Dillinger
Guerrilla Ontologist
- Joined
- Sep 19, 2000
- Posts
- 26,152
I don't know how much interest many of you might have in this, but this directly relates to the work I do for a living so I thought I'd post it for those who might have some interest:
http://www.oecd.org/
The Organization for Economic Co-Operation and Development (OECD), a 30-nation consortium of governmental bodies from Europe, Asia and North
America, recently released a report that emphasizes the need for complete security awareness among governments, businesses and everyday users to protect the widest possible swath of information systems worldwide.
The "Guidelines for the Security of Information Systems and Networks" stresses the need to develop a "culture of security," and takes a dramatically different stance from the OECD guidelines released in 1992, the last time the organization published such a study. The report acknowledges that 10 years ago, "the secure design and use of networks and systems were too often an afterthought." This time, however, the OECD guidelines establish nine key priorities for accomplishing global information security. The U.S. State Department acknowledged in a statement that the report sheds "new international understanding of the need to safeguard the information systems on which we increasingly depend for our way of life."
By publishing this report, the OECD hopes to create a sense of urgency about network security, and encourage organizations, governments and businesses to adopt more cohesive security policies. The OECD is also trying to foster cooperation among countries to better fend off cybersecurity risks around the globe.
The OECD report's action items are: be aware of risks and safeguards, be responsible for the security of networks, respond to situations in a timely manner to prevent and/or respond to threats, respect the interests of others by acting or not acting, implement security in a way that's compatible in a democratic society, assess risks to adequately manage them, incorporate security as an essential network element, adopt a comprehensive approach to security management, and regularly reassess risks to keep up with new and changing vulnerabilities.
The guidelines are available in several languages:
English: http://www.oecd.org/pdf/M00033000/M00033182.pdf
French: http://webdev1.oecd.org/pdf/M00033000/M00033183.pdf
Spanish: http://webdev1.oecd.org/pdf/M00033000/M00033189.pdf
http://www.oecd.org/
The Organization for Economic Co-Operation and Development (OECD), a 30-nation consortium of governmental bodies from Europe, Asia and North
America, recently released a report that emphasizes the need for complete security awareness among governments, businesses and everyday users to protect the widest possible swath of information systems worldwide.
The "Guidelines for the Security of Information Systems and Networks" stresses the need to develop a "culture of security," and takes a dramatically different stance from the OECD guidelines released in 1992, the last time the organization published such a study. The report acknowledges that 10 years ago, "the secure design and use of networks and systems were too often an afterthought." This time, however, the OECD guidelines establish nine key priorities for accomplishing global information security. The U.S. State Department acknowledged in a statement that the report sheds "new international understanding of the need to safeguard the information systems on which we increasingly depend for our way of life."
By publishing this report, the OECD hopes to create a sense of urgency about network security, and encourage organizations, governments and businesses to adopt more cohesive security policies. The OECD is also trying to foster cooperation among countries to better fend off cybersecurity risks around the globe.
The OECD report's action items are: be aware of risks and safeguards, be responsible for the security of networks, respond to situations in a timely manner to prevent and/or respond to threats, respect the interests of others by acting or not acting, implement security in a way that's compatible in a democratic society, assess risks to adequately manage them, incorporate security as an essential network element, adopt a comprehensive approach to security management, and regularly reassess risks to keep up with new and changing vulnerabilities.
The guidelines are available in several languages:
English: http://www.oecd.org/pdf/M00033000/M00033182.pdf
French: http://webdev1.oecd.org/pdf/M00033000/M00033183.pdf
Spanish: http://webdev1.oecd.org/pdf/M00033000/M00033189.pdf
