Cybersecurity and Data Protection


The company only collects the minimal data required for its legitimate commercial purposes and is committed to the protection of employee, customer, supplier, and other data. Through policies, procedures, culture, and decision-making, the company and its representatives ensure the prevention of data misuse or unauthorised use. The company respects data sovereignty and maintains and follows clear policies regarding data ownership and data use authorisation, particularly for data about the company’s social and environmental context. The company has robust and safe Records and Data Management systems and practices. The company actively considers the ethical implications of machine learning, when relevant.

Issue icon

Share this Subissue on:LinkedIn


Artificial Intelligence and Machine Learning

Ethics guidelines for trustworthy AI cover

Ethics guidelines for trustworthy AI

The High-Level Expert Group on AI has created ethics guidelines to promote trusworthy artificial intelligence (AI). According to the guidelines, trustworthy AI should be lawful, respecting all applicable laws and regulations; ethical, respecting all ethical principles and values; and robust, from both a technical and social environmental perspective. This guidance introduces seven key requirements that AI systems should meet in order to be deemed trustworthy and highlights assessment criteria to verify these requirements are being met. This is an importance resource for senior leaders, technology experts, and sustainability change agents of any large organisation that is considering developing and/or implementing AI into their operations. The High-Level Expert Group on AI was set up by the European Commission, the principles and recommendations of their guidance are applicable to every business regardless of industry or geography.

OECD AI Principles cover

OECD AI Principles

These principles promote use of AI that is innovative, trustworthy, and respectful of human rights and democratic values. They consist of five value-based principles: inclusive growth, sustainable development and well-being; human-centred values and fairness; transparency and explainability; robustness, security, and safety; and accountability. This resource also includes key recommendations for policy-makers. These principles will be useful to anyone involved in procuring or implementing AI technologies, as well as for leaders who want to build a better understanding of ethical principles and practices.

Discriminating Systems: Gender, Race, and Power in AI cover

Discriminating Systems: Gender, Race, and Power in AI

This report from AI Now Institute can help you understand the diversity crises in the AI industry and the risk of bias it creates for those using AI tools. The report explains how AI tools suffer from systemic (gender and racial) bias, and quantifies the large and stagnant workforce diversity imbalance in the field of AI. It explains how this lack of diversity creates biased AI systems that negatively impact under-represented groups. It also explains the lack of progress made by existing efforts to address the issue, and provides recommendations for taking a new approach. This report will be most useful to IT, sustainability, and HR teams, or anyone implementing or developing AI tools.

AI & The Future of Work: What Every MBA Needs to Know cover

AI & The Future of Work: What Every MBA Needs to Know

This primer provides a helpful high-level summary of artificial intelligence that will benefit executives, board members, and other business leaders. It explains the concept and types of AI, as well as their impact on workers; highlights the risks of data bias and insecurity, privacy concerns, and regulatory risks; and examines the opportunities, such as those related to workforce training and collaborative machine-human applications.

Artificial Intelligence: A More Intelligent Future cover

Artificial Intelligence: A More Intelligent Future

This executive brief from Project Breakthrough can help you better understand the potential of AI technology to address sustainability challenges. It provides a succinct overview of AI and examples of how it can be used; outlines AI’s potential positive impacts and how they link the SDGs as well as the potential negative impacts; and highlights how AI’s automation and analytical power may enhance business model sustainability. These insights will be particularly beneficial to senior leaders and to sustainability professionals that want priming materials for executives and boards.

Other Resources

Global Data Privacy and Cybersecurity Handbook cover

Global Data Privacy and Cybersecurity Handbook

This comprehensive resource can help you to navigate the global landscape of data protection, privacy and cybersecurity laws, regulations, and guidance. Updated annually, this handbook provides detailed overviews of a broad range of topics, and allows for sophisticated comparisons of jurisdictions. This resource will be of particular use to information technology and security professionals and legal teams.

Data Privacy Handbook: A starter guide to data privacy compliance  cover

Data Privacy Handbook: A starter guide to data privacy compliance

This concise resource from PwC can help you to become better acquainted with data privacy and to get started on improving your data privacy practices. It explains why data privacy is important, highlights key concepts and principles of data privacy, and unpacks a ten-step framework for creating an effective data privacy programme. This is a good primer for change agents, leaders, and compliance and legal professionals.

Securing the Modern Economy: Transforming Cybersecurity Through Sustainability cover

Securing the Modern Economy: Transforming Cybersecurity Through Sustainability

This paper from Public Knowledge can show you why cybersecurity should be treated as a sustainability issue. It begins by offering a broad definition of cybersecurity and its role in protecting trust in - and security of - digital infrastructure, including the internet. It then highlights how cybersecurity faces challenges that are parallel to the sustainability field, such as short-termism, tradeoffs, and a lack of resilience. The paper recommends that organisations draw on sustainability management practices to help address these cybersecurity challenges, and outlines the broader implications of cybersecurity for national security and the digital infrastructure that today’s economies rely on. This resource would be helpful for both IT leaders and sustainability professionals.

ISAO 300-1: Introduction to Information Sharing cover

ISAO 300-1: Introduction to Information Sharing

This guide from ISAO Standards Organisation can help you understand how to address cybersecurity risks through information sharing, including both ad hoc and structured activities. This guide presents a conceptual framework for joining or forming a formalised Information Sharing and Analysis Organization (ISAO) with other organisations in your sector. It explains information sharing concepts, the types of cybersecurity information you may want to share, how to facilitate information sharing, as privacy and security concerns. The resource will be most useful to IT professionals or others responsible for managing cybersecurity risks.

Framework for Improving Critical Infrastructure Cybersecurity cover

Framework for Improving Critical Infrastructure Cybersecurity

This framework from the National Institute of Standards and Technology (NIST) can help you better manage cybersecurity risks. It provides a common language and systematic methodology for managing this risk, and features a three-component framework. The “Framework Core” unpacks five pillars of a holistic cybersecurity program (Identify, Protect, Detect, Respond, and Recover); the “Implementation Tiers” help you to prioritise your cybersecurity program activities, as per your goals, risk appetite, and budget; and the “Profiles” section helps you to identify areas to improve.

To see how other organisations have implemented the framework, see the “Success Stories” page.

7 Pressing Cybersecurity Questions Boards Need to Ask cover

7 Pressing Cybersecurity Questions Boards Need to Ask

This article can help you to assess your board's understanding of cybersecurity, raise awareness on the issue, and prioritise action. The article highlights five key things directors need to know about cybersecurity, as well as seven questions you can ask to make sure your board understands how cybersecurity is being managed.