On 1 October the OECD recommended that digital security risk should be treated as an economic rather than a technical issue, and should be part of an organisation’s overall risk management and decision-making, according to a new OECD Recommendation to member countries.   The OECD Recommendation on Digital Security Risk Management says that leaders and CEOs in the public and private sectors should take specific responsibility for the issue and integrate it into overall planning, rather than treating it solely as a technology matter. The OECD, whose last Recommendation on digital security was in 2002, offers eight principles to guide digital security risk management, including on the responsibility of different actors, co-operation between stakeholders and the role of innovation. It recommends that countries adopt national plans to identify measures to prevent, detect, respond to and recover from digital security incidents.