Trust lies right at the heart of every market relationship. As businesses, consumers and individuals, we buy from people and organisations we have faith in. Trust is an extremely valuable and dwindling commodity that takes years to build but seconds to lose, especially in this digital age. In fact, the 2019 Edelman Trust Barometer Global Report shows that, on a global average, only 56 per cent of people trust businesses. Distrust on this scale can too easily become all-pervasive and self-reinforcing.

Organisations need to embrace the upsides of disruption and build trust by design into their strategies, operating models and their products and services. The rapid pace of disruption creates new risks and thereby demands a different way of thinking. Until now, risk has been primarily focused on avoiding negative outcomes. Trust is now the competitive differentiator in this complex and evolving landscape. The risk management of tomorrow will enable confident decision making to maximize growth, increase business value and maintain trust.

Today, organisations are increasingly investing in emerging technologies as part of their digital transformation programmes. While these create endless possibilities, they also give birth to new vulnerabilities and threats.

In this scenario, building customer trust is critical to the success of their transformation programmes. Accordingly, cybersecurity needs to be embedded in the DNA of the organisation and become an integral part of business strategy.

The EY Global Information Security Survey (GISS) shows that cybersecurity is also rising the board agenda, as firms work to optimise their programmes. The survey reveals that only six per cent of financial services companies say their information security function currently meets their organisation’s needs, but 65 per cent plan to make the required improvements.

Directors need to ask: “Are we doing well, or have we just been lucky?”, “Have we done enough?” and, “How do I develop a deeper understanding of the issue and better protect the company?”

Digital transformation has turned cybersecurity is one of the biggest challenges organisations face. It will become even more of a priority as the business world becomes increasingly digital and cyber threats continue to grow in number and sophistication. Consequently, to succeed in such a scenario, organisations must prepare themselves for emerging threats and issues by having a proactive people-centred strategy in place. If handled successfully, cybersecurity can give organisations the chance to raise awareness at the C-suite level, thereby helping to strengthen their information security governance.

Yet far from having a negative bent, cybersecurity could prove to be the making of many organisations; in fact, the GISS suggests that 77 per cent of organisations are now seeking to move beyond putting basic cybersecurity protections in place to fine-tune their capabilities.

It offers firms the chance to lead on some of the biggest changes that business will undergo. It also puts in place the necessary security control measures to prevent and minimise the impact of security incidents affecting networks and information systems on core services ensuring their smooth continuity which are critical for both internal and external operations.

Joseph Galea is the director of EY’s IT Risk & Assurance (ITRA) Services specialising in the profiling service line with over 30 years of experience in IT compliance audits, internal audits, cybersecurity risk assessments, IT transformation programmes and GDPR maturity assessments. Karen Massa is a senior in EY’s IT Risk & Assurance (ITRA) team, with significant experience in IT auditing, IT security and compliance and GDPR compliance.