Recently, large-scale digital security incidents with potential economic consequences have increased in frequency and sophistication, in a context where the digital environment has become essential to the functioning of the economy and a key enabler for growth, well-being and inclusiveness. To reap the benefits associated with the digital environment, stakeholders need to depart from approaching digital security risk solely from a technical perspective in isolation from broader economic and social considerations. It is urgent that they integrate digital security risk management in their economic and social decision making process. Public policy makers also need to ponder the complexity of digital security risk through its multiple dimensions from economic and social prosperity to law enforcement (“cybercrime”) to warfare to national security and international security.
This OECD Recommendation and its Companion Document provide guidance for all stakeholders on these aspects.
1/10/2015- CEOs and governments should treat digital security as an economic risk, says OECD
Digital security risk should be treated like an economic rather than a technical issue, and should be part of an organisation’s overall risk management and decision-making, according to a new OECD Recommendation to member countries. Press Release
Over three decades, the OECD has played an important role in promoting policies and instruments for innovation and trust in the digital economy. The adoption of this Recommendation by the OECD Council on 17 September 2015 is the successful result of a multi-stakeholder process initiated in 2012 by the OECD Working Party on Security and Privacy in the Digital Economy (SPDE) to review the 2002 Recommendation of the Council concerning Guidelines for the Security of Information Systems and Networks: Towards a Culture of Security. (Security Guidelines)