The importance of trust, data protection and privacy

If 2020 taught us anything, it’s that moving to the cloud can deliver the resiliency, flexibility and cost controls businesses need to survive, and thrive, in the future. 

With a move to a hybrid workforce and the real world security challenges that poses, the partners you choose and security they provide to protect you from risks of a data breach or cyber incident are critical. 

Cyber threats continue to be more sophisticated, and with 3rd party systems now being even more of a target, understanding your ecosystem, whether that be your on-premise systems or cloud based systems, has never been more important. 

To be effective, organisations need to fully trust the platforms and products they are using - trust that they work, trust that sensitive information will be protected, and trust that the provider is giving you the levels of partnership and transparency you need to measure your own risk.

Our online event brought experts together to discuss and get a better understanding of  the ways in which organisations are dealing with the threats and challenges in a digital-first world. In this blog we share their  insights into the topics of security, trust and transparency. 

Differentiating trust from security

It’s important to differentiate trust from security. The latter is about the prescriptive and protective actions we take, like implementing two-factor authentication or requiring a badge swipe to enter secure areas. 

Trust creates an ever-changing dynamic between people. It takes work to nurture trust, to keep it growing. Certainly, acting in bad faith is one of the many ways to damage that relationship. But what builds trust? 

According to Spencer Mott, Chief Security Officer at Booking.com; “Trust doesn’t come about by saying ‘you should trust me’ - you demonstrate it by a degree of reliance and stability, creating transparency around the controls and also ethically and morally how you conduct yourself as a business. How you think about how you use customer data for instance”

Emily Health notes that honesty, transparency, integrity, humility and competency are at the core of trust. 

The concept of trust isn’t just relevant for personal matters, it’s critical for businesses to make a commitment to build trust in professional relationships: with employees, vendors, partners, patients, students, constituents, customers and more.

Sir Alex notes that “trust rests on knowing that the person you are talking to is the person you’re talking to. Online, we can build trusting relationships if we can nail the challenge of identity. Digital identity for me is the key to unlocking trust online.” 

How to prevent cyber attacks?

As Sir Alex Younger confirms; ““the cyber security problem can only get worse”. Accenture’s ​​latest global incident response analysis for the first half of 2021, found a 125% increase in incident volume year-over-year, the impact was observed for almost every industry and geography. 

Think of security issues as safety issues

Georges De Moura, Head of Industry Solutions at the World Economic Forum reminds us that:

"Security should be treated as a business priority and not as a technology issue"

It is essential that security is embedded in a businesses operating model irrespective of what industry you’re in. Literacy and awareness of security and trust needs to be built in to a business ecosystem. This can be accelerated through the right partnerships within the industry and with governments too. Establishing those relationships as early as possible with law-enforcement agencies and government agencies to understand the type of support that they can offer you in the eventuality of an incident is a practice step that is really important and will be useful if you face a major attack that leads to a data breach. 

Do the basics right 

Sir Alex Younger tell us that

"It’s about doing the basics right, if you keep your software up to date and apply two-factor-authentication to everything you do then you’re going to be a harder target to attack than the significant majority out there."

Simple things like keeping software up to date is something every individual can and should do. When you don’t have the resources to address challenges as they relate to cyber security, another crucial tip is to establish the right partnerships with technology and service providers so that they can supplement your current workforce with the skills and human resources to ultimately ensure that the building blocks are in place and operating as effectively as needed in order to mitigate risks.

Lead by example

If you think that security is someone else’s problem then you are going to get attacked.  Leaders need to nurture a culture that shows they care. Providing training on how to respond to potential cyber attacks is one way to build security practices in an organisation. The difference between a weak and strong organisation are humans - even in the cyber world - it is humans leveraging the technology and humans using the computers to both attack and defend.

Leverage available resources

Go online, Spencer tells us. "In the UK - the national cyber security centre produces guides for businesses to think about what’s valuable to the business, to understand their value chain, and to educate the workforce. The resources are there to consume, digest and implement. If you need advise you don’t need to go to consultancies, there is free advise available and volunteers that want to help in this regard. We have to trust not only each other but our systems of governance and structure and leverage them for the better of the entire business community."

To learn more and hear from our expert, watch the on-demand webinar.