Digital security is essential for trust in the digital age. In the digital environment we are all interdependent, and only as strong as the weakest link. Since the early 1990s the OECD has been facilitating international co-operation and developing policy analysis and recommendations in this area.
The OECD digital security policy framework is based on the 2015 OECD Recommendation on Digital Security Risk Management for Economic and Social Prosperity. It provides principles on how to address digital security without restricting the use, dynamic nature and openness of digital technologies and without inhibiting the potential of digital technologies to foster innovation. The Recommendation calls leaders and decision makers to integrate digital security risk management as part of their economic and social decision making rather than addressing it only as a technical matter.
Adopted in December 2019, the OECD Recommendation on Digital Security of Critical Activities sets out policy recommendations to ensure that policies targeting operators of critical activities focus on what is essential for the economy and society without imposing unnecessary burdens elsewhere. These recommendations support adherents in adapting their overarching policy framework, promoting and building trust-based partnerships, and improving co-operation at the international level.
The Recommendation updates and replaces the 2008 OECD Recommendation on the Protection of Critical Information Infrastructures, which was the first international legal instrument in this area.
Since late 2018, the OECD Global Forum on Digital Security for Prosperity offers an international multilateral setting for all stakeholder communities of experts to dialogue, share experiences and influence public policy making on digital security.