Global Business Intelligence

Produced by:

Building trust to succeed in the digital economy

How can organisations build greater trust and consumer confidence? Liz Green, UK Cyber Resilience Lead at Dell Technologies, discusses

The pandemic has accelerated the adoption of digital technologies and many organisations have transformed their digital operations to continue to function and grow. Participation in this digital economy requires consumers to trust how their data will be used, stored and protected, raising key questions for businesses. As consumers share their data, how do businesses ensure they are handling data in a way that is ethical, transparent and secure? What can they do to build greater trust and consumer confidence?

I recently had the pleasure of discussing this topic with Jason Smith, Deputy Lead for Innovation at Experian. Jason shared his thoughts on how considering trust – not just security compliance – can help build strong, data-driven organisations in the digital economy.

“The starting point must be to assume there is a trust problem,” Smith says. “Then work on transparency – be very open and clear with what you’re going to do with data. Think about repositioning your business or organisation around ethics, not just compliance, so you can start to answer the question, ‘What are we going to do to protect trust?’”

Building trust to succeed in the digital economy
New now: As working from home becomes the norm, how can consumers protect their data? Credit: Getty

At Dell Technologies, we have developed an approach to support organisations to build greater levels of trust around data, including:

  • Prioritise key aspects of the organisation that are most important to customers and employees
  • Build the foundations to enable secure online transactions
  • Develop a culture of security across the organisation
  • Adapt and refine a business-wide approach to building trust 

Prioritise key aspects of the organisation that are most important to customers & employees

Organisations need to prioritise the aspects that are most important to their customers and employees, such as sensitive information, critical applications and data sets. For example, a healthcare provider should prioritise patient data as critical and must comply with additional regulatory requirements applicable to health data. Similarly, a bank should prioritise customer account data.

Data sets will vary based on the organisation and its industry. For organisations with large, legacy applications it can be difficult to know what data they use, where the data resides and how it is being protected. An application-mapping exercise is one way to understand the current capabilities, by helping to show gaps in how critical data is being secured. These exercises provide a foundation for organisations to understand where they are most vulnerable and the data sets that need immediate protection and safeguarding.

Safety first: Protected online transactions are more paramount than ever before
Safety first: Protected online transactions are more paramount than ever before

Build a foundation for secure online transactions

As sensitive information is transacted digitally, it is important for organisations to leverage secure tools including multi-factor authentication, encryption of sensitive information and, for employees and staff, virtual private networks to maintain secure connections whenever possible.

Organisations should also help their customers think about how they can be safe online. A bank may educate customers on how they can know if an email or text is genuine and how best to spot emails from fraudsters. An insurance provider could update customers on new forms of cybercrime or social engineering attacks to help them to be vigilant and aware. Everyone has a part to play in keeping data secure and protected.

Flexible working: Education is key in keeping users safe
Flexible working: Education is key in keeping users safe

Develop a culture of security

As the threat landscape has broadened, it has become difficult for organisations to protect against every threat or emerging risk. Zero trust, a security concept coined by Forrester Research, is growing in popularity. It assumes that cybercriminals are often already inside the corporate network and that starting with a “never trust, always verify” approach helps protect against threat actors inside the organisation’s virtual walls.

While these concepts make good sense in theory, some organisations struggle to apply them to their businesses. In our work with clients, we suggest looking at four key areas:

  1. Developing a dynamic, software-based network: Moving from a physical to a virtual network through approaches like micro-segmentation can help prevent lateral cyber-attacks that can spread quickly once inside a network. Separating parts of the network from others and limiting access to certain groups will help to protect sensitive information.
  2. Securing endpoints – applications and devices: Traditional endpoint security solutions monitor threats in a binary ‘good’ or ‘bad’ way, leading to over-alerting and potentially missing more sophisticated forms of cybercrime. New approaches to endpoint security include cloud behavioural analytics technologies that learn how the user acts on a device. This software uses context to generate intelligent alerts that help detect and stop emerging attacks, ensuring appropriate protection.
  3. Managing and safeguarding personal data: Organisations must comply with privacy regulations when collecting, processing and otherwise dealing with personal data. Among other things, access to personal data must be limited to a defined group. It should be clear to data subjects why their data is being collected, how it is being safeguarded and often encryption will be required. There also needs to be clear policies on data deletion: Different retention/deletion periods are required for different types of personal data, also depending on the purpose for which the data is used.
  4. Building a resilient ecosystem: A foundation of trust doesn’t start and stop within the organisation, it includes any supplier and vendor within an organization’s ecosystem. This means organisations should consider the risk that third parties and the wider ecosystem of partners may pose. It is important to monitor the use of technologies and onboard new suppliers with due diligence and cyber vetting.

Adapt and refine an organisation-wide approach to building trust

Tomorrow’s leaders will build trust to thrive in the digital economy. Leaders have a vital role in fostering trust and those who put building trust at the centre of their culture are set to thrive in the digital economy. They will continually refine and iterate their approach to cyber security and building resilience, ensuring that security and trust is incorporated for every new product and every response to evolving needs of their organisation.

Trust increasingly underpins how – and if – customers engage. Organisations that are open to adopting a proactive approach are most likely to remain secure and resilient, and will be best-placed to succeed in the data-driven digital economy.