MY TAKE: Poll shows consumers won’t patronize companies that fail to assure ‘digital trust’

By Byron V. Acohido

It’s all too easy to take for granted the amazing digital services we have at our fingertips today.

Related: Will Matter 1.0 ignite the ‘Internet of Everything’

Yet, as 2022 ends, trust in digital services is a tenuous thing. A recent survey highlights the fact that company leaders now understand that digital trust isn’t nearly what it needs to be. And the same poll also affirms that consumers will avoid patronizing companies they perceive as lacking digital trust.

DigiCert’s 2022 State of Digital Trust Survey polled 1,000 IT professional and 400 consumers and found that lack of digital trust can drive away customers and materially impact a company’s bottom line

“It’s clear that digital trust is required for organizations to instill confidence in their customers, employees and partners,” Avesta Hojjati, DigiCert’s vice president of Research and Development, told me. “Digital trust is the foundation for securing our connected world.”

I recently had the chance to visit with Hojjati. We conversed about why digital trust has become an important component of bringing the next iteration of spectacular Internet services to full fruition. And we touched on what needs to happen to raise the bar of digital trust. Here are a few key takeaways from our evocative discussion:

Vigilance required

As 2022 comes to a close, connectivity is exploding. This portends many more digital wonders to come. Yet threat actors continue to breach corporate networks with impunity. And now, finally, digital trust is commanding attention.

One hundred percent of the IT pros who participated in DigiCert’s survey acknowledged the importance of gaining and keeping digital trust. The backdrop is an operating environment is which their organizations’ network attack surface is scaling up. What’s more, 99 percent of the IT pros said they believed their customers would switch to a competitor should they lose trust in the enterprise’s digital security.

Meanwhile, more than half, some 57 percent, of consumers polled by DigiCert acknowledged that they’ve experienced cybersecurity issues such as account takeovers, password exposure and payment card fraud. And nearly half, 47 percent, said they’ve stopped doing business with a company after losing trust in that company’s digital security.

Consumers aren’t blind; they’ve become wary of companies that lack online vigilance. Some 84 percent said they would consider not patronizing a company that fails to manage digital trust, with 57 percent saying switching to a more trustworthy provider would be likely.

“Consumers understand what digital trust is and they’re making it a requirement for any entity they’re dealing with to protect their data and their online accounts,” Hojjati says. “If they find that’s not the case, consumers have no problem switching to another vendor.”

Baked-in security

So how did we get here? Over the past decade, digital transformation has advanced rapidly – and even more so post Covid 19. In this environment, companies chased after the operational efficiencies – without duly considering security. And as this shift to reliance on cloud-infrastructure and remote workers accelerated, no one accounted for the fresh pathways left wide open to malicious hackers.


“Enterprises were slow to acknowledge that digital trust was missing,” Hojjati observes. “We dove too quickly into making everything digitalized, but we didn’t realize that this superfast inter-operability and hyper interconnectivity absolutely requires a foundation of trust.”

Digital trust has emerged as a must-have; without it confidence in online business processes are destined to erode. At a macro level, this means security must somehow get deeply baked into leading-edge IT architectures. Systemic changes need to be agreed upon and universally adopted. Smart, adaptable, automated security needs to be infused into the ephemeral, highly distributed and cloud-centric digital infrastructure that will take us forward.

At a micro level, company leaders and captains of industry must arise as champions and stewards of digital trust, Hojjati argues, not only for their own internal employees and operations, but also for their customers, partners and extended communities.

Infusing digital trust

Moving forward, digital trust must become a cornerstone of security. One core technology for providing digital trust is the public key infrastructure (PKI), or more precisely, advanced implementations of PKI. As a prominent supplier of PKI services and digital certificate lifecycle management systems for companies worldwide, DigiCert brings this skin into the game. PKI is the framework by which digital certificates get issued to authenticate the identity of users and devices; and it is also the plumbing for encrypting data that moves across the public Internet.

PKI already is deeply engrained in the legacy Internet; companies use it to certify and secure many types of digital connections coming into, as well as inside of, their private networks.

Because PKI is ubiquitous and time-tested it is well-suited to be a leading technology used for infusing digital trust into the next iteration modern networks designed to handle massive interconnectivity and support vast interoperability. This is the working premise espoused by DigiCert and other security experts.

“Modern digital systems simply could not exist without trusted operations, processes and connections,” Hojjati says. “They require integrity, authentication, trusted identity and encryption.”

Public awareness, not to mention public demand for improved security, is an important catalyst. Consumer preference for digital services they can fully trust should remind  industry and company leaders to stay focused on doing what needs to get done.

Indeed, industry consensus is being shaped around new sets of standards needed to replace the outdated protocols and policies that gave us the legacy Internet. This heavy lifting is being undertaken by a number of industry forums far out of the public eye.

Refreshed standards

One milestone advance achieved by this effort is Matter 1.0 – the new home automation connectivity standard rolling out this holiday season. There are high hopes that Matter will blossom into the lingua franca for the Internet of Things.

For its part, DigiCert continues to be a prominent participant in the public-private consortia developing and refining a fresh portfolio of security standards needed to engrain digital trust. This includes new security protocols not just for digital certificates but for all things to do with smart buildings, smart transportation systems and smart infrastructure, as well.

As the details get hammered out, it would be wise for companies and industry sectors to jump on board the digital trust band wagon, the sooner the better. And if fear of losing customers adds to their motivation, then so be it.

“Digital trust by design is something company decision makers have to consider,” Hojjati says. “They need to make digital trust a strategic imperative.”

DigiCert recommends assigning a senior executive with explicit duties to support digital trust. One way to do this might be to create the role of  “digital trust officer,” Hojjati says. A DTO could focus on mitigating exposures spinning out of an ever-expanding attack surface; in other words, implementing advanced security systems and procedures on premises, for remote workers and up and down the supply chain, he says.

Clearly new rules of the road like this are needed. Encouragingly, they’re coming. I’ll keep watch and keep reporting.


Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)


Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone