Opening remarks by Mathias Cormann,

Secretary-General, OECD

Paris, 7 June 2021

---

Distinguished Guests, Ambassadors,

I am delighted to welcome you to this year's OECD Global Forum on Digital Security for Prosperity. The digital transformations of our economies comes with exciting new opportunities – many of them demonstrated and accelerated during the COVID Pandemic. However it also comes with its own, growing and evolving risks and challenges. Two of the biggest digital economy related risks and challenges relate to cyber security and privacy. To ensure everyone has the opportunity to participate and benefit from the digital transformation of our economies we need to ensure we continue to find better ways to manage those risks.

Now in its third year, the Global Forum convenes public and private sector stakeholders, including representatives from civil society and academia, in a global setting to facilitate dialogue, debate and cooperation on critical issues related to digital security.

Over the next three days, this Forum will tackle three urgent priorities:

• first, how we can make better use of market mechanisms to enhance cyber resilience;
• second, how organisations can better prepare for, and respond to, cybersecurity incidents;
• and third, what we can do to break down silos and boost international co-operation among governments and other stakeholders.

This event comes at a particularly important time.

Over the past year, the COVID-19 crisis has further accelerated what was already a rapid pace of digital transformation – a transformation that is impacting almost every industry and every aspect of our daily life.

Digital technologies have helped our economies and our societies to keep going during the pandemic.

Millions and millions of us moved online to work, play, and learn.

In just one year, Internet traffic in some countries increased by up to 90%, and according to some estimates, we have reached the milestone of 25 billion Internet of Things devices globally.

As the world goes increasingly digital, cyber threats loom ever larger.

Recent global cyber-attacks involving the American software company SolarWinds and Microsoft Exchange provided a sobering reminder of how vulnerable our economies and societies are to malicious actors.

Relentless supply chain and ransomware attacks are becoming increasingly sophisticated, with attackers harder to spot… and harder to fight.

The damage caused by these attacks underlines the economic and social necessity to improve our digital security.

Cyber incidents can disrupt almost every facet of our lives, from routine business operations, to online education to the provision of healthcare.

Attacks on hospitals are particularly shocking.

Healthcare organisations reported 56 cyberattacks in the first two months of 2021 alone.

Just last month, in my home country, Australia, a large healthcare service provider was hit by a ransomware attack, severely disrupting key hospitals.

These attacks have real consequences for real people.

In some instances, hospitals have postponed all but the most urgent elective surgeries for several weeks while they work to get their systems back online.

The impact of the 2017 WannaCry attack on the UK National Health Service was a wake-up call. Since then, similar incidents have been reported in Canada, the Czech Republic, France, Ireland, Germany, New Zealand and the United States.

Too often, our responses to events like these remain local while our digital economies and societies are borderless. There is tremendous scope to advance international co-operation for cyber resilience. The more we co-operate, the more resilient we will be.

Over the past three decades, the OECD has been at the forefront of working with stakeholders to address complex global challenges facing the digital economy.

By engaging with technical and policy experts, business and civil society, we can share experiences and seek common, evidence-based solutions to global problems.

One powerful channel and outcome of this co-operation comes through the OECD’s role as a global policy standard-setter.

Since setting the first international guidelines for personal data protection in 1980 and cryptography policy in 1997, the OECD continues to develop new global standards to foster trust, security and stability in the digital environment.

We are currently reviewing and updating our 2015 Recommendation on Digital Security Risk Management, to develop new guidelines and encourage organisations to better manage vulnerabilities.

When it comes to digital security, if there is any vulnerability, you can be sure that somebody will find a way to exploit it.

When we hear “vulnerabilities”, we often think about technical flaws in code. However, the most exploited of all vulnerabilities is the lack of co-operation and communication, whether that is between security researchers and companies, between competitors, or across borders.

Improved international co-operation is the very mission of the OECD. It is at the centre of our response to the COVID-19 pandemic and our thinking about recovery strategies.

Through this annual event, and through our ongoing work on digital security, the OECD will continue to support stronger co-operation, and to shape the international agenda for better digital policies for better lives.

Colleagues,

Thank you for joining us today. Best wishes for a great event, and let’s hope that we can meet together in person next year.

Thank you.