Recently, large-scale digital security incidents with potential economic consequences have increased in frequency and sophistication, in a context where the digital environment has become essential to the functioning of the economy and a key enabler for growth, well-being and inclusiveness. To reap the benefits associated with the digital environment, stakeholders need to depart from approaching digital security risk solely from a technical perspective in isolation from broader economic and social considerations. It is urgent that they integrate digital security risk management in their economic and social decision making process. Public policy makers also need to ponder the complexity of digital security risk through its multiple dimensions from economic and social prosperity to law enforcement (“cybercrime”) to warfare to national security and international security. This OECD Recommendation and its companion document provide guidance for all stakeholders on these aspects.
The 2015 Recommendation is now complemented by the December 2019 OECD Recommendation on Digital Security of Critical Activities.