Digital Security Risk Management
Recently, large-scale digital security incidents with potential economic consequences have increased in frequency and sophistication, in a context where the digital environment has become essential to the functioning of the economy and a key enabler for growth, well-being and inclusiveness. To reap the benefits associated with the digital environment, stakeholders need to depart from approaching digital security risk solely from a technical perspective in isolation from broader economic and social considerations. It is urgent that they integrate digital security risk management in their economic and social decision making process. Public policy makers also need to ponder the complexity of digital security risk through its multiple dimensions from economic and social prosperity to law enforcement (“cybercrime”) to warfare to national security and international security.
The document “Digital Security Risk Management for Economic and Social Prosperity” provide guidance and OECD Recommendation for all stakeholders on these aspects. (download here OECD Recommendation and its Companion Document ) (*)
The Recommendation calls on the highest level of leadership in government and in public and private organisations to adopt an approach to digital security risk management that builds trust and takes advantage of the open digital environment for economic and social prosperity. This approach is reflected in a coherent framework of eight interrelated, interdependent and complementary high-level Principles.
(*) OECD (2015), Digital Security Risk Management for Economic and Social Prosperity: OECD Recommendation and Companion Document, OECD Publishing, Paris. DOI: http://dx.doi.org/10.1787/9789264245471-en ; All requests for public or commercial use and translation rights should be submitted to email@example.com. Requests for permission to photocopy portions of this material for public or commercial use shall be addressed directly to the Copyright Clearance Center (CCC) at firstname.lastname@example.org or the Centre français d’exploitation du droit de copie (CFC) at email@example.com.