Excellence in administration

  • ISSA Guidelines:
  • Continuity and Resilience of Social Security Services and Systems

Excellence in administration

  • ISSA Guidelines:
  • Continuity and Resilience of Social Security Services and Systems

Continuity and Resilience of Social Security Services and Systems -
B.4.1. Cybersecurity and Digital Operational Resilience

As digitalization increases, social security institutions should address related risks. Concretely, social security administrations become critical infrastructure (CI) and information infrastructures (CII), and therefore they require a robust cybersecurity posture. The increasing cyber risks and cyber threats, such as distributed denial of services (DDoS) attacks, data breaches or leaks and ransomware attacks, amongst other cyber incidents, which could disrupt social security services, strongly encourage the implementation of cybersecurity measures and controls in collaboration with other organizations and business partners.

Such cybersecurity measures are coordinated with the institutional digital operational resilience framework, covering other risks, not only attacks.

Digital operational resilience is the capacity of an institution to build, assure and review its operational integrity to make sure it can withstand any disruption or threat concerning information and communication technologies. Concretely, for a social security institution, that means that when disruption occurs, the institution has mechanisms to absorb the hit without significant impairment to operations.