ISACA: Disparity Between Beliefs and Action on Digital Trust
The recent report from global professional association ISACA reveals a big disconnect between digital trust's importance and the concrete steps being taken to improve it.
The ISACA's State of Digital Trust 2024 report highlights IT individuals clearly value digital trust - defined as "the confidence in the integrity of relationships and transactions within the digital ecosystem" - but reveal their organisation’s have failed to implement robust strategies or provide adequate training to make sure it is taken seriously.
Digital trust refers to the confidence that users have in the security, privacy, and reliability of digital technologies, processes, and interactions. It encompasses the belief that personal data will be handled ethically, transactions will be secure, and identities will be protected online.
Its increasing importance has been highlighted by adoption of tough data privacy laws, like GDPR.
Although, penalties can be accrued for non compliance with such laws, organisations are seemingly not taking it so seriously.
Numbers not adding up
Of the 5,800 business and IT professionals worldwide, a full 77% of respondents agreed that digital trust is crucial for digital transformation. Additionally, 76% believed digital trust is highly relevant to their organisation.
Yet in a stark contradiction, 71% admitted their employer provides no training at all on digital trust. Three-quarters were even unsure of what enhancing digital trust even requires in practice.
"It's encouraging that the importance of digital trust is well understood, but organisations need to follow through with proper upskilling and roadmaps to make digital trust a reality," said ISACA's Chief Strategy Officer Chris Dimitriadis. "Simply recognising its value won't lead to high digital trust levels."
Prioritisation problems
The potential risks of digital trust deficiencies are substantial according to the research. 39% of organisations admit they are experiencing more cyberattacks, and 15% are suffering from more privacy breaches compared to a year ago. This high
Indeed, the cyber sphere is currently riddled with ransomware. Therefore it’s no wonder that the report matched low organisational digital trust correlated to reputational damage (64%), increased cybersecurity incidents (58%), more privacy breaches (57%) and customer losses (54%).
Despite this, only 21% of organisations reported plans to increase budgets for enhancing digital trust over the next year.
Poor improvement
These results mirror similar findings from previous ISACA reports on digital trust. The 2022 report showed 98% of respondents list digital trust as important, with only 12% of their organisations having a dedicated staff role for digital trust; 2023’s results showed that only 7% of European business and IT professionals were completely confident in the digital trustworthiness of their organisation.
This skew between IT staff and their organisation's approach points to a possible disconnect between IT leaders and C-suites, with a recent Trend Micro study highlighting how security concerns are struggling to be adequately heard in the board room.
Yet, the obstacles reported for these discrepancies remain the same: lack of leadership buy-in, skills gaps, and insufficient processes.
Frameworks' role for the future
82% believe Digital trust will become "much more important" within five years, with 28% expecting to have senior digital trust roles.
The results between 2022 and 2024 are identical:only 29% of staff are getting digital trust training. Yet, the difference is 2022 pooled 2,755 compared to 5,870 in 2024.
Yet, problems around skills gap could impede its implementation.
ISACA has consequently emerged as a key partner in closing this gap, by last year launching its Digital Trust Ecosystem Framework to provide education, training and certifications that empower professionals to drive organisational digital trust.
Such credentials are now integrated into the UK Cybersecurity Council's new Certification Framework.
With only 15% of respondents’ organisations currently use a framework for their digital trust practices, but almost 46 % of respondents believing it is extremely/very important, industry will have to wait until next year to see if their will blossom any growth for digital trust adoption from ISACA’s actions, and wider industry trends.
******
Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024
******
Cyber Magazine is a BizClik brand