Return to > Information security and privacy
Short address for this page:
Security is a fundamental requirement for Information Technologies (IT) to fully contribute to economic prosperity and social development. Since 1992, the OECD has been developing policy analysis and recommendations for governments and other stakeholders to better address security challenges in the digital environment from an economic and social perspective. The work spans the following areas:
The OECD is revising its 2002 Guidelines for the Security of Information Systems and Networks [More].
The comparison of a new generation of national cybersecurity strategies in 10 OECD countries reveals that cybersecurity policy making is at a turning point. Cybersecurity has been elevated among governmental policy priorities [More].
The 2008 OECD Recommendation on the Protection of Critical Information Infrastructures (CIIP) provides a shared understanding of the concept of CIIP and policy recommendations at domestic and international level [More].
Malware and botnets pose a serious threat to the Internet economy and to national security. The OECD has analysed this phenomenon as well as policies to address it, including the role of Internet Service Providers (ISPs) [More].
Latest news and reports
The OECD is revising its 2002 Security Guidelines: following a 1 year multistakeholder consultation of experts, the OECD agreed in December 2013 to revise its 2002 Recommendation on the Security of Information Systems and Networks: Towards a Culture of security
Improving the Evidence Base for Information Security and Privacy Policies: Understanding the Opportunities and Challenges related to Measuring Information Security, Privacy and the Protection of Children Online
A Secure Internet as an Engine of Economic Growth. remarks by Angel Gurría, OECD Secretary-General, at the EU Cybersecurity and Digital Crimes Forum.
Key security documents
This work is carried out by the OECD Working Party for Information Security and Privacy (WPISP) for the Committee for Information, Computer and Communications Policy (ICCP).