Why 2023 will be the year of Digital Trust
Joshua Peskay
3CPO (CIO, CISO, CPO) CISSP, CISM - Helping nonprofits leverage technology to do more, do better and be more secure. Also, I collaborate with a potato.
I will be honest. Many business buzz-phrases such as "digital transformation" and "thought leader" make me want to...
But a few months ago I started seeing the phrase "digital trust" pop up in many places and the more I read about it, the more I liked it. In fact, I think digital trust is the best single term for describing the breadth of signals an organization broadcasts to the world about trust. And trust is going to be one of the most valuable and vulnerable assets an organization can have going forward.
I want to pause to give a shout-out to Elyse Wallnutt for introducing me to the term "digital trust" and also to Maureen Wallbeoff for introducing me to Elyse. Big thanks to BOTH of you!
For this article I am going to rely heavily on two (2) sources that I think have done a very good job defining digital trust, explaining its value and outlining how an organization can build and maintain digital trust:
Let's start by defining digital trust. I'm borrowing from both McKinsey and ISACA here to create my own definition:
Digital trust reflects the ability of an organization to be responsible and transparent about the data it collects, accesses and uses. Digital trust demands that the organization will reasonably protect the data it collects and securely delete the data when it is no longer needed. Digital trust requires an organization to be transparent about when and how it uses AI to analyze information and/or make decisions that impact people. Lastly, digital trust is dependent on an organization's ability to clearly communicate these practices in a manner easily understood by its constituents.
OK, you might be thinking...
And that's totally fair. But I truly believe this is already a critical issue for organizations and will be only become more critical in 2023 and forward. TRUST is an incredibly valuable asset. It can only be built over time, bit by bit, but it can be lost in an instant. In the ISACA report , they surveyed ISACA surveyed more than 1,200 professionals in North America who hold assurance, governance, risk, security or privacy roles and found that 97% of them said digital trust is important right now and 80% (same people) said it will be MORE important over the next five years.
Consumers care more and more about digital trust, even if they aren't aware of the term itself yet. Look at these numbers from McKinsey , who surveyed 3,000 consumers about their attitudes toward companies from whom they obtain services:
Let's unpack this graphic a bit. In the age of same-day delivery via drone and a prevailing "I want it now" attitude, consumers told McKinsey that cared AS much about the ethical and trusted reputation and the amount of personal required as they do about speed of delivery. And they cared almost as much about ethics and privacy as they did about PRICE and QUALITY. I don't know about you, but the fact that those are numbers from 2022 astound me. The ethical and data privacy concerns are only going to become more and more critical from here forward. Just today, for example is this headline, "Southwest has a long road to winning back customer trust ." And Facebook lost so much brand equity through violations of customer and societal trust, it changed it's name to Meta. And still lost 650 billion dollars .
领英推荐
So, what does good digital trust look like? I think this is rapidly evolving because it's not JUST about cybersecurity and data privacy, but also about ethical AI use and, perhaps most importantly, transparency around practices for all these things.
Here's the best example I've seen so far , Otter.ai (and I would LOVE suggestions of other companies you see with great examples of trust pages).
Otter.ai provides a transcription service for digital meetings. As you can imagine, if I am giving a third-party access to record and transcribe my meetings, I want to know as much as I can about what they are doing with those recordings and how they are protecting them.
Otter.ai has done a number of things on this page that I really like. First off, the entire page is wonderfully clear, easy to read and easy to understand.
They lead off with their compliance frameworks. While many visitors may not know what these mean, these are all well-known, industry standard compliance and regulatory frameworks for cybersecurity and data privacy.
They provide concise and clear communications around privacy and security, but they also provide links for people who want to get into the details. They even include information about when they delete information. I dare you to find me another organization that includes deletion policies in clear language front and center on their trust page.
And here's where Otter.ai really goes above and beyond in the trust department. Toward the bottom of the page they have a FAQ that goes into detail not only about what Otter.ai will do in the event of a subpoena for customer data, but exactly what information they will share in the event of a subpoena.
While I do not reasonably expect nonprofits to be able to put together trust pages of this quality in 2023, it is my goal to for the nonprofits with whom I work to START the process of digital trust in earnest this year.
As the proverb goes , the best time to start building digital trust was 20 years ago. The next best time is today.