Return to > Information security and privacy
Short address for this page:
Security of information systems and networks: managing cyber risks
Security is a fundamental requirement for Information Technologies (IT) to fully contribute to economic prosperity and social development. Since 1992, the OECD has been developing policy analysis and recommendations for governments and other stakeholders to better address security challenges in the digital environment from an economic and social perspective. The work spans the following areas:
OECD 2002 Security Guidelines Review
The OECD is reviewing its 2002 Guidelines for the Security of Information Systems and Networks through a broad consultation of stakeholders and a global cybersecurity dialogue [More].
National Cybersecurity Strategies
The comparison of a new generation of national cybersecurity strategies in 10 OECD countries reveals that cybersecurity policy making is at a turning point. Cybersecurity has been elevated among governmental policy priorities [More].
Critical Information Infrastructures Protection (CIIP)
The 2008 OECD Recommendation on the Protection of Critical Information Infrastructures (CIIP) provides a shared understanding of the concept of CIIP and policy recommendations at domestic and international level [More].
Malware & Botnets
Malware and botnets pose a serious threat to the Internet economy and to national security. The OECD has analysed this phenomenon as well as policies to address it, including the role of Internet Service Providers (ISPs) [More].
This work is carried out by the OECD Working Party for Information Security and Privacy (WPISP) for the Committee for Information, Computer and Communications Policy (ICCP).