Digital trust is crucial for modern business relationships as increasingly, transactions require sensitive information to be shared online.
However, a new report from ISACA — the Information Systems Audit and Control Association certification association — highlights significant gaps between what enterprises are doing now and what they should do to earn customer trust in their digital ecosystems.
The report combines insights from 2,755 business and IT professionals worldwide. It defines digital trust as confidence in the integrity of relationships, interactions and transactions among providers and consumers within an associated digital ecosystem.
While 85 per cent of respondents said digital trust is extremely or very important to organisations today, and 63 per cent said digital trust is extremely or very relevant to their job role, only 66 per cent said their organisation prioritises digital trust in line with its level of importance.
“This will be a growing concern, as four out of five respondents or 82 per cent believe that digital trust will be more important in five years than it is today,” ISACA noted.
In the US, only 54 per cent of those polled trust technology companies to do the right thing, down three percentage points from 2021, and down 19 per cent since 2019, the report said. The decline in trust was seen across topics, including 5G, artificial intelligence (AI), the Internet of Things (IoT) and virtual reality.
The term digital trust is not widely understood
Only 29 per cent of respondents said they were very or extremely familiar with the term "digital trust."
At 50 per cent, respondents in India were the most familiar with the term. In addition, respondents from Latin America (37 per cent), Africa (35 per cent) and Europe (34 per cent) also indicated a higher familiarity than the total of respondents. When viewed by industry, those in consulting (35 per cent) were more familiar with the term than those working in finance/banking (28 per cent), the report said.
The three most important components of digital trust, according to the survey respondents, are security, data integrity and privacy, but only 50 per cent of respondents agree that there is sufficient collaboration within their organisation among professionals who work in these fields, according to the report.
Ninety-three per cent of respondents in Africa indicated digital trust is extremely or very important to them, the highest response to the issue across regions. Following closely were respondents from Latin America at 86 per cent, Oceania at 85 per cent, Europe at 84 per cent, North America at 84 per cent and Asia at 82 per cent.
Measuring trustworthiness strengthens confidence
More than half or 54 per cent of respondents were completely or very confident in the digital trustworthiness of their organisation. Among those that already measure digital trust maturity, confidence jumped to 81 per cent. ISACA noted. Confidence was higher in Asia at 76 per cent than in the US, where it stood at 52 per cent.
“It is concerning that fewer than one in four or 23 per cent respondents said that their organisation currently measures the maturity of its digital trust practices even though 68 per cent believe it is extremely or very important to measure this maturity,” ISACA noted.
Organisations that measure digital trust had two things in common — a board of directors that has prioritised digital trust, and use of a digital trust framework.
Organisations use a variety of ways to measure digital trust. Of those who do measure digital trust, 43 per cent said they perform an internal review of trust-related practices, 33 per cent said they use customer/client research including surveys and focus groups, and 32 per cent said they benchmark against similar enterprises.
Measurement of digital trust can help an organisation see where its current position is in relation to industry benchmarks. One of the strongest benefits of measuring maturity is that it creates a repeatable process so an organisation can have confidence in its results. Creating a digital trust maturity roadmap is a start and is a key part of getting to their desired destination, ISACA noted.
Lack of training hampers digital trust
The report noted that lack of staff training is the biggest obstacle to achieving the digital trust goal. Only 29 per cent respondents said their organisation offered digital trust training to staff. In addition, only 28 per cent respondents said they completely understood how their role impacts digital trust.
“While a lack of training opportunities and alignment with enterprise goals are serious considerations, it is worrying that, in many cases, there still is a lack of leadership buy-in," ISACA noted.
“With leadership buy-in, remaining obstacles can be more effectively addressed and appropriately funded. Organisational alignment, skills and training, and technology resources all fall into place and move forward when they receive support, funding and attention of executive leadership,” the report noted.
While C-level executives are the drivers of digital trust and must ensure that it is a clear and supported priority in every aspect of operations, only 12 per cent of organisations said they had a senior staff role for digital trust, for example, chief trust officer or director of digital trust.
How enterprises can build a digital trust ecosystem
ISACA recommended three major steps to improve an organisation’s digital trust maturity. First, an organisation needs to understand what it wants to accomplish and learn how digital trust can contribute to its goals.
“Start by defining what customers, employees and stakeholders expect of each other. Measure the current state and benchmark against industry good practices,” ISACA recommended.
The second step is to outline the desired state and begin developing the road map to achieve it. An organisation needs to understand the priority issues being faced by senior leadership, and how digital trust will resonate within their focus areas and provide potential solutions.
Finally, ISACA recommends focusing on a mindset of continuous improvement as it pertains to security, quality, reliability, compliance and customer experience.