Digital trust has evolved to become a strategic differentiator for businesses. With the growing digitalization of businesses and governance, trust has become a fundamental factor for the success of all players in the digital ecosystem. This is also true when it comes to protecting against cybersecurity attacks and data breaches. Consumers want to know that companies are protecting their data and ensuring that they will be able to continue having access to the products and services they need.
According to ISACA’s recently released State of Digital Trust 2023 survey report, when stakeholders consider trusting an organization that they have built a digital relationship with, they often evaluate several factors, including quality, availability, security, privacy, ethics, integrity, transparency, honesty, and resiliency. Digital trust serves as a crucial differentiator between highly successful organizations and their less successful counterparts. In some cases, including in the instance of a cyberattack or data breach, the presence or absence of digital trust and how an organization responds, can determine an organization’s very existence.
While there are no academically rigorous definitions of digital trust, the report offers a concise working definition – it is the confidence in the integrity of the relationships, interactions and transactions among providers and consumers within an associated digital ecosystem. This rings true for security and privacy. According to the survey report, 56% of global respondents cite fewer privacy breaches and fewer cybersecurity incidents each among the top benefits that can come from high levels of digital trust. More cybersecurity incidents (59%) and more privacy breaches (58%) were noted as consequences of a lack of digital trust, coming in among the top three.
The survey has explored the question of whether an organization’s digital trust is irreparably damaged by a data breach or security incident. Surprisingly, the findings suggest that the answer is not necessarily unfavourable. Instead, stakeholders tend to focus on the organization’s level of preparedness and response before, during, and after the event.
One key factor in retaining trust is transparent communication. Even when a breach or security incident occurs, an organization that handles the situation professionally and openly can maintain the support of its stakeholders. Conversely, stakeholders may be unforgiving if they perceive that an organization was careless or lacked transparency. This highlights the importance of proactive security measures and clear communication strategies in maintaining digital trust.
The report suggests that 81 percent of the respondents believe that prioritizing digital trust can lead to their organization’s success. However, only 13 percent of the surveyed professionals reported having dedicated staff for digital trust. The report also found that digital trust is a priority for boards in only 19 percent of the surveyed organizations.
North American respondents to the survey preferred that the digital trust function be handled by senior leadership, while those in other regions preferred their boards to take charge. Surprisingly, many Indian respondents felt that individual employees are responsible for digital trust. Global respondents cited security as the second top role responsible for digital trust (81%) within their organizations. Though a range of internal stakeholders are involved in upholding digital trust, the survey found that only half (51%) agree that there is sufficient collaboration in their organization among professionals who work in diverse digital trust fields, including security, risk, governance, assurance, privacy and quality.
Interestingly, the report also suggested that establishing digital trust does not necessarily require a huge budget or the creation of a C-suite position. It was noted that organizations of all sizes and types can decide on digital trust guidance and frameworks that best fit their nature, size, and culture.
Considering that digital trust can serve as a strategic differentiator, it is imperative for organizations to know whether they are trusted. To this end, a Harvard Business Review article from February 2018, which surveyed 42 countries, proposed a four-part measurement framework for digital trust, comprising behaviour, attitudes, environment, and experience. As time passes, the factors influencing the calibration of digital trust have only increased as seen in the ISACA report that includes security, risk, privacy, quality, compliance, communication, information technology, marketing and operations.
According to the ISACA survey, over 50% of global respondents expressed confidence in their organization’s digital trustworthiness. Digital trust is measured by businesses through a range of methods, including customer satisfaction surveys, monitoring customer service issues, tracking customer retention, analysing customer behaviour patterns, and conducting customer recommendation surveys. However, the survey also revealed that approximately 29% of respondents admitted to not measuring digital trust in their organizations. This highlights the need for continued efforts to refine digital trust measurement practices in order to maintain customer confidence in today’s digital landscape.
With today’s information infrastructure, one person’s or company’s bad experience, cyberattack or data leak or can be broadcast globally in an instant, making it all the more important for organizations to stay transparent, stay in clear communication with their stakeholders, and focus on building digital trust.
(The author is Dr K Rama Subramaniam, member of the ISACA Emerging Trends Working Group, and director and CEO of Valiant Technologies Pvt Ltd., and the views expressed in this article are his own)