Four Ways To Embed And Scale Digital Trust In Transformation Efforts

Four Ways To Embed And Scale Digital Trust In Transformation Efforts

In 2020, governments, businesses, civil society, and citizens across the world banded together in response to one of the most severe global health crises since the 1918 Spanish flu. As 2021 continues, there is reason for optimism. Vaccine approvals and mass mobilization efforts are underway. Add to that mix an improving economic outlook and there is indeed reason for confidence. Yet, challenges abound.

One of the most significant near-term hurdles facing organizations is continuing to balance bringing people back to the office while maintaining extensive remote work. Harnessing the benefits of workforce flexibility will likely form a more permanent employment strategy in the future; yet, it is unlikely to replace working from a physical office in its entirety. In the interim, though, expanding workforce flexibility creates an urgent need to confirm that employees are educated about the inherent cyber risks of working remotely, while also having the tools necessary to protect against cyber attacks. Achieving the right balance requires collaboration, transparency and candor.

At the end of the day, whether an employee, customer or supplier, people demand trust. Trust that their information will be secure. Trust that their data privacy will be protected to the utmost. And with digital transformation efforts poised to accelerate even further in 2021, organizations must proceed in a purposeful way – designed with trust at the heart of the effort. To engender trust at an enterprise level, risk intelligence should be embedded deeply into a range of critical customer-facing interactions across the customer journey, rather than primarily orienting around traditional risk management processes. This approach builds customer trust, strengthens privacy and cybersecurity, and enhances employee experiences.

How should leaders begin to frame and build upon their thinking to develop, integrate and scale trust, while effectively driving digital transformation efforts? They must consider the following four areas:

  1. Addressing cybersecurity challenges
  2. Mitigating data biases
  3. Fortifying digital privacy
  4. Strengthening governance and internal controls systems

I go into more detail here based on a recent conversation with my colleague Cindy Doe of the EY Technology Consulting services in the Financial Services Organization:    

Implementing cyber resiliency from the outset

Cybersecurity continues to be a critical priority for organizations amid their transformation journeys. While cybersecurity has been top of mind for boards and business leaders over the past several years, the risks now are more pervasive and profound. With the rise and acceleration of remote working, paired with more sophisticated cyber attacks, the challenges can appear daunting. However, firms can fortify their cybersecurity protections to address these dynamic risks.

As organizations rely on new and emerging technologies to accelerate digital transformation efforts, they should view cybersecurity as an imperative at every stage of a systems’ design, development and execution. For example, we encourage clients seeking to activate a public cloud strategy to think about the skills of their employees, the tools and methods they need, and the processes and metrics required to effectively monitor technologies, to confirm that they are built and equipped for cyber resiliency.

When managing risk, it’s a leading practice to verify that all measures are embedded in an organization’s application development processes, protecting data from the start. Organizations that fail to effectively implement such practices face the potential of losing customer trust and opening themselves to increased risk.

Mitigating potential data biases

Machine learning and artificial intelligence (AI) remain at the forefront of businesses’ digital transformations – and will continue to accelerate. As firms seek to scale and integrate AI and machine learning applications, unintended or unconscious data biases must be avoided.

So, what can firms do to combat data biases? For example, in laying out AI design processes, it’s important that businesses familiarize their professionals in risk, cyber, privacy, model risk, and regulatory and compliance-related areas early on and throughout the process. Having individuals at the table who can challenge the technology design and implementation, as well as the model development approach, will help to detect inherent shortcomings and drive accountability.

In areas such as recruiting and underwriting, it’s particularly important that teams closely examine whether algorithmic bias exists. When doing so, users should identify where potential errors lie within any processes, which may involve looking at testing or monitoring, and examining whether the results that the tools generate fulfill business needs and expectations.

Fortifying digital privacy

Privacy lies at the heart of digital trust. People are giving up more data than ever – from temperature checks and sharing personal phone numbers for contract tracing purposes, to details on recent travel experiences. Conversations around keeping this data secure will be critical, with employees and customers alike expecting a frictionless experience 24-7-365. For organizations, this may even mean slowing down to “speed up” down the line so that privacy considerations are included from the outset.

Organizations should take a robust, holistic and risk-based approach to the management of privacy. This involves the adoption of concrete steps to effectively operationalize privacy management within the organization – something that is easier said than done. A great place to start is looking at the privacy framework established by the National Institute of Standards and Technology (NIST). This framework lays out, in accessible terms, how to identify and begin addressing data privacy vulnerabilities. It helps firms understand, manage, and communicate privacy risk through business and mission drivers, organizational roles and responsibilities, and privacy protection activities. Organizations can use it to identify and prioritize actions, while aligning policy, business, and technological approaches to managing privacy risk across the data life cycle.

Modernizing dynamic governance and internal controls systems

It’s crucial that risk management keeps pace with an organization’s heightened interest in digital transformation programs. As digital technology evolves, governance and internal controls must be modernized in tandem. While risk management has traditionally been perceived as largely back-end monitoring, the modern function will be one that flexes with the organization. Internal controls need to run at the speed of the business, and in a nimbler way for more informed decision-making.

Firms need to develop a data governance framework to manage the challenges posed by the rapid acceleration and scaling of the use of AI and machine learning globally. This includes:

  • Establishing an AI governance framework that addresses data-related risks, provides cross-functional oversight and transparency, develops centralized capabilities, and focuses on delivering trusted outcomes.
  • Embedding digital governance in the overall business strategy, with a clear AI framework that addresses key risks and customer concerns, particularly ethics.
  • Leveraging risk frameworks coupled with analytics and enabling advanced data technologies to generate more timely and predictive risk intelligence.
  • Achieving firmwide awareness of a governance framework through training programs and communication

Looking ahead

For more than 30 years, I have helped Fortune 500 companies adapt and transform. It is no surprise that the most successful organizations have put their people at the heart of any transformation initiative. It was true back then, and even more so now. And, to this end, human trust forms the basis of broader digital transformation efforts – whether it be related to underwriting loans, recruiting or the use of personal health data.

A thoughtful and holistic approach guided by robust cyber securities, scalable and dynamic risk governance, protections to mitigate data biases, and mechanisms to safeguard personal data are key to achieving true digital trust. Without it, customers and other stakeholders are likely to abandon a brand and look for others that align with their expectations and values.

---

The views reflected in this article are the views of the author and do not necessarily reflect the views of the global EY organization or its member firms.

This article originally appeared on www.Forbes.com. You can find the original post here.


Raj Sharma

Global Managing Partner for Growth & Innovation at EY I Financial Services, Business Tech Consulting, Transformation, Data, Analytics, Strategy, ESG, Regulation, Digital Assets, Innovation, DEI, Mentoring

3 年

Great points around cyber resiliency, Hank. The remote work shift arrived with new cyber risks, and firms must secure their digital future with the right protocols.?

回复

要查看或添加评论,请登录

社区洞察

其他会员也浏览了