Risk Managers Concerned About Reputation Risk from Social Media

Do you know what your employees, customers and competitors are saying about your company online via social media networks?

Most companies don't and that's starting to cause headaches for risk professionals.

A recent survey by the Federation of European Risk Management Associations and the Institute of Risk Management (IRM) asked risk professionals which three cyber risks they thought were the greatest threats to their own organization and to business, in general.

For business, in general:


Respondents ranked social media alongside non-malicious operational IT risks, theft of customer information and malicious interference with IT systems as the greatest cyber threats to business. Reputation risk from social media was cited as a material risk by nearly 50 percent of respondents and loss of confidential information through social media by 20 percent.

In terms of exposures to their own organizations, the emphasis shifted somewhat:


More than half put operational, non-malicious IT risks among the top three, followed by 43 percent theft of customer information (43 percent) and social media risks (42 percent). 21 percent said they were concerned about loss of confidential information through social media.

In other findings:


Most organizations have a policy for their employees on the use of social media (65 percent) or are in the process of implementing one (14 percent).


More than half (53 percent) map their cyber risks; about one-third (31 percent) are in the process of doing so.


More than 80 percent of the risk managers polled said they are involved in managing cyber risks in addition to IT security. However, other departments are significantly less involved: legal and company secretarial take part in less than 20 percent; public relations, 14 percent; human resources less than 6 percent ; and investor relations, just 4 percent.

"The Web 2.0 tools expose us to a lot of risk. We have to take care of the really valuable information, the information that we use to make money, the information that gives us competitive advantage. It needs much more protection today because the environment is much more open," FERMA Vice-President Michel Dennery said. "Companies have to learn how to live in this new environment where information is available immediately anywhere, where private and professional life is merging, and where the balance of authority is shifting. Influential cities have always been located on important communication nodes. The Web provides a global and worldwide open city where companies must take risks for developing their business and preserving their know-how."