The picture changed somewhat when the same group was asked to rank the three risks that are of most concern to their organisation.

Reputation damage through social media fell to third with 42%, just below theft of customer information that registered with 43% of respondents. Top however, up from fourth for business in general, is the threat of operational IT risks with 52%.

For their own organisations 38% of risk professionals cited malicious interference with IT systems as one of the top three risks, 25% theft of intellectual property by electronic methods and 21% loss of information through social media.

According to Ferma the results highlight the ‘significant risk’ that social media can pose to an organisation’s reputation and ability to protect confidential information.

Speaking at a workshop on the risk of the virtual world at the 2011 Ferma Risk Forum held in Stockholm, Michel Dennery, the federation’s vice president, said: “The Web 2.0 tools (social media tools) expose us to a lot of risk. We have to take care of the really valuable information, the information that we use to make money, the information that gives us competitive advantage. It needs much more protection today because the environment is much more open.”

“At the same time, the new tools also offer a lot of opportunities in greater sharing of information. We can use them to communicate with suppliers, shareholders and other stakeholders. They can also help us break down internal silos,” added Mr Dennery, who is also Deputy Chief Risk Officer at GDF Suez, the French utility group.

He welcomed the active involvement of risk managers in dealing with exposure from cyber risks and social media. Mr Dennery also argued that part of the risk manager’s role will be to communicate with other functions, such as legal and human resources, which the survey indicated are not often involved with such risks, and bring their insight into the risk management process.

According to the survey risk managers are widely involved in managing cyber risks in addition to IT security, with over 80% of the respondents confirming that role.

However in the organisations under survey, only 20% of legal and company secretarial take part in its management. This compares with just 14% of public relations professionals, 6% of human resources professionals and just 4% from investor relations.

“Companies have to learn how to live in this new environment where information is available immediately anywhere, where private and professional life is merging, and where the balance of authority is shifting. Influential cities have always been located on important communication nodes. The web provides a global and worldwide open city where companies must take risks for developing their business and preserving their know-how,” concluded Mr Dennery.

In response to additional questions to Ferma members, one third said they had already been concerned by a denigration attack. One quarter of the 98 respondents said their company had suffered an attack on confidential information.

The survey also found that 65% of organisations have a policy for their employees on the use of social media or are in the process of implementing one (14%).

Most organisations, 53%, either map their cyber risks or are in the process of doing so (31%).

The responses came from a wide variety of industries, including telecoms, transport, energy, banking and transport, and many European countries, with the largest number from the UK.

Please sign up here to our full-time mailing list to ensure that you receive our weekly newsletter.

• More FERMA News
• More Risk Management News