Managing : Digital Security and Privacy

The rapidly evolving digital economy, related innovation and emerging technologies present substantial opportunities for economic growth and enhanced societal benefit. To flourish, the digital economy requires effective digital security risk management and protection of privacy. However, digital incidents and threats to economic and social activities continue to grow in number and sophistication, with significant consequences. Public and private organisations, including those supporting critical infrastructures may suffer disruption of operations, direct financial loss, liabilities, damaged reputation, loss of competitiveness or of trust. Unauthorized access, destruction, use, modification or disclosure of personal data may also impact and violate individuals’ privacy. With the ever more extensive large-scale collection and analysis of data, more attention must be given to addressing possible unanticipated and undesirable uses of personal data.

"Digital security and privacy protection have become public policy priorities in an increasingly digital and data-dependent economy and society. A key challenge for governments, businesses and individuals is to reduce these risks to  increase trust without inhibiting the opportunities offered by the digital economy."

Digital security risk has traditionally been approached as a technical problem but the changing nature and scale of digital security incidents is driving countries to re-evaluate their strategies and policies. In recent years, many governments and stakeholders have emphasised the importance of considering digital security risk as a strategic economic issue for organisations which needs to be addressed at the highest level of corporate governance, as recommended by the OECD Recommendation on Digital Security Risk Management for Economic and Social Prosperity.

Managing Digital Security and Privacy Risk, a background report for the June 2016 OECD Ministerial on the Digital Economy, discusses how increased connectivity and data-driven innovation have brought about significant economic and social opportunities while changing the scale and scope of digital security and privacy challenges. These developments highlight the need for an evolution in policies and practices to build and maintain trust in the digital economy. Building on key messages of the OECD Digital Security Risk Recommendation and the OECD Privacy Guidelines, the report articulates why an approach grounded in risk management is essential to ensure that measures are appropriate to and commensurate with the risk. It also examines what further work is needed to understand how public policy can work jointly with private sector to overcome barriers and address the special challenges faced by small and medium enterprises (SMEs).

For instance India has developed national digital security strategies, but not robustly designed to manage digital security risk to support economic and social prosperity.To optimize the economic and social benefits anticipated from an open digital environment, leaders and decisions makers should not treat digital security risk solely as a technical issue but adopt an economic and social risk management approach. Broad adoption of such an approach will require multi stakeholder, interdisciplinary and international co-operation. Sharing of best practices and of robust evidence will facilitate the development of policies and their implementation.

Which has left some key questions for 2018/19 that needs to be answered :

  • Q1: How can national digital security strategies best foster economic and social prosperity?
  • Q2: How can co-operation across all sectors and stakeholders, including at the international level, facilitate the adoption and implementation of digital security risk management approaches for economic and social prosperity?
  • Q3: What steps can be taken to help SMEs effectively manage digital security risk and protect privacy?
  • Q4: How can synergies between digital security and privacy risk policies at national and international levels best be leveraged?
  • Q5: How should privacy strategies be developed to respond to personal data protection challenges in a data-driven economy and society?
  • Q6: What economic and social benefits have been derived from national digital security strategies and what lessons can be learned for national privacy strategies?

These were more and less same set of questions that were held by OECD at Ministerial Meeting in Mexico ca ~2016. The answers of these question may prove hindrance for developing nations ,which has boarded the digital bandwagon and are not willing to take a stab on this. However this is a question to SMe on ethics than compliance in digital era.

Risk management Data Security Privacy risk Digital Security GDPR

About the author

Rakesh Jha

Data & Information - Privacy Engineering


FIP CIPP/E RAKESH JHA FIP CIPP Co-Founder of Privacy Virtuoso Advisory GDPR, PIPEDA, HIPAA and ISO27001

Read my other blogs


Leave a Comment: