France, a robust European economy, faces stronger and more complex cybersecurity challenges now than ever before.
The war in Ukraine, the COVID-19 pandemic, and the global recession are not helping matters as cybersecurity threat actors become more emboldened and ruthless.
Learn everything about cybersecurity in France in this in-depth statistics piece.
9 Key France Cybersecurity Statistics (Editor’s Pick)
- In Q3 2021, France accounted for 3% of blocked malicious URLs globally.
- In 2021, 90.5% of French companies experienced a web or mobile application attack.
- France accounted for 2.49% of the global initial access brokers attacks in Q1 2022.
- French companies spent approximately $2.03 million to fix ransomware attack damages in 2021.
- 70.8% of French companies expected a successful cyberattack in 2021-2022.
- 49% of French firms experienced a cyber attack in 2021.
- 52% of French organizations had cybersecurity insurance in 2021.
- French cyber insurance firms paid out €164 million in cyber insurance claims in 2021.
- In 2022, 60% of French cyber security start-ups were in Paris.
Infographic
General France Cybersecurity Statistics
1. France was the third last country in cloud-based security and services application deployment in 2021.
32.3% of French firms invested in cloud-based security services deployment, only higher than Germany (31.3%) and China (30.9%) in a survey of 17 countries.
2. Cybersecurity was the second most crucial business risk to French companies.
According to a 2022 study, 48% of French companies felt that their most significant business risk was cybersecurity, down from 50% in 2021.
The table below summarizes French companies’ top five business risks in 2022.
Business Risk | % of Risk |
---|---|
Business interruptions | 51% |
Cyber incidence | 48% |
Natural catastrophe | 28% |
Fire/explosion | 23% |
Change in legislation | 18% |
3. 48% of French Boards of Directors (BOD) were most worried about cybersecurity’s impact on their business’ valuation.
According to a 2022 report, another 44% of French BODs were concerned about significant downtimes due to cybersecurity threats, while 45% were concerned about disruptions to operations. A further 45% were more concerned about reputational damage.
4. In 2021, 25.4% of France's internet traffic was generated by bad bots.
In comparison, good bots accounted for 7.1%, while the human traffic share was 67.5%.
5. In Q3 2021, France accounted for 3% of blocked malicious URLs globally.
The US had the highest malicious blocked URL rate (26.8%), followed by Germany (20%), Canada (8.7%), and the United Kingdom (7.2%).
6. France was the second most cyber-ready country in 2021.
In a survey of 8 major global cyber countries, France emerged second in cybersecurity readiness with a 3.10 cyber score, only behind Germany at 3.13.
7. In 2021, France launched a new cybersecurity center in Paris.
The 20,000 square meter cybersecurity space belonged to 60 French cybersecurity players.
France Cybersecurity Market Statistics
8. The French cybersecurity market was expected to grow at a 6% Compound Annual Growth Rate (CAGR) between 2022 and 2027.
9. In 2022, the French cybersecurity market was dominated by 5 international cybersecurity players.
The top French cybersecurity players in 2022 were IBM Corporation, Cisco Systems Inc, Dell Technologies inc, Fortinet inc, and Intel Security (Intel Corporation).
France Cybersecurity Demographic Statistics
10. In 2021, 90.5% of French companies experienced a web or mobile application attack.
The table below summarizes the share of companies in the top five countries affected by mobile or web application attacks in 2021.
Country | % of Mobile or Web Application Attacks |
---|---|
Spain | 98% |
China | 98% |
Japan | 95.9% |
Canada | 94% |
Colombia | 93.9% |
11. French companies were the 6th most cyber-attacked across 17 countries surveyed in 2021.
89.3% of French companies experienced at least one successful cyber attack in the reporting period. That compared to 93.9% of Colombian and 93.7% of Turkish companies, the highest two.
12. France was the 4th most affected European country by stalkerware in 2021.
410 French nationals were affected by stalkerware, putting the country behind the UK (430), Italy (611), and Germany (1012).
13. France accounted for 3.71% of global ransomware attacks In Q1 2022.
In Q2 2022, France’s share of global ransomware attacks rose to 4.62%, and 6.11% in Q3 2022.
14. France accounted for 2.49% of the global initial access brokers attacks in Q1 2022.
In Q2 2022, France’s initial access broker attack share rose to 4.88% but dropped to 3.47% in Q3 2022.
15. France was the 3rd most targeted country globally by Account Takeovers (ATOs) in 2021.
The US was the most targeted, followed by Singapore, France, Puerto Rico, Chile, and Germany.
16. In July 2021, France's cyber threat detections accounted for 14.7% of global cyber threat detections.
This rose to 18.2% in August, and 19.5% in September, before declining to 14.4% in October 2021.
France Ransomware Statistics
17. 64.9% of French companies in 19 sectors suffered a ransomware attack between 2020-2021.
This figure was higher than ransomware attacks on Italian (64.0%), Canadian (63.3%), and Australian (63.0%) firms. However, it was lower than ransomware attacks on Chinese (89.6%), South African (82.0%), and American (81.6%) firms in the reporting period.
18. French companies spent approximately $2.03 million to fix ransomware attack damages in 2021.
This figure was higher than the $1.1 million average in 2021, representing an 83% increase in spending.
19. 62% of French firms paid a ransom after a ransomware attack in 2022.
That was 3% lower than the 65% of French firms that paid a ransom in 2021.
20. The average ransomware payment made by mid-sized French companies in 2021 was $297,011.
This was lower than the average ransomware payments made by Japanese ($4,327,024) and Dutch companies ($2,010,366) in the reporting period.
Country | Average Ransomware Payment |
---|---|
Japan | $4,327,024 |
The Netherlands | $2,010,366 |
The Philippines | $1,617,533 |
Israel | $1,347,405 |
India | $1,198,475 |
21. In 2021, cybercriminals encrypted the victim's data in 74% of ransomware attacks on mid-sized French organizations.
In contrast, India experienced 80% encryption rates (the highest) from ransomware attacks, followed by the Czech Republic (79%), Australia (79%), and Poland (78%).
22. In Q2 2021, France accounted for 9.37% of ransomware detections in the EMEA (European, Middle East, and Africa) region.
That was compared to the 9% detection rate in Q3 2021.
23. France experienced over 75 ransomware attacks between May 2021 and June 2022.
In a report that analyzed 623 ransomware attacks globally, the US suffered over 112 ransomware attacks, Germany had 96 incidents, and Italy recorded just under 75 attacks.
24. 73% of mid-sized French companies experienced ransomware attacks in 2021.
A study of ransomware attacks on mid-sized organizations across 31 countries found the highest number of ransomware attacks were on Austrian (84%), Australian (80%), Malaysian (79%), and Indian (78%) companies.
25. 19% of French companies across selected 14 sectors experienced a ransomware attack in 2022.
In comparison, 14% of these companies experienced a ransomware attack in 2021.
France Cyber Attack Statistics
26. Financial gain was the primary motivation for cybersecurity attacks in 2022.
A study of 35 French cybersecurity incidences confirmed that 51% of cyber attacks were motivated by financial gains (ransomware). A further 32% of attacks were preparations for a second cyber attack, and 9% were due to internal threats and voluntary malevolence.
27. Phishing was the main entry point for 51% of cyberattacks on French firms in 2022.
The table below summarizes cyber attackers’ entry points to French firms between 2021-2022.
Main Entry Point for Cyberattackers | % of Cyberattacks |
---|---|
Stolen credentials (phishing, brute force attack) | 51% |
Website vulnerabilities | 38% |
Remote access platform | 14% |
28. 52% of French firms experienced cyber-attacks in 2022.
This is compared to 49% of French firms (across 14 sectors) in the same shoes in 2021.
29. 70.8% of French companies expected a successful cyberattack in 2021-2022.
This was dwarfed by 87.8% of Japanese and 85.4% of Canadian firms who believed they might be compromised in the same timeframe. More optimistic countries like Turkey (38.0%) and Brazil (55.9%) posted lower cyberattack expectations in 2022.
30. 49% of French firms experienced a cyber attack in 2021.
In comparison, 34% experienced a cyber attack in 2020.
31. 46% of cyberattacks on French firms in 2022 were detected by employees, users, and businesses.
36% were detected by cybersecurity tools and services, 14% by law enforcement, and 3% by third parties, partners & the media.
The table below contains data showing French cybersecurity attack detections in 2022, 2021, and 2020.
Detection Source | 2022 | 2021 | 2020 |
---|---|---|---|
Employees, users, businesses | 46% | 64% | 57% |
Cybersecurity tools | 36% | 26% | 24% |
Law enforcement | 14% | 5% | 0% |
Media, partners, third parties | 3% | 5% | 0% |
32. In 2021, 33% of French companies experienced 1-3 cyberattacks.
In contrast, 12% of companies experienced between 4-9 cyber attacks, 5% experienced 10-14 cyberattacks, and 7% experienced more than 15 cyberattacks.
33. 41% of French companies believed cyber-attacks increased between December 2020 and January 2021.
While 51% believed the number of cyber attacks had remained the same, 8% felt they had reduced in the reporting period.
34. 70% of French companies experienced phishing attacks in 2021.
This was followed by vulnerability exploitation (53%) and president fraud at 38%.
France Cybersecurity Insurance Statistics
35. 27% of French firms had a stand-alone cyber insurance cover in 2021.
This compared to 23% of French companies with stand-alone cyber insurance in 2020.
36. In 2022, cyber insurance uptake by French firms across different sectors grew to 61%.
That was compared to the 57% cyber insurance uptake in 2021.
37. 52% of French organizations had cybersecurity insurance in 2021.
Another 32% of French organizations had cyber insurance policies containing exclusions/exceptions.
38. French cyber insurance companies in 2021 earned €185.4 million in premiums.
This figure represented a €55.4 million increase from the €130 million insurance premium earned by French cyber insurance firms in 2020.
39. French cyber insurance firms paid out €164 million in cyber insurance claims in 2021.
This was lower than the €217 million payouts in 2020, representing a €53 million reduction in claim payments.
40. The loss ratio of French cyber insurance firms was 88% in 2021.
In comparison, the loss of cyber insurance firms was 84% in 2019 and 167% in 2020.
41. By 2021, 25% of French companies with cyber insurance had submitted claims after a cyber attack.
15% of French companies that submitted cybersecurity claims in that period were satisfied with the process. In comparison, 12% felt that the process was complicated.
42. Only 5% of surveyed French firms in 2022 were in the “Expert” cyber maturity level.
70% of these firms (the majority) were in the “intermediate” cyber maturity level, while 25% were in the “novice” category.
France Cybersecurity Start-ups Statistics
43. French cybersecurity start-ups raised €630 million between June 2021 and June 2022.
Ledger, the only French cybersecurity unicorn at the time, fundraised €330 million, followed by GitGuardian and Zama with €40 million apiece.
The table summarizes the top five French cybersecurity start-ups by the amount of fundraising between June 2020 and 2021.
Cybersecurity Start-up | Fundraised Amount (€) |
---|---|
Ledger | 330 million |
GitGuardian | 40 million |
ZAMA | 40 million |
DIDOMI | 34 million |
yousign | 30 million |
44. In 2022, 166 cybersecurity start-ups were operating in France.
This was 16 more than the 150 cybersecurity start-ups in France in 2021.
45. Only 39% of French cybersecurity start-ups created new security solutions in 2022.
Likewise, 57% fully incorporated their Research and Development (R&D) regime. Further data showed that 22% of French start-ups were in contact with research partners, while only 16% were in touch with the private sector.
46. In 2022, 24 French cybersecurity start-ups scaled up.
Of these, there were 11 new start-up scale-ups. Notable mentions in 2022 included Ledger, the first French cybersecurity unicorn, and Ubble, which Checkout, the British payment solution firm, bought out.
47. French cyber security start-ups with less than 10 employees increased by 5% in 2022.
Cybersecurity start-ups with 10-20 employees also increased by 28%, while medium start-ups with more than 20 employees reduced by 15%.
48. In 2022, 60% of French cyber security start-ups were in Paris.
Other French cities which hosted cybersecurity start-ups included Renees, Bordeaux, Lyon, Toulouse, Montpelier, and Vannes.
France Cybersecurity Financial Statistics
49. French firms allocated the least of their IT budgets to information security in 2021.
French firms allocated the least (10.7%) of their IT budgets to information security. In contrast, Brazilian and Turkish firms spent 15.6% and 15.3% of their IT budgets on information security.
50. French companies in selected industries expected to increase their cybersecurity budgets by 5% in 2022.
In comparison, Brazilian firms expected a 6.7% increment, followed by Turkey (6.5%). The bottom spenders, Germany, Canada, and Italy, planned to increase their cybersecurity budgets by 3.2%, 3.7%, and 3.7%, respectively.
51. 19% of surveyed French companies in 2021 paid a ransom demand.
In comparison, 21% of US and German firms paid a ransom demand in the reporting period.
The table below summarizes the percentage of ransom paid by companies in different countries in 2021.
Country | % of Ransom Paid by Companies |
---|---|
Belgium | 8% |
France | 19% |
Germany | 21% |
Ireland | 6% |
Netherlands | 6% |
Spain | 7% |
The UK | 12% |
The US | 21% |
52. French firms spent nearly a quarter of their IT budgets on cybersecurity.
In 2022, surveyed French firms in selected sectors spent 22% of their IT budgets on cybersecurity. This represented a 2% increase from the 20% these firms allocated to cybersecurity in 2021.
53. In 2021, the median cost of cyber attacks on select surveyed sectors of the French economy was $18,000.
This reduced to $17,000 in 2022.
The table below summarizes the median cyber attack cost for a select group of countries in 2022.
Country | Median Cyber Attack Cost |
---|---|
Belgium | $10,000 |
France | $17,000 |
Germany | $21,000 |
Ireland | $17,000 |
The Netherlands | $18,000 |
Eliminate Cyberthreats in France
Even though the number and sophistication of cyber threat actors are growing by the day, the mighty French are not taking things lying down.
The French government, private firms, and citizens are fighting cyber threats and rapidly bolstering their cybersecurity defenses.
It is important to note that cybersecurity concerns are not localized in France but are a problem to the global economy and human way of life. To better understand this thorny issue, read our comprehensive 200+ cybersecurity statistics.
- Hiscox Cyber Readiness Report 2021.pdf (hiscoxgroup.com)
- 22054 – Hiscox Cyber Readiness Report 2022-EN_0.pdf (hiscoxgroup.com)
- France Cybersecurity Market Analysis – Industry Report – Trends, Size & Share (mordorintelligence.com)
- White-Paper-Acronis-Cyber-Threats-Report-2022-EN-US.pdf
- ENISA Threat Landscape for Ransomware Attacks — ENISA (europa.eu)
- Sophos-state-of-ransomware-2022-wp.pdf
- Cyber attacks reported by French companies 2021 | Statista
- https://www.statista.com/statistics/1074437/internet-cyber-attacks-french-enterprises/
- Concerns global BOD have on cybersecurity by country 2022 | Statista
- Common cyber attacks in France by type 2021 | Statista
- Cyber insurance: premiums earned in France 2021 | Statista
- Cyber insurance: claims paid in France 2021 | Statista
- Cyber insurance: loss ratio in France 2021 | Statista
- Insurance claims after cyber attack France 2021 | Statista
- CyberEdge-2021-CDR-Report-v10–ISC2-Edition.ashx
- https://www.wavestone.com/app/uploads/2016/06/Wavestone_Radar-des-start-ups-cyber-2022_EN.pdf
- Guide d’utilisation (wavestone.com)
- EN_The-State-of-Stalkerware-2021.pdf (kasperskycontenthub.com)
- Q3 Ransomware and Network Access Report – KELA (ke-la.com)