oecd review of surveys on the digital security risk
play

OECD REVIEW OF SURVEYS ON THE DIGITAL SECURITY RISK MANAGEMENT - PowerPoint PPT Presentation

Nov 22, 2022 •125 likes •258 views

OECD REVIEW OF SURVEYS ON THE DIGITAL SECURITY RISK MANAGEMENT PRACTICES OF BUSINESSES Benjamin C. Dean OECD Expert Workshop on Improving the Measurement of Digital Security Incidents and Risk Management Swiss Re Centre for Global Dialogue.

  1. OECD REVIEW OF SURVEYS ON THE DIGITAL SECURITY RISK MANAGEMENT PRACTICES OF BUSINESSES Benjamin C. Dean OECD Expert Workshop on Improving the Measurement of Digital Security Incidents and Risk Management Swiss Re Centre for Global Dialogue. Switzerland 13 May 2017

  2. Agenda • Overview of OECD project • Findings of Phase 1 report • Key methodological issues – Epistemological – Conceptual – Definitions, taxonomies • Looking ahead

  3. Our map of ‘cyberspace’ is incomplete

  4. Overview of OECD project • Goals – Establish a measurement framework – Improve the evaluation of policies – Improve digital security risk management practices – Learn from failures and successes – Promote adoption of good practice • In response to calls from the: – 2016 OECD Ministerial Declaration on the Digital Economy (“ Cancún Declaration”) – 2015 OECD Council Recommendation on Digital Security Risk Management for Economic and Social Prosperity (“OECD Security Risk Recommendation”)

  5. Overview of OECD project Phase Aims of phase Phase 1 • Reviews 14 surveys • Examines challenges to terminology and measurement • Compares some data • Decides on measurement priorities • Aims to achieve consensus on a measurement framework Phase 2 Deliver a priority list of core indicators and a questionnaire Phase 3 Validate the core indicators either through existing data collections or a separate stand-alone pilot survey

  6. Draft framework for survey analysis Based on ‘2015 OECD Security Risk Framework’ 1. Risk awareness, risk management skills and governance 2. Risk assessment practices 3. Incident impact evaluation 4. Risk reduction practices 5. Risk transfer practices Each has a set of 3-5 objects based on past surveys

  7. Section 1: Stocktaking exercise 14 surveys covered • 9 ’official’ surveys: – Australia, Canada, Eurostat, Korea, OECD, UK, US (3: DoJ, FBI & NCSA) • 5 ‘non - official’ surveys: – France (2: AIF & CGEPME), FERMA, Ponemon, ICSPA

  8. Section 2: Trends across surveys • Challenges in comparing different: – Concepts, taxonomies, definitions – Survey populations – Countries – Methodological quality – Years • Emphasis placed on surveys with results broken-down by enterprise size

  9. Key methodological issues • Epistemological : what can we ‘know’ and measure empirically? • Definitions, taxonomies : what are the components? • Conceptual : what are the components and how do they relate to one another?

  10. Key methodological issues: Epistemology • Philosophy of science • Deductive vs inductive • Limits to inferences from inductive methods

  11. Key methodological issues: Definitions and taxonomies Definitions: – Enterprise size, sample population – Digital security – Incidents Taxonomies – Incidents – Technical and governance measures – Skills and training

  12. Key methodological issues: Conceptual 1. Overall: Threat Vulnerability Incident Impact 2. Economic impacts: costs vs losses 3. Incident types vs. incident impacts

  13. Section 3: Looking ahead Key questions to answer • What are the goals of the stakeholders (policymakers, insurers, businesses)? • Which definitions can/should be standardised? • How to reconcile different conceptual frameworks? • Who is the ideal respondent? • Other indicator-specific issues …

Recommend

OECD STUDY ON SUPPORTING AN EFFECTIVE CYBER INSURANCE MARKET Leigh Wolfrom, Policy Analyst,

OECD STUDY ON SUPPORTING AN EFFECTIVE CYBER INSURANCE MARKET Leigh Wolfrom, Policy Analyst,

OECD STUDY ON SUPPORTING AN EFFECTIVE CYBER INSURANCE MARKET Leigh Wolfrom, Policy Analyst, Directorate for Financial and Enterprise Affairs, OECD OECD Expert Workshop on Improving the Measurement of Digital Security Incidents and Risk Management

393 views • 12 slides
2019 OECD ECONOMIC SURVEY OF SWEDEN http://www.oecd.org/eco/surveys/economic-survey-sweden.htm

2019 OECD ECONOMIC SURVEY OF SWEDEN http://www.oecd.org/eco/surveys/economic-survey-sweden.htm

2019 OECD ECONOMIC SURVEY OF SWEDEN http://www.oecd.org/eco/surveys/economic-survey-sweden.htm @OECDeconomy @OECD Key messages Policies should remain responsive to macroeconomic developments Addressing structural weaknesses in housing

621 views • 42 slides
ARGENTINA 2019 Laying the foundations for a stronger and more inclusive growth Buenos Aires, 27

ARGENTINA 2019 Laying the foundations for a stronger and more inclusive growth Buenos Aires, 27

OECD ECONOMIC SURVEYS: ARGENTINA 2019 Laying the foundations for a stronger and more inclusive growth Buenos Aires, 27 March 2019 http://www.oecd.org/economy/surveys/argentina-economic-snapshot/ OECD Economics OECD Key recommendations

637 views • 44 slides
How to get regulation right? Balancing growth, risk, and equity Catherine L. Mann OECD Chief

How to get regulation right? Balancing growth, risk, and equity Catherine L. Mann OECD Chief

CEPR 10 Years After the Crisis How to get regulation right? Balancing growth, risk, and equity Catherine L. Mann OECD Chief Economist 22 September 2017 London OECD resilience framework: Potential trade-offs between growth and risk

632 views • 13 slides
GOING DIGITAL Trends and Key Policy Issues for Digital Transformation Workshop on Portugals

GOING DIGITAL Trends and Key Policy Issues for Digital Transformation Workshop on Portugals

GOING DIGITAL Trends and Key Policy Issues for Digital Transformation Workshop on Portugals 2030 Agenda Lisbon, 28 November 2017 Molly Lesher, OECD Outline Trends in Digital Transformation The OECD Going Digital Project Trends 3 A

1.05k views • 34 slides
A Risk-based Security Program Approach: Security Enables Digital Transformation and Compliance

A Risk-based Security Program Approach: Security Enables Digital Transformation and Compliance

A Risk-based Security Program Approach: Security Enables Digital Transformation and Compliance Michael Gutsche, Cybersecurity Strategy Peter Bronson, Cybersecurity Strategy #MicroFocusCyberSummit This document contains forward looking

245 views • 21 slides
MORTALITY ASSUMPTIONS AND LONGEVITY RISK Pablo Antolin OECD Financial Affairs Division

MORTALITY ASSUMPTIONS AND LONGEVITY RISK Pablo Antolin OECD Financial Affairs Division

MORTALITY ASSUMPTIONS AND LONGEVITY RISK Pablo Antolin OECD Financial Affairs Division Purpose: Policy questions How important longevity risk (LR) is or could be? What can be done: How to manage LR? OECD work tries to assess

484 views • 27 slides
2008 2008 2008 2008 Investor Community Conference Call Risk Review Risk Review Risk

2008 2008 2008 2008 Investor Community Conference Call Risk Review Risk Review Risk

2008 2008 2008 2008 Investor Community Conference Call Risk Review Risk Review Risk Review Risk Review Bob McGlashan Executive Vice President and Chief Risk Officer, Enterprise Risk and Portfolio Management March 4 2008 Forward

469 views • 19 slides
Investor Community Conference Call Q1 2008 2008 2008 2008 Risk Review Risk Review Risk

Investor Community Conference Call Q1 2008 2008 2008 2008 Risk Review Risk Review Risk

Investor Community Conference Call Q1 2008 2008 2008 2008 Risk Review Risk Review Risk Review Risk Review Bob McGlashan Executive Vice President and Chief Risk Officer, Enterprise Risk and Portfolio Management March 4 2008 Forward

488 views • 10 slides
The OECD and the Blockchain Revolution Presentation by Greg Medcraft Director, Financial and

The OECD and the Blockchain Revolution Presentation by Greg Medcraft Director, Financial and

The OECD and the Blockchain Revolution Presentation by Greg Medcraft Director, Financial and Enterprise Affairs, OECD OECD Friends of Going Digital Meeting, Paris Thursday 29 March Check against delivery Ambassadors and colleagues. Many of

555 views • 10 slides
Coronavirus: the world economy at risk Laurence Boone OECD Chief Economist 2 March 2020

Coronavirus: the world economy at risk Laurence Boone OECD Chief Economist 2 March 2020

OECD INTERIM ECONOMIC OUTLOOK Coronavirus: the world economy at risk Laurence Boone OECD Chief Economist 2 March 2020 http://www.oecd.org/economy/outlook/ ECOSCOPE blog: oecdecoscope.wordpress.com The economic situation was stabilising

746 views • 18 slides
2019 OECD ECONOMIC SURVEY OF PORTUGAL Promoting convergence and wellbeing Lisbon, 18 February

2019 OECD ECONOMIC SURVEY OF PORTUGAL Promoting convergence and wellbeing Lisbon, 18 February

2019 OECD ECONOMIC SURVEY OF PORTUGAL Promoting convergence and wellbeing Lisbon, 18 February 2019 http://www.oecd.org/economy/surveys/portugal-economic-snapshot @OECDeconomy @OECD Key messages Further progress in improving public

751 views • 44 slides
2018 OECD ECONOMIC SURVEY OF GERMANY Sustaining strong and inclusive growth Berlin, June 12 th

2018 OECD ECONOMIC SURVEY OF GERMANY Sustaining strong and inclusive growth Berlin, June 12 th

2018 OECD ECONOMIC SURVEY OF GERMANY Sustaining strong and inclusive growth Berlin, June 12 th 2018 http:/ / www.oecd.org/ eco/ surveys/ economic-survey-germany.htm @OECDeconomy @OECD Wellbeing is high OECD Better Life Index, 20 17 Germany

860 views • 45 slides
ENABLING RESPONSIBLE SUPPLY CHAINS OECD Guidelines for Multinational Enterprises and Risk-based

ENABLING RESPONSIBLE SUPPLY CHAINS OECD Guidelines for Multinational Enterprises and Risk-based

ENABLING RESPONSIBLE SUPPLY CHAINS OECD Guidelines for Multinational Enterprises and Risk-based Due Diligence November 2015 APBF Cristina Tebar Less OECD focus on Responsible Business Conduct Integrating RBC in investment policy :

202 views • 18 slides
REVIEW OF THE NSPA NSPA OECD Follow - up Forum Brussels 14 March 2017 Presentation outline

REVIEW OF THE NSPA NSPA OECD Follow - up Forum Brussels 14 March 2017 Presentation outline

OECD TERRITORIAL REVIEW OF THE NSPA NSPA OECD Follow - up Forum Brussels 14 March 2017 Presentation outline 2016 OECD regional outlook productivity performance of rural areas and policy implications. Findings of the NSPA

455 views • 20 slides
OECD Environmental Performance Reviews and insights for the CBD NBSAP peer review Katia

OECD Environmental Performance Reviews and insights for the CBD NBSAP peer review Katia

OECD Environmental Performance Reviews and insights for the CBD NBSAP peer review Katia Karousakis, OECD 21-23 March, 2016 Friends of CBD workshop, Switzerland Content OECD Environmental Performance Reviews Objective EPR cycle

747 views • 11 slides
Data Security in the Digital Age Reputation and Strategic Interactions in Security Investment

Data Security in the Digital Age Reputation and Strategic Interactions in Security Investment

Introduction Baseline Model Main Results Extended Model Lit. Review Conclusion Appendix Data Security in the Digital Age Reputation and Strategic Interactions in Security Investment Ying Lei Toh Toulouse School of Economics March 31, 2016

1.03k views • 37 slides
Tufin: Maximizing Agility and Security Henry Pea Digital Transformation is all about Business

Tufin: Maximizing Agility and Security Henry Pea Digital Transformation is all about Business

Tufin: Maximizing Agility and Security Henry Pea Digital Transformation is all about Business Agility 2 The Tradeoff Balancing Security and Agility 3 The Problem: Manual Processes Speed Cost Risk Compliance 4 The Solution: Security

1.21k views • 46 slides
Agenda Review feedback from spring surveys Review various options and implications

Agenda Review feedback from spring surveys Review various options and implications

Agenda Review feedback from spring surveys Review various options and implications Review next steps and timeline 2 Spring 2020 Remote Learning Survey Highlights - FAMILIES 2,123 responses, reflecting all grade levels

578 views • 37 slides
Incident Reporting: a lawyers perspective OECD Expert Workshop on Improving the Measurement of

Incident Reporting: a lawyers perspective OECD Expert Workshop on Improving the Measurement of

Incident Reporting: a lawyers perspective OECD Expert Workshop on Improving the Measurement of Security Incidents and Risk Management Swiss Re Centre for Global Dialogue Hans Allnutt Partner hallnutt@dacbeachcroft.com (+44) 20 7894 6925

677 views • 9 slides
Eugene Mazur Review Co-ordinator Environment Directorate, OECD Key steps of the review Oct 16 -

Eugene Mazur Review Co-ordinator Environment Directorate, OECD Key steps of the review Oct 16 -

Eugene Mazur Review Co-ordinator Environment Directorate, OECD Key steps of the review Oct 16 - Jan. 17 Review preparation and information collection 30 May Review mission 2 June 2017 Key steps of the review Oct-Nov 2017 Policy

606 views • 22 slides
GOING DIGITAL II Global Forum on Trade 24 October 2019 Molly Lesher molly.lesher@oecd.org

GOING DIGITAL II Global Forum on Trade 24 October 2019 Molly Lesher molly.lesher@oecd.org

GOING DIGITAL II Global Forum on Trade 24 October 2019 Molly Lesher molly.lesher@oecd.org Overview of Phase II Pillar 1: Horizontal activities Analytical work on digital transformation across Committees (e.g. platforms, SMEs, data and

392 views • 6 slides
Risk-based Security BARRY KOUNS CEO AT RISK BASED SECURITY Session Overview Warm-up Quiz

Risk-based Security BARRY KOUNS CEO AT RISK BASED SECURITY Session Overview Warm-up Quiz

Risk Assessment the Heart of Risk-based Security BARRY KOUNS CEO AT RISK BASED SECURITY Session Overview Warm-up Quiz Introduction to our security challenge What is Risk-based Security? The language of risk some

787 views • 53 slides
What do we know? What can we measure? Martin Eling OECD Expert Workshop, May 13, 2017

What do we know? What can we measure? Martin Eling OECD Expert Workshop, May 13, 2017

Cyber Risk and Cyber Risk Insurance: What do we know? What can we measure? Martin Eling OECD Expert Workshop, May 13, 2017 Management Summary Research Approach: Overview of the main research topics in the fields of cyber risk and

579 views • 12 slides

More recommend