The new IFLA Statement on Cybersecurity examines what key cybersecurity concepts and principles mean in the context of library work – and how libraries, governments, library associations and educators can help build a safer digital environment for library users and staff.

The work of libraries to help build a fairer and healthier digital information environment takes on many forms. As part of this, they help their patrons become more competent and confident ICT users – i.e. through digital literacy training and support, which includes questions around staying safe online. At the same time, libraries work to protect their patron’s data privacy – while, more broadly, the security and stability of their own ICT systems is integral to service delivery in more and more areas.

All this comes at a time when cybersecurity concerns remain high – from ransomware attacks targeting public service providers, to the internet-of-things security gaps in the ‘smart’ devices that we use.

The new IFLA statement, prepared by the Information Technology Section and HQ, sets out some of the key cybersecurity concepts and principles for libraries seeking to navigate this field – as well as how these intersect with library commitments to intellectual freedom.

The new statement outlines:

  • What cybersecurity means for libraries – and the information system components this encompasses;
  • Key areas for library engagement and advocacy;
  • The relationship between cybersecurity and privacy;
  • The actions libraries can take if they have full or partial control over their information systems – and if they are a part of a wider institution, or rely on third-party vendors;
  • What library associations and governments can do to support a safer digital environment.

You can access the statement on IFLA’s repository:

IFLA Statement on Cybersecurity

This IFLA policy statement, aimed at libraries, library associations and library educators, and governments (including intergovernmental organisations), looks to explain the concept of cybersecurity in the context of the work of libraries, and make recommendations for improvements.