment difficulties or work stoppages.
The responses also highlight persistent difficulties in risk management, with only 26% of managers considering themselves capable of fully managing their risks. The challenges relate in particular to the identification of risks (30%) as well as the implementation and monitoring of action plans (42%).