According to ISACA, the majority of IT and security leaders believe that achieving digital trust should be an organization’s top strategic goal.
According to the latest report from the Cyber Security Association, State of Digital Trust 2023published May 9, 2023, 84% of respondents said they feel digital trust is very or very important to their organizations today, and 82% said that in five years said to be even more important.
Digital trust is a term coined in 2022 by ISACA as it seeks to develop a new framework that combines the knowledge of various disciplines and professions in IT management, governance, and security.
ISACA defines digital trust as trust in the integrity of relationships, interactions, and transactions between providers, partners, and consumers within relevant digital ecosystems. It includes the ability of people, organizations, processes, information and technology to create and maintain a trustworthy digital world.
According to ISACA evangelist Rolf von Roessing, “Digital trust helps demonstrate that there is measurable evidence that can be used to provide trust to customers, business partners, and other members of the supply chain. It can be seen as an overarching framework,” he said. He said at his digital launch event on May 3, 2023.
Tangible business benefits
Meanwhile, according to ISACA’s 2023 survey results, security leaders say digital trust is not only critical to innovation, but 79% say it is critical or very important to their digital transformation. said that it “could succeed or fail.” organization.
Respondents said higher levels of digital trust were associated with a positive reputation (67%), more reliable data for decision making (57%), fewer privacy breaches and cybersecurity incidents (both 56%), and reported that it could lead to tangible business benefits, such as stronger customers. Loyalty (55%).
“Cyber-attacks are on the rise and customers are increasingly aware of their sophisticated nature. They therefore expect companies to take the necessary steps to protect and safeguard their personal data.” Companies that adopt an enterprise-wide strategy to build digital trust can establish themselves as trusted authorities among their customer base and enjoy sustained long-term rewards.
But the report also shows a discrepancy between what is perceived in theory and what is being done in practice.
Chris Dimitriadis, ISACA Chief Global Strategy Officer, said at the launch event:
many obstacles
Lack of skills and training was the biggest obstacle, cited by 52% of respondents, followed by lack of leadership buy-in and alignment with company goals (both 42%) and lack of budget (41%). %), and lack of technical resources (38%).
“However, digital trust does not necessarily require significant budget allocations or the creation of new executive positions,” argued von Rossing.
Interestingly, only 64% of respondents believe their organization prioritizes digital trust according to its importance, with 38% stating that “digital trust is not a priority at my organization.” as one of the main obstacles to achieving it.
“All of these results are broadly consistent with last year’s results, the first survey on digital trust,” said Dimitriadis.
“The only two exceptions show improvements in training and collaboration. By 2023, 32% of respondents expect their organizations to provide digital trust training to their staff, compared to just 29% in 2022.” Less than 10% thought the same thing in 2022.”
The findings of the State of Digital Trust 2023 report are based on anonymized multi-sectoral data sent by ISACA to approximately 131,000 individuals (members of ISACA and holders of any ISACA credential or credential) in January 2023. It was obtained from a multiple-choice online survey. A total of 8,185 respondents completed the survey, with a margin of error of +/- 1 point.
Towards a Digital Trust Score
Now that the concept of Digital Trust is more widely recognized, one of ISACA’s next steps is to work towards a Digital Trust Scoring System.
According to Mark Thomas, president of Escoute Consulting, “an independent, public digital trust score […] It serves as a valuable tool for holding organizations accountable for their actions, but it requires globally consistent review criteria and scope, as well as automated measurement mechanisms. ”
“For example, a highly rated organization may have a severe negative incident that needs to drop its score by a few points in a matter of minutes. Rating and review parameters should be active in real time.” he added.
