Solutions Review’s Expert Insights Series is a collection of contributed articles written by industry experts in enterprise software categories. Deepika Chauhan of DigiCert asserts why your digital trust strategy needs to start with a centralized approach.
It’s no secret in 2023 that establishing digital trust with customers, supply chain partners, and internal workforces is paramount for enterprises to conduct business. The wave of digital transformation among businesses during the pandemic, while essential to maintaining ongoing operations, also created new security challenges. An expanding attack surface from this online-first pivot created more opportunities for threat actors to exploit weaknesses in organizations’ systems and digital assets.
Looking for an MDR solution, your team can trust? Check out our free MDR Solutions Buyer’s Guide!
Increased Consequences and Reputational Risk
Just look at the latest headlines. Breaches and ransomware attacks continue to plague businesses and cost thousands or even millions of dollars in damage, while impugning the reputations of the targeted companies. T-Mobile’s 2022 Black Friday breach quickly called into question the firm’s commitment to security, while the successful hack into customer data at LastPass was deemed “as bad as it gets” for the password manager’s 33 million users who had entrusted the firm with their online credentials.
The ultimate business cost of those kinds of lapses is almost incalculable. According to the 2022 State of Digital Trust Survey, which gauged attitudes toward digital trust for enterprises, employees, and consumers globally, nearly two-thirds of enterprises switched vendors after a digital trust lapse. And almost half of consumers stopped doing business with a company that lost their trust.
Jennifer Glenn, research director at IDC, highlighted how organizations that ignore this area do so at their own peril. “In an always-on, digitally connected world, to ensure digital trust, connections cannot be disrupted, terminated, or altered without consequence,” Glenn said.
Where Enterprises Fall Short with Digital Trust
Given that threat environment, the importance of digital trust is universally recognized. Indeed, the Digital Trust Survey found 100 percent of enterprises viewed digital trust as important, with 90 percent viewing it as extremely important.
Yet, in a separate survey from ISACA, just 12 percent of companies said their organization had a senior staff role for digital trust, such as a Chief Trust Officer or Director of Digital Trust. That absence of a senior leader who owns digital trust within an organization illustrates a gaping hole in business attitudes in this area. It also highlights how organizations are quickly becoming bifurcated into two groups when it comes to digital trust:
- Companies that see digital trust as an additional cost center and necessary evil to transacting online today.
- Enterprises that recognize the strategic opportunity of digital trust to maintain loyalty among their partners and customers while differentiating themselves from competitors.
Best Practices of Top-Tier Digital Trust Organizations
The State of Digital Trust survey noted stark differences between top and bottom-tier companies when it comes to digital trust. It found top tier companies overwhelmingly place ownership of digital trust within an organization at the CIO level, whereas bottom-tier companies placed it within security operations. Indeed, while top-tier companies consistently centralized digital trust oversight, bottom-tier firms routinely had three or more departments managing digital certificates. That’s why this is a massive opportunity for companies that commit bodies in the boardroom to prioritize digital trust from the top of the organization down. There is a bottom line, and it is simple: digital trust belongs on the mission-critical agenda for every organization.
The way to turn digital trust from a pain point into an advantage is to approach it in the same way you would any other strategic, enterprise-critical initiative: by focusing on it as a centralized function and standing up a team that owns and champions it within the organization. That’s the path to successful digital trust outcomes and providing value to both internal and external customers. According to IDC’s Glenn, it’s a centralized approach that lets enterprises not only prioritize digital trust, but also develop processes to leverage its implementation into a sum that’s greater than its parts.
“Centralizing certificate management improves visibility into the certificate landscape and provides a basis for automation, which is instrumental in keeping business systems connected and running securely and efficiently,” Glenn said.
Four Building Blocks of Digital Trust
Once that top-down ownership is established within an organization, the roadmap for securing the connected world through digital trust should focus on four critical components:
- Standards: Standards are what define trust for a given technology or industry.
- Compliance & operations: These functions represent the activities that establish trust.
- Trust management: Trust management reduces business disruption from certificate outages, reduces rogue activity by driving adherence to corporate security policy, and reduces the administrative burden of managing certificate lifecycles and other enterprise identities through business process automation. An example is certificate lifecycle management software.
- Connected trust: Companies need to extend trust into complex supply chains. Examples are ensuring continuity of trust throughout a device lifecycle, across a software supply chain or in the establishment of digital rights provenance in a content community.
Relationships Built on Trust
These four building blocks, implemented through strong leadership and enterprise-wide ownership of digital trust throughout an organization, are the foundation upon which top purveyors of digital trust are building out a strategic advantage over competitors today.
With the expanded threat environment that businesses are dealing with in 2023, anyone can say that digital trust is important to them. But top-tier companies go beyond that lip service by charging an executive leader with accountability in this area to protect both internal and external client relationships.
By standing up a team within the boardroom, and then focusing on the four key building blocks of digital trust, leading enterprises can stay ahead of their competition and turn this threat into an opportunity. Doing so not only puts them ahead of the pack, it provides their customers with proof — and a needed reassurance in today’s business world — that the relationship truly is built on trust.
- Digital Trust: Success Starts with a Centralized Approach - May 19, 2023