Digital economy

Digital Security Risk Management


Recently, large-scale digital security incidents with potential economic consequences have increased in frequency and sophistication, in a context where the digital environment has become essential to the functioning of the economy and a key enabler for growth, well-being and inclusiveness. To reap the benefits associated with the digital environment, stakeholders need to depart from approaching digital security risk solely from a technical perspective in isolation from broader economic and social considerations. It is urgent that they integrate digital security risk management in their economic and social decision making process. Public policy makers also need to ponder the complexity of digital security risk through its multiple dimensions from economic and social prosperity to law enforcement (“cybercrime”) to warfare to national security and international security. This OECD Recommendation and its companion document provide guidance for all stakeholders on these aspects.

The adoption of the Recommendation by the OECD Council in September 2015 was the successful result of a multi-stakeholder process initiated in 2012 by the OECD Working Party on Security and Privacy in the Digital Economy (SPDE) to review the 2002 Recommendation of the Council concerning Guidelines for the Security of Information Systems and Networks: Towards a Culture of Security.

The 2015 Recommendation is now complemented by the December 2019 OECD Recommendation on Digital Security of Critical Activities.

See also




Related Documents