{"id":28238,"date":"2019-08-29T10:43:19","date_gmt":"2019-08-29T14:43:19","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/emagazine\/\/28238\/"},"modified":"2022-11-17T03:45:07","modified_gmt":"2022-11-17T08:45:07","slug":"privacy-transparency-digital-trust","status":"publish","type":"emagazine","link":"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/privacy-transparency-digital-trust\/28238\/","title":{"rendered":"How can we solve the crisis in trust in business?"},"content":{"rendered":"<p><strong>\u201c<\/strong>There is a crisis of trust in American democracy.\u201d So begins a 2019 report from the <a href=\"http:\/\/csreports.aspeninstitute.org\/Knight-Commission-TMD\/2019\/report\" target=\"_blank\" rel=\"noopener nofollow\">Knight Commission on Trust, Media and Democracy<\/a> organized by the Aspen Institute. It lays blame on the nation\u2019s political discourse, racial tensions, and the technology that gives people greater access to commentary and news. The report concludes that since 2018, \u201cunwelcome facts are labeled as fake.\u201d<\/p>\n<h2><strong>Rising cybercrime reduces trust<\/strong><\/h2>\n<p>Part of the problem with trust in the technology industry has to do with the ease cybercriminals now have to ply their trade<strong>.<\/strong> Once relegated to a dark corner of the internet, now many criminals operate in the public view. On the dark web, you can buy various pieces of technology such as ready-made phishing kits to seed infections, carders to collect credit card numbers, botnets and web stressors to deliver DDoS attacks, and other malware construction kits that require little to no technical expertise beyond clicking a few buttons on a web form. A <a href=\"https:\/\/www.checkpoint.com\/downloads\/resources\/under-the-hood-of-cyber-crime-security-report-2019.pdf\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">2019 report from CheckPoint<\/a> shows that anyone who\u2019s willing to pay can easily obtain these tools. Forget \u2018software-as-a-service\u2019: we\u2019re witnessing the growth of the \u2018malware-as-a-service\u2019 industry.<\/p>\n<blockquote><p>This is a team sport: security, IT, operations and risk groups all need to work together.<\/p>\n<cite><p><strong>Rohit Ghai<\/strong><\/p><p>President, RSA<\/p><\/cite><\/blockquote>\n<p>At a recent RSA forum in London, UK, I interviewed numerous experts who\u2019ve spent their careers examining cybercrime and understanding how to combat fraud. It was a somewhat sobering picture, to be sure. RSA\u2019s president, Rohit Ghai, spoke about how the largest facet of risk today is digital risk, and how businesses need to better integrate risk management and cybersecurity methods<strong>.<\/strong> \u201cThis is a team sport: security, IT, operations and risk groups all need to work together,\u201d he said. \u201cOur goal is not just about protecting apps or data, but about protecting our trust assets. We trust strangers to share our homes and cars because tech brings us together and drives the sharing economy.\u201d Ghai believes we need to replicate this trust system in the B2B world, just as Airbnb and Uber have done for consumer-based businesses.<\/p>\n<h2><strong>Trust at an all-time low?<\/strong><\/h2>\n<p><img decoding=\"async\" class=\"alignnone wp-image-28307 size-large\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2019\/08\/30164740\/M034-SHINDO-E51-1024x768.jpg\" alt=\"\" width=\"1024\" height=\"768\"><br>\nGhai agrees with the conclusions of the Knight Commission report: trust is at an all-time low. Some have become so distrustful of our digital lives that we now have a new acronym, LDL (\u2018let\u2019s discuss live\u2019)<strong>.<\/strong> But we can\u2019t, and shouldn\u2019t, turn back the clock to the analog era: we need to be able to trust each other again to fuel our growth. He mentioned that to be trustful, \u201can ethical company should do the right thing, even if no one is observing them.\u201d I liked that idea: too often, we hear about corporations that are causing damage, like polluting our environment, before denying any responsibility, or worse, covering up the details when they get caught.<\/p>\n<blockquote><p>\u0410n ethical company should do the right thing, even if no one is observing them.<\/p>\n<cite><p><strong>Rohit Ghai<\/strong><\/p><p>President, RSA<\/p><\/cite><\/blockquote>\n<p>Part of the challenge for IT professionals is that cybersecurity is really a business problem, not a failure of technology. \u201cBreaches and intrusions will occur,\u201d says Ghai. \u201cWe have to move beyond the shame of admitting a data intrusion and understanding its business impact. Our goal should be maintaining \u2018cyber-wellness\u2019<strong>,<\/strong> not trying to totally eradicate threats.\u201d<\/p>\n<p>Taking better care of customers\u2019 privacy is also good for business, as numerous reports have concluded recently. Almost half of the consumers surveyed believe there are ethical ways companies can use their data.<\/p>\n<h2><strong>How much do you value your data?<\/strong><\/h2>\n<p>Another issue is that what we say and what we actually do about maintaining our digital privacy is often at odds with each other. In a <a href=\"https:\/\/www.nber.org\/papers\/w23488\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">2017 MIT privacy experiment<\/a>, they found that student participants would quite readily give up personal data for very small incentives, such as a free pizza. And the same casual value exchange played out when Kaspersky offered up <a href=\"https:\/\/www.youtube.com\/watch?v=dqcHcnpNHIM\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">freebies in exchange for personal data<\/a> in this storefront stunt.<\/p>\n<p>This dichotomy is seen even with IT security pros. <a href=\"https:\/\/www.businesswire.com\/news\/home\/20190128005147\/en\/Yubico%E2%80%99s-2019-State-Password-Authentication-Security-Behaviors\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">Another survey<\/a> by Yubico found that more than half of IT managers who have been phished have still not changed their password behavior. If they don\u2019t change to improve their own personal security, who will?<\/p>\n<p>The same dichotomy can be said about transparency: sadly, there are few companies who are actually as transparent as they claim, either by wilfully misleading the public (Facebook is top in this regard) or by just doing a poor job of keeping their IT assets under appropriate controls (<a href=\"https:\/\/www.kaspersky.com\/blog\/british-airways-fined\/27580\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">British Airways<\/a> is a prime case study here).<\/p>\n<h2><strong>Trust is fragile<\/strong><\/h2>\n<p>Where do we go from here? Security expert <a href=\"https:\/\/www.schneier.com\/essays\/archives\/2019\/01\/evaluating_the_gchq_.html\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">Bruce Schneier says<\/a> that trust is fragile, and transparency is essential to trust. The Knight Commission report carries a series of recommendations for journalists, technology vendor managers and ordinary citizens.<\/p>\n<p>Recommendations include being better at practicing radical transparency, for journalists to disclose information sources as a rule, and making social networks step up and take responsibility for protecting their users. I hope we can implement many or all of them to make for a better, mutual and trusted future. All of us need to work together if we want to turn this around and improve customers\u2019 trust in business.<\/p>\n<p><em>This article represents the personal opinion of the author.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>With cybercrime on the rise, and mistrust of how businesses handle data, it\u2019s time to be more transparent and focus on security to win back the confidence of our customers.<\/p>\n","protected":false},"author":2517,"featured_media":46226,"template":"","coauthors":[3467],"class_list":{"0":"post-28238","1":"emagazine","2":"type-emagazine","3":"status-publish","4":"has-post-thumbnail","6":"emagazine-category-opinions","7":"emagazine-category-transparency","8":"emagazine-tag-privacy","9":"emagazine-tag-trust"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/secure-futures-magazine\/privacy-transparency-digital-trust\/28238\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/secure-futures-magazine\/privacy-transparency-digital-trust\/22008\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/secure-futures-magazine\/privacy-transparency-digital-trust\/20350\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/secure-futures-magazine\/privacy-transparency-digital-trust\/18701\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/secure-futures-magazine\/privacy-transparency-digital-trust\/14849\/"}],"acf":[],"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/emagazine\/28238","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/emagazine"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/emagazine"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2517"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/46226"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=28238"}],"wp:term":[{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/coauthors?post=28238"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}