关于数字信任在现代经济中的重要性,几乎没有争议. 不管一个人的专业领域是什么,也不管他们的职业生涯是4周还是40年, 人们普遍认识到,信任技术的能力对公司和客户都是一件大事.
对于澳门赌场官方下载来说,如何让数字信任成为现实变得更加模糊. Who is responsible for digital trust within the enterprise? How can digital trust be measured? And what kind of additional budget investment, 如果有任何, is needed to enable the company to deliver a high level of digital trust? ISACA的 State of Digital Trust 2023 research 解决了这些以及许多其他影响全球澳门赌场官方下载数字信任对话的首要问题.
重要的是要认识到,在这个重要的数字信任对话成为焦点之前,公司已经有很多事情要做. 如果没有足够的安全专业人员来抵御攻击,网络威胁的复杂性将继续增长. 数据隐私已成为澳门赌场官方下载面临的主要挑战,尤其是在监管方面. 弄清楚如何有效和负责任地实施人工智能等新兴技术正变得越来越棘手. 你可以想象到,澳门赌场官方下载领导人已经感到手头上的工作负担过重.
还有一种感觉是,如今的澳门赌场官方下载需要大量专注于技术的首席执行官,这让人不堪重负. On top of the longstanding CIO role, these days there are chiefs that oversee technology, 安全, 隐私, risk – it can feel like there is a chief for everything, bringing to mind the “too many cooks in the kitchen” idiom. 这就引出了一个问题:从这群主管中,谁主要负责数字信任?
Among respondents to ISACA的 State of Digital Trust survey, only 13 percent say that their organization has a dedicated staff role for digital trust; that number rises to 46 percent for respondents whose board of directors prioritizes digital trust. 仍然, 这使得大多数组织没有首席信任官, or some other similar role. So, what are the implications when it comes to overseeing trust?
Today, many organizations may view digital trust as “everyone’s job.然而,如果某件事是“每个人的工作”,那么就没有人关注它. If there’s no specific role identified to help plan, 实现, or manage digital trust efforts, 组织可以做些什么来确保与数字信任相关的实践和活动得到考虑? Assuming there is not a central authority, such as a Chief Trust Officer or the equivalent, 考虑授权一个管理机构来指导和监督组织的数字信任工作. If this is not feasible, 确保数字信任嵌入到整个组织的适当机构中,这些团体沟通和协调数字信任工作. 另外, 鼓励组织中的每个人分析他们的产品或服务如何使用数字技术与客户和消费者互动, and integrate the factors, practices and activities into appropriate committee charters, goals and job descriptions.
数字信任测量是许多组织面临的另一个重大挑战. 尽管大多数受访者表示,建立数字信任实践框架非常重要, only 20 percent currently use one. 现有的衡量数字信任的流行形式包括客户满意度调查, 客户保留率和跟踪客户关系团队遇到的问题. 这些方法虽然有用,但不足以衡量数字信任. There is no universally accepted approach to measuring digital trust. 确保将数字信任集成到治理系统中的关键点是建立将被收集的度量标准, reported and acted upon by the organization. These metrics can be KPIs, KRIs或任何其他被认为适合管理层做出有关数字信任的明智决策的测量. 请注意ISACA Digital Trust Ecosystem Framework (DTEF) contains applicable KPIs and KRIs for each activity within the framework.
除了谁最终对数字信任负责以及如何衡量这些问题之外, there is the matter of budget. 数字信任如何改变分配给安全等领域的现有预算的平衡和底线, 隐私 and risk management? Organizations typically view these as compliance requirements, but under a digital trust umbrella, 这不仅仅关乎合规性,还关乎为澳门赌场官方下载的品牌声誉增加价值.
Funding for digital trust can be tricky. With all the focus on compliance to 安全 and 隐私, 可能很难确定数字信任工作的资金来源. 我最近遇到过一个组织,它决定不分配资源来支持数字信任. 两周后, 由于无法预料的勒索软件攻击,他们经历了大规模的客户流失. 结果? You guessed it: fund digital trust.
You can have strong 安全, you can have a solid 隐私 posture, but if your customers don’t trust you, they will cut their losses and move on. 因此, 重要的是要考虑您的组织如何为支持数字信任的工作提供资金. Do you reallocate 安全 and 隐私 funding to digital trust, or do you create a new portfolio for this? 我的建议是为您的组织确定数字信任目标,并根据您的业务需求分配资金.
Unfortunately, it is easier to lose trust than to gain it. The proliferation of cyber安全, 隐私和无数其他合规问题正困扰着那些有着压倒性要求的公司. So, 把数字信任看作是你的网络安全和隐私计划的延伸, 2) a holistic approach to protecting your brand and your consumers, 3)在支持数字化转型和客户忠诚度的同时加强您的声誉的方法.
通过确定谁最终负责组织中的数字信任, 建立可操作的指标和预算,以符合最关键的业务需求的方式支持数字信任, 组织可以将数字信任转化为品牌优势和竞争优势.
编者按: 了解ISACA《澳门赌场官方软件》研究的更多含义 upcoming webinar on 24 May.
