There is little debate about the importance of digital trust in our modern economy. Regardless of somebody’s professional field or whether they’re four weeks or four decades into their career, there is widespread recognition that the ability to trust in technology is a big deal for companies and customers alike.
Where things become much murkier for companies is figuring out how to make digital trust a reality. 谁负责澳门赌场官方下载内部的数字信任? 如何衡量数字信任? 以及什么样的额外预算投资, 如果有任何, 是否需要使公司能够提供高水平的数字信任? ISACA的 《澳门赌场官方软件》研究报告 addresses these and many other top-of-mind questions that are shaping the digital trust dialogue for companies across the globe.
It's important to start with the recognition that companies already had a lot on their plate before this important digital trust conversation came into focus. The cyberthreat landscape continues to grow in complexity without enough capable 安全 professionals to protect against attacks. Data 隐私 has become a major enterprise challenge, particularly from a regulatory landscape. Figuring out how to effectively and responsibly 实现 emerging technologies such as artificial intelligence is increasingly tricky. You get the picture – enterprise leaders already have felt overburdened by all that is on their plates.
There also is a sense of being overwhelmed with the amount of technology-focused chiefs needed in today’s enterprise. 除了长期以来的CIO角色之外, 现在有主管监督技术, 安全, 隐私, 风险——感觉好像每件事都有一个主宰者, 让人想起“厨房里的厨师太多”这个习语. This begs the question: from this collection of chiefs, who is chiefly responsible for digital trust?
在ISACA的数字信任状况调查的受访者中, only 13 percent say that their organization has a dedicated staff role for digital trust; that number rises to 46 percent for respondents whose board of directors prioritizes digital trust. 仍然, that leaves us with the majority of organizations without a chief trust officer, 或者其他类似的角色. 那么,在监督信任方面,这意味着什么呢?
今天,许多组织可能将数字信任视为“每个人的工作”.” However, if something is “everyone’s job,” then nobody is focusing on it. 如果没有明确的角色来帮助计划, 实现, 或者管理数字信任工作, what can an organization do to ensure digital trust-related practices and activities are being considered? 假设没有中央权威, 如首席信托主任或同等职位, consider chartering a governing body to direct and monitor the organization’s digital trust efforts. 如果这是不可行的, ensure that digital trust is embedded into the appropriate bodies throughout the organization and those groups communicate and coordinate digital trust efforts. 另外, encourage everyone in the organization to analyze how their product or service uses digital technologies to interact with customers and consumers, 然后积分因子, 实践和活动纳入适当的委员会章程, 目标和职位描述.
Digital trust measurement is another big challenge for many organizations. While the majority of respondents say it is important to have a framework for digital trust practices, 目前只有20%的人使用手机. Existing popular forms of measuring digital trust include customer satisfaction surveys, customer retention rates and tracking problems that surface to customer relations teams. While useful, these are not sufficient approaches to measuring digital trust. 目前还没有普遍接受的方法来衡量数字信任. A key point to ensuring digital trust is integrated into the governance system is to establish metrics that will be collected, 由组织报告并采取行动. 这些指标可以是kpi, KRIs or any other measurement deemed appropriate for management to make informed decisions regarding digital trust. 请注意ISACA 数字信任生态系统框架(DTEF) 包含适用于框架内每个活动的kpi和KRIs.
In addition to questions about who is ultimately responsible for digital trust and how it can be measured, 有一个预算问题. How does digital trust change the equation – and the bottom line – regarding existing budget that is being allocated toward areas such as 安全, 私隐及风险管理? 组织通常将这些视为遵从性需求, 但在数字信任的保护伞下, it’s not just about compliance – it’s about adding value to the enterprise’s brand reputation.
为数字信任提供资金可能很棘手. 所有的焦点都集中在安全和隐私方面, it might be difficult to determine a funding source for digital trust efforts. I had a recent experience with an organization that decided not to allocate resources to support digital trust. 两周后, they experienced a massive customer exodus because of an unforeseen ransomware attack. 结果? 你猜对了:投资数字信托.
你可以拥有强大的安全保障, 你可以有一个坚实的隐私姿势, 但如果你的客户不信任你, 他们会减少损失,继续前进. 因此, it is important to consider how your organization funds efforts in support of digital trust. 你会将安全和隐私资金重新分配给数字信托吗, 或者你会为此创建一个新的投资组合? My suggestion is to determine the digital trust goals for your organization and allocate funding based on your business needs.
不幸的是,失去信任比获得信任更容易. 网络安全的扩散, 隐私 and myriad other compliance concerns is vexing companies with overwhelming requirements. So, think of digital trust as 1) an extension of your cyber安全 and 隐私 programs, 2)全面保护你的品牌和消费者, and 3) a means to strengthening your reputation while supporting digital transformation and customer loyalty.
By determining who is ultimately responsible for digital trust in your organization, establishing actionable metrics and budgeting to support digital trust in a way that aligns with the most critical business needs, organizations can turn digital trust into a branding strong suit and competitive advantage.
编者按: Learn more about the implications of ISACA的 《澳门赌场官方软件》研究报告 in an 即将于5月24日举行的网络研讨会.
