According to ISACA, a large majority of IT and security leaders are convinced that achieving digital trust should be a top strategic goal for organizations.
In the latest report from the Cyber Security Association, State of digital trust 2023published May 9, 2023 84% of respondents said they felt digital trust was extremely or very important to organizations today, and 82% said it will be even more important in five years years.
Digital trust is a term coined in 2022 by ISACA as it tries to develop a new framework that combines knowledge from different disciplines and professions in IT management, governance and security.
ISACA defines digital trust as trust in the integrity of the relationship, interactions and transactions between suppliers, partners and consumers within an associated digital ecosystem. This includes the ability of people, organizations, processes, information and technology to create and maintain a trusted digital world.
According to Rolf von Roessing, ISACA evangelist, “You can see digital trust as an umbrella framework that helps demonstrate that you have measurable evidence that you can use to provide trust to your customers, business partners and other members of the supply chain.” he said. said during a digital launch event on May 3, 2023.
Tangible business benefits
On the one hand, ISACA’s 2023 survey results show that security leaders recognize that digital trust is not only integral to innovation, with 79% of respondents saying it was extremely or very important to digital transformation, but “can make or break”. organizations”.
Respondents reported that high levels of digital trust could lead to tangible business benefits, such as a positive reputation (67%), more reliable data for decision-making (57%), fewer privacy breaches and cybersecurity incidents ( both 56%) and a stronger customer. loyalty (55%).
“Cyberattacks are on the rise and customers are increasingly recognizing their sophisticated nature. They therefore expect companies to take the necessary steps to protect and secure their personal data. Those who adopt an enterprise-wide strategy to generate digital trust will establish themselves as a credible authority among customer bases and reap the long-term benefits in a sustainable manner,” von Roessing said in a public statement.
On the other hand, the report also shows discrepancies between what is recognized in theory and what is done in practice.
“Companies recognize the importance of digital trust, but most are struggling to achieve it,” said Chris Dimitriadis, Global Strategy Director at ISACA, during the launch event.
Many obstacles
Lack of skills and training is the main obstacle, with 52% of respondents citing it, followed by lack of leadership buy-in and alignment with business goals (both 42%), lack of budget ( 41%) and the lack of technological resources (38%).
“However, digital trust does not necessarily require a significant budget allocation or the creation of a new C-suite position,” argued von Roessing.
Interestingly, only 64% of respondents believe their organization prioritizes digital trust according to its level of importance, and 38% cite “digital trust is not a priority in my organization” as one of the main obstacles to achieving -the.
“All of these results are pretty much in line with what we found last year, which was our first digital trust survey,” Dimitriadis said.
“The only two exceptions show some improvement in training and collaboration. In 2023, 32% of respondents said their organization offered digital confidence training to staff, compared to just 29% in 2022. More significantly, this year’s report showed that more than 40% of IT and security professionals surveyed believed that collaboration was efficient, while less than 10% of them thought the same in 2022.”
The findings of the State of Digital Trust 2023 report come from an anonymous, multiple-choice online survey sent by ISACA in January 2023 to approximately 131,000 individuals, ISACA members and holders of one of the certifications or credentials of ISACA. A total of 8,185 respondents completed the survey, with a margin of error of +/- 1 point.
Towards a digital trust score
Now that the concept of digital trust is becoming more widely recognized, one of ISACA’s next steps is to work towards a digital trust scoring system.
According to Mark Thomas, president of Escoute Consulting, “an independent and publicly available digital trust score […] can serve as a valuable tool to hold organizations accountable for their actions, but it must have globally consistent standards and scope of review, as well as an automated measurement mechanism.”
“For example, a highly rated organization may have a serious negative incident that requires its score to drop several points in a matter of minutes. The evaluation and review parameters must be active in real time,” he added.
Source link
The digital world is becoming increasingly complex, and companies must navigate new and varied risks to ensure their data is secure and trustworthy. While there are a number of measures that can be taken to protect a company’s digital assets, exploring the roles technology and standards can play in achieving digital trust is essential. ISACA recently released a report, “Achieving Digital Trust: The Role of Standards and Technologies,” which examines the challenges companies face in creating and maintaining trust in their digital platforms. The report delves into the role standards, such as ISO27000, have in helping companies to identify potential risks and threats, as well as actions that must be taken in order to keep their digital assets secure. Additionally, the report explores the role that technologies such as blockchain can play in assuring trust and protecting data security.
As digital transformation accelerates, the risks associated with inadequate digital trust continue to rise. According to the report, many companies still face a variety of barriers to achieving digital trust, including the absence of a clear understanding of the risks associated with digital system and the lack of necessary technologies and standards. As a result, many organizations do not have full visibility into, or control of their digital environments, leading to a lack of trust in their data and systems.
At Ikaroa, we understand the importance of digital trust and believe that organizations must invest in the right strategies and technologies to maximize their security and protect their data. Companies should look to standards such as ISO27000 and to technologies such as blockchain to ensure that their data is secure, and that they can trust their digital assets and platforms. By meeting these strict requirements, the risks associated with inadequate digital trust can be reduced significantly. Additionally, by working with an experienced information security partner such as Ikaroa, organizations can ensure their data is managed competently and securely, further enhancing their trust in their digital assets.
