You have heard ISACA® members talk a great deal about digital trust this past year—and for good reason. Digital trust is the important commitment to ensure that customers, employees and shareholders feel secure when partnering with an organization or using an organization’s product or service.
By treating security, privacy, assurance, governance and all other key components of digital trust less as afterthoughts and more as strategies organizations are better positioned to protect their customers, employees and shareholders.
As a chief information security officer (CISO), I approach digital trust primarily from a security perspective. Viewing it through that lens, digital trust is about more than fixing security bugs. It is about the tremendous opportunity to build security features that customers want and need. These security features allow more granular and transparent security controls and better authorization (i.e., multifactor authentication [MFA] options). It is my goal to use a risk-based approach driven by data and transparency to promote a security culture that is woven into products and services, and how business is conducted. Encouraging a security-focused culture and having security teams involved in product development reduces costs, helps avoid potential incidents, and creates features for privacy and security that customers and employees want.
It is also important to drive security innovation that allows organizations not only to respond to current threats and issues, but also to best position themselves to address the ever-evolving risk landscape. Organizations must stay ahead of the curve, especially as they migrate to fully cloud-based products.
As you think about your role, how do you advance digital trust? How does the work you do help your organization fulfill its commitment to its customers and stakeholders? As you read this issue of the ISACA® Journal, I hope you find additional clarity and guidance relative to your vitally important role as a digital trust professional.
As a long-time member, I am excited to see ISACA commit to digital trust to help organizations and individuals build and benefit from a safer and more secure digital world. It is an honor to be a member of ISACA’s new Digital Trust Advisory Council, and to be a part of advancing ISACA’s vision.
I hope the articles you are about to read inspire you to get more involved in advocating for stronger digital trust.
Best regards,
RINKI SETHI | CISA
Is vice president and chief information security officer at BILL, where she leads the global IT functions, advances efforts to protect BILL’s information and technology assets, and provides advice on the company’s continued innovations in the security space. Sethi serves on the board of ForgeRock, a public company in the identity and access management space, and is a member of the ISACA Digital Trust Advisory Council.