Digital security is increasingly important as the world becomes more digital. It involves managing risks through understanding probabilities, impacts, and costs and benefits of mitigation strategies. The human element also influences security - some are overly optimistic and underestimate risks while others have paranoid reactions. A balanced view is needed that continuously re-evaluates risks. This is illustrated by the case of NSDL, a public organization providing depository services, which takes a process-based approach to information security through a security committee, risk assessments, certifications, and audits as part of ongoing management while also focusing on client needs.