• United States



Apurva Venkat
Special Correspondent

A third of enterprises globally don’t prioritize digital trust: ISACA

Sep 19, 20225 mins
Security Practices

There are significant gaps between what enterprises are doing and what they should do to earn customer trust in their digital ecosystems, according to information systems security group ISACA.

Woman executive with security lock

Digital trust is crucial for modern business relationships as increasingly, transactions require sensitive information to be shared online. However, a new report from ISACA—the Information Systems Audit and Control Association certification association —highlights significant gaps between what enterprises are doing now and what they should do to earn customer trust in their digital ecosystems.

The report combines insights from 2,755 business and IT professionals worldwide. It defines digital trust as confidence in the integrity of relationships, interactions and transactions among providers and consumers within an associated digital ecosystem.

While 85% of respondents said digital trust is extremely or very important to organizations today, and 63% said digital trust is extremely or very relevant to their job role, only 66% said their organization prioritizes digital trust in line with its level of importance. “This will be a growing concern, as four out of five respondents or 82% believe that digital trust will be more important in five years than it is today,” ISACA noted.  

In the US, only 54% of those polled trust technology companies to do the right thing, down three percentage points from 2021, and down 19% since 2019, the report said. The decline in trust was seen across topics, including 5G, artificial intelligence (AI), the Internet of Things (IoT) and virtual reality. 

The term digital trust is not widely understood

Globally, only 29% of respondents said they were very or extremely familiar with the term “digital trust.”  At 50%, respondents in India were the most familiar with the term. In addition, respondents from Latin America (37%), Africa (35%) and Europe (34%) also indicated a higher familiarity than the total of respondents. When viewed by industry, those in consulting (35%) were more familiar with the term than those working in finance/banking (28%), the report said.

The three most important components of digital trust, according to the survey respondents, are security, data integrity and privacy, but only 50% of respondents agree that there is sufficient collaboration within their organization among professionals who work in these fields, according to the report. 

Ninety-three percent of respondents in Africa indicated digital trust is extremely or very important to them, the highest response to the issue across regions. Following closely were respondents from Latin America at 86%, Oceania at 85%, Europe at 84%, North America at 84 % and Asia at 82%. 

Measuring trustworthiness strengthens confidence

More than half or 54% of respondents were completely or very confident in the digital trustworthiness of their organization. Among those that already measure digital trust maturity, confidence jumped to 81%. ISACA noted. Confidence was higher in India at 76% than in the US, where it stood at 52%. 

“It is concerning that fewer than one in four or 23% respondents said that their organization currently measures the maturity of its digital trust practices even though 68% believe it is extremely or very important to measure this maturity,” ISACA noted. 

Organizations that measure digital trust had two things in common—a board of directors that has prioritized digital trust, and use of a digital trust framework.

Organizations use a variety of ways to measure digital trust. Of those who do measure digital trust, 43% said they perform an internal review of trust-related practices, 33% said they use customer/client research including surveys and focus groups, and 32% said they benchmark against similar enterprises. 

Measurement of digital trust can help an organization see where its current position is in relation to industry benchmarks. One of the strongest benefits of measuring maturity is that it creates a repeatable process so an organization can have confidence in its results. Creating a digital trust maturity roadmap is a start and is a key part of getting to their desired destination, ISACA noted. 

Lack of training hampers digital trust

The report noted that lack of staff training is the biggest obstacle to achieving the digital trust goal. Only 29% respondents said their organization offered digital trust training to staff. In addition, only 28% respondents said they completely understood how their role impacts digital trust.

“While a lack of training opportunities and alignment with enterprise goals are serious considerations, it is worrying that, in many cases, there still is a lack of leadership buy-in,” ISACA noted. 

“With leadership buy-in, remaining obstacles can be more effectively addressed and appropriately funded. Organizational alignment, skills and training, and technology resources all fall into place and move forward when they receive support, funding and attention of executive leadership,” the report noted. 

While C-level executives are the drivers of digital trust and must ensure that it is a clear and supported priority in every aspect of operations, only 12% organizations said they had a senior staff role for digital trust, for example, chief trust officer or director of digital trust. 

How enterprises can build a digital trust ecosystem 

ISACA recommended three major steps to improve an organization’s digital trust maturity. First, an organization needs to understand what it wants to accomplish and learn how digital trust can contribute to its goals. “Start by defining what customers, employees and stakeholders expect of each other. Measure the current state and benchmark against industry good practices,” ISACA recommended. 

The second step is to outline the desired state and begin developing the road map to achieve it. An organization needs to understand the priority issues being faced by senior leadership, and how digital trust will resonate within their focus areas and provide potential solutions. Finally, ISACA recommends focusing on a mindset of continuous improvement as it pertains to security, quality, reliability, compliance and customer experience. 

Apurva Venkat
Special Correspondent

Apurva Venkat is principal correspondent for the India editions of CIO, CSO, and Computerworld. She has previously worked at ISMG, IDG India, Bangalore Mirror, and Business Standard, where she reported on developments in technology, businesses, startups, fintech, e-commerce, cybersecurity, civic news, and education.

More from this author