Authored by: Ben King, Chief Security Officer, Okta Asia-Pacific
When thinking about the C-suite’s priorities, people tend to focus on growth, security, digital transformation or more recently, keeping a remote workforce running.
All these aspects are important in keeping the business innovative and profitable, and in ensuring that employees are safe, equipped and content. Yet, there is something that underpins every one of these priorities − digital trust. Without it, every area of the business would cease to function.
Maintaining trust is crucial to business success. As digital transformation creates new avenues for engaging with consumers and supporting staff, the associated cyber attack surface expands in parallel. Organisations benefit from digital trust because it not only helps to avoid harm, but it also drives loyalty, income and value.
Digital trust is a concept no business leader can ignore today. With most of the world working online, digital trust is vital in order for CXOs to be assured that employees are doing their jobs, that the workforce is keeping security threats at bay, and that trust is cultivated with customers.
Trust Comes Under Attack as Cyber Breaches Grow
Trust will always be intangible and requires belief in three key aspects − reliability, truth and ability. We need to have the belief that someone or something will deliver on the promises made, can be relied on to be truthful, and is capable of what they set out to achieve.
In today's intensely competitive market, it's evident that digital companies need to build trust in order to flourish. Okta’s latest annual State of Digital Trust Report released in May this year found that 58 per cent of Asian respondents are unlikely to purchase a product from a digital brand they did not trust, with an average of 38 per cent indicating that they would delete their account with the company, after losing trust in its brand due to a data breach or misuse of data. The study polled 1,700 office workers in Singapore, Hong Kong, Philippines, Malaysia and Indonesia.
In this context, it is vital that organisations are aware of which employees, partners and customers they can trust to access their data and systems. Vice versa, these employees, partners and customers must trust that an organisation can protect any personal data they share.
Effective security tools and policies, especially those focused on seamlessly managing the identities of users, help to drive stakeholder trust. And an organisation with stringent security in place can trust that each stakeholder only has as much access to business systems as required. This symbiotic online relationship between organisation and stakeholder is digital trust.
Thankfully, some traction has been made by Asian businesses. The same Digital Trust Report found that in the past year, 46 per cent of Asian businesses have implemented new security apps and technologies, while 32 per cent have increased internal security training.
Policy, Education and Technology Underpin Trust
Business and IT leaders must be transparent about the cybersecurity measures and policies they are implementing to foster trust and staff buy-in.
Okta has seen a surge in the number of cyber attacks during the lockdown period as malicious actors attempt to take advantage of the increased threat vectors. Asian workers reported feeling more cautious overall (71 per cent) about the safety of their data during the COVID-19 pandemic, which was far higher than global respondents (41 per cent).
As many firms continue to support remote or hybrid work, employers need to educate employees on security best practices and replace any older technology that could be exposed to cyber attacks.
Security must always be the first layer of trust. For employers, partners and customers, it is vital they feel secure sharing their data. And for trust to be cultivated by organisations, continuing education is crucial.
CXOs also need to ensure they are staying ahead of cybercriminals as much as they can technologically.
In the enterprise, this begins with a Zero Trust approach focused on validating identity before trusting anyone in the digital realm. The ultimate strategy puts identity at the heart of digital security, and invokes risk-based access policies and continuous and adaptive authentication, meaning identity validation is required for user access to be granted to resources in real-time. As enterprises move towards this, it is vital that users are kept abreast of the evolving cybersecurity policies in place.
The growth in knowledge across all levels of the business will lead to improved understanding and a stronger belief in the reliability, truth and ability that together form the basis of digital trust. When this is applied effectively, this trust from employees, partners and customers will not only mitigate harm, but will ultimately drive loyalty, revenue and value for organisations.