The OECD Council recommendation no. OECD/LEGAL/0361 on the protection of critical information infrastructures

Summary

The Recommendation on the Protection of Critical Information Infrastructures was adopted by the OECD Council on 30 April 2008 on the proposal of the Committee for Information, Computer and Communications Policy (now called Digital Policy Committee).The Recommendation aims to set out a high-level framework to guide the development of national strategies to protect critical information infrastructures (CII) at domestic level and across borders. The Recommendation identifies the need for strengthened international cooperation to address cross border issues given the importance of the internet as a global infrastructure. It also identifies the need for a national operational infrastructure security capability, a willingness and ability to share information, close cooperation with the relevant parts of the private sector, and a strong culture of security in the face of rapid technological growth, and consequential social changes. The draft Recommendation therefore calls on Member countries to adopt a common approach in a number of areas to enable progress on some of these issues. Further, although the Recommendation is addressed to governments, it stresses the need for collaboration with the private sector.