About the data
The WBA Digital Inclusion Benchmark measures and ranks the world's most influential companies on their efforts to advance digital inclusion, tracking how companies are expanding access to digital technologies, improving digital skills and literacy, and ensuring safe and inclusive digital environments for all. The 2026 edition assessed 200 companies across key sectors of the digital economy including telecommunications, software, hardware, and digital platforms. The benchmark is developed in close collaboration with an Expert Review Committee and partners including GRI, ITU, and the Alliance for Affordable Internet, with a methodology designed to incentivise companies to understand where digital exclusion risks are highest and act to bridge the digital divide, while keeping human rights and social impacts at its core.
More information can be found here.
More information can be found here.
Methodology
Cybersecurity threats discourage Internet use as they give rise to fears about online safety. Digital companies are at particular risk as the digital industry is one of the most targeted by cybercriminals.xix Yet, companies often do not assign sufficient high-level accountability for cybersecurity. The United States Securities and Exchange Commission requires public companies to disclose cybersecurity risks and incidents.xx Companies need to assure stakeholders that they take cybersecurity seriously and assign high-level accountability and resources to maintaining it.
Senior-level oversight of cybersecurity can serve to indicate that the company dedicates appropriate accountability, managerial capacity and resources to preventing, mitigating and resolving cybersecurity risks.xxi If companies are proactive about cybersecurity, digital inclusion will improve because users will feel safer using digital technologies.
Rapid response to information security incidents is essential. Companies have created special units (e.g. computer emergency response team, computer security incident response team) to protect, detect and respond to cybersecurity incidents. As cyber threats often extend across borders, global cooperation is essential. The Forum of Incident Response and Security Teams, with over 500 members, fosters global ‘cooperation and coordination in incident prevention, to stimulate rapid reaction to incidents, and to promote information sharing among members and the community at large’.xxii
Research Guidance:
The companydisclosesthe designation of a specific individual who holds formal and direct responsibility for cybersecurity governance. Accepted titlesinclude, butare not limited to: Chief information Security Officer (CISO), Chief Information Officer (CIO), Chief Security Officer (CSO), Global Head of Cybersecurity, Global Cybersecurity Officer, Vice President of Information Security, General Manager of Information Security. The individual must be accountable for cybersecurity across the group level. Disclosing only a subsidiary-level or business unit-specific cybersecurity officer does not meet the requirements.
Senior-level oversight of cybersecurity can serve to indicate that the company dedicates appropriate accountability, managerial capacity and resources to preventing, mitigating and resolving cybersecurity risks.xxi If companies are proactive about cybersecurity, digital inclusion will improve because users will feel safer using digital technologies.
Rapid response to information security incidents is essential. Companies have created special units (e.g. computer emergency response team, computer security incident response team) to protect, detect and respond to cybersecurity incidents. As cyber threats often extend across borders, global cooperation is essential. The Forum of Incident Response and Security Teams, with over 500 members, fosters global ‘cooperation and coordination in incident prevention, to stimulate rapid reaction to incidents, and to promote information sharing among members and the community at large’.xxii
Research Guidance:
The companydisclosesthe designation of a specific individual who holds formal and direct responsibility for cybersecurity governance. Accepted titlesinclude, butare not limited to: Chief information Security Officer (CISO), Chief Information Officer (CIO), Chief Security Officer (CSO), Global Head of Cybersecurity, Global Cybersecurity Officer, Vice President of Information Security, General Manager of Information Security. The individual must be accountable for cybersecurity across the group level. Disclosing only a subsidiary-level or business unit-specific cybersecurity officer does not meet the requirements.
License
Topics
Framework Mappings
Value Type
Category
Options
Yes
No
Not Applicable
Assessment
Steward Assessed
Report Type
Aggregate Data Report